Question about EFS

147

I'm planning on taking the exam a week from Friday, so I'm trying to wrap up a few questions I still have.

Concerning EFS, is this technology only effective on NTFS partitions, or can an EFS encrypted file be transferred to a FAT partition and still retain its encryption status?

Thanks

dynamik

No. It will automatically be decrypted.

147

dynamik wrote:

No. It will automatically be decrypted.

That's what I thought originally, too. I found one resource that said you could protect files from being opened by using EFS, even if they were moved to a FAT partition.

dynamik

Technet wrote:

Local file operations and encrypted files

Encrypted files or folders retain their encryption after being either copied or moved, either by using My Computer or by using command-line tools, to local volumes, provided that the target volume uses the version of NTFS used in Windows 2000 or later. Otherwise, encrypted files are stored as plaintext and encrypted folders lose the encryption attribute.

http://technet.microsoft.com/en-us/library/bb457116.aspx

You might want to look at the scenario again. If a user is working while logged in, the file(s) will be encrypted and decrypted automatically, and it will be a transparent process for the user. If you copy a file to a FAT drive, the file is actually decrypted and then copied. If you, for example, remove the HD that has EFS files and put it in another machine and then copy the files to a FAT volume, you will simply be copying the encrypted data over because it has not been decrypted. The same would hold true if another user copied your EFS files to a FAT volume. The data will remain encrypted, but you will lose EFS functionality once you move the files off of NTFS. I'm guessing that resource was referring to a situation like one of those when it said that EFS would protect data on a FAT volume. You can't actively use EFS to encrypt your files on a FAT volume.

sprkymrk

dynamik wrote:

The same would hold true if another user copied your EFS files to a FAT volume. The data will remain encrypted, but you will lose EFS functionality once you move the files off of NTFS.

I'm not quite sure of what you're saying here dynamic, but if another user tried to copy your encrypted files, he would get an "Access denied" message.

dynamik

It sounds like you know exactly what I was saying, and I was just wrong

I went back and quickly added that to give another example, and apparently I didn't put as much thought into it as I should have. Nice catch.

sprkymrk

dynamik wrote:

It sounds like you know exactly what I was saying, and I was just wrong

I went back and quickly added that to give another example, and apparently I didn't put as much thought into it as I should have. Nice catch.

Okay, glad I didn't misunderstand. I've learned to be careful about coming right out and saying someone is wrong. Many times I just didn't read their post correctly. Then I have to apologize and go crawl under a rock for a while.

147

I see what you're both saying, and this discussion has helped me to better understand the quesion.

The EFS will protect the files by default, provided the user trying to move the files does not have permission to do so. If they do have permission to move the files to a FAT volume, then the files would be automatically decrypted- but that would be user error, not a conflict within the file system.

Thanks!