A user's employment was recently terminated due to suspicions of corporate espionage.As part of a security audit,you have been assigned to investigate any files related to the user that was terminated.Unfortunately,due to unknown circumstances,the user's profile was lost.However,you have found several files believed to have been created by the user,that have been encrypted via EFS.Because your environment runs on Windows Server 2008 Enterprise edition,you are counting upon automatic key archival to gain access to the encrypted files.
Once the certificate manager locates the key in the CA database,what kind of user must be contacted in order to decrypt the key?
A)A data recovery agent
B)A key recovery agent responsible for the key
C)An administrator with permissions to the encrypted file that is also a member of the Data Recovery Operators group
D)No user can accomplish this task;Microsoft support must be contacted and the key sent to a designated Microsoft Special Situations Auditor (MSSA)for decryption

Question

Quizplus · Accepted Answer

In order to decrypt the key, a key recovery agent responsible for the key must be contacted. This agent is responsible for managing the recovery of keys when necessary, and should have access to the necessary tools to decrypt the encrypted files. A data recovery agent is responsible for recovering lost data and would not necessarily have the ability to decrypt the key. An administrator with permissions to the encrypted file that is also a member of the Data Recovery Operators group may have some increased privileges, but a key recovery agent is still required for decryption. Contacting Microsoft support and sending the key to a designated MSSA is not necessary in this situation, as the key should be able to be recovered through the use of a key recovery agent.

A User's Employment Was Recently Terminated Due to Suspicions of Corporate