creator/Anthropic-Cybersecurity-Skills
1
0
Fork 0
mirror of https://github.com/mukul975/Anthropic-Cybersecurity-Skills.git synced 2026-06-11 21:54:56 +03:00
Code Issues Packages Projects Releases Wiki Activity
Files
04450304b12645cb2b974ab96d28c0664758a88d
Anthropic-Cybersecurity-Skills/skills/implementing-disk-encryption-with-bitlocker/references/api-reference.md
T
mukul975 c21af3347e Complete folder anatomy for all 649 cybersecurity skills + update LICENSE to Mahipal 
- Add scripts/agent.py and references/api-reference.md to all remaining skills
- Update all 648 LICENSE files: copyright now reads 'Mahipal'
- Add implementing-security-monitoring-with-datadog (new skill with full anatomy)
- All 649 skills now have: SKILL.md, LICENSE, scripts/agent.py, references/api-reference.md
2026-03-11 00:22:12 +01:00

62 lines
1.6 KiB
Markdown
Raw Blame History

# API Reference: Implementing Disk Encryption with BitLocker
## manage-bde CLI
```powershell
# Check status
manage-bde -status C:
# Enable BitLocker with TPM
manage-bde -on C: -RecoveryPassword -EncryptionMethod AES256
# Backup recovery key to AD
manage-bde -protectors -adbackup C: -ID {protector-id}
# Lock/unlock
manage-bde -lock D:
manage-bde -unlock D: -RecoveryPassword 123456-...
```
## PowerShell BitLocker Cmdlets
```powershell
# Get BitLocker volume
Get-BitLockerVolume -MountPoint "C:"
# Enable with TPM + PIN
Enable-BitLocker -MountPoint "C:" -EncryptionMethod Aes256 `
-TpmAndPinProtector -Pin (ConvertTo-SecureString "1234" -AsPlainText -Force)
# Add recovery password
Add-BitLockerKeyProtector -MountPoint "C:" -RecoveryPasswordProtector
# Backup to AD
Backup-BitLockerKeyProtector -MountPoint "C:" -KeyProtectorId $id
```
## Compliance Checks
| Check | Severity | Requirement |
|-------|----------|-------------|
| BitLocker enabled | CRITICAL | All OS drives |
| AES-256 encryption | MEDIUM | FIPS/enterprise |
| TPM protector | HIGH | Hardware-backed |
| Recovery key escrowed | HIGH | AD DS or Azure AD |
| Full disk encrypted | MEDIUM | Not used-space only |
## Microsoft Graph API (Intune)
```python
import requests
headers = {"Authorization": "Bearer <token>"}
resp = requests.get(
"https://graph.microsoft.com/v1.0/deviceManagement/managedDevices"
"?$select=deviceName,isEncrypted",
headers=headers)
```
### References
- BitLocker: https://learn.microsoft.com/en-us/windows/security/operating-system-security/data-protection/bitlocker/
- BitLocker PowerShell: https://learn.microsoft.com/en-us/powershell/module/bitlocker/
Reference in New Issue View Git Blame Copy Permalink