Regarding your 1st question, the way to push the files from the management console is exactly the same that you used to install EEPC 5.2.2. I mean, this version thas not include any tool to push the installation set from the Management Console.
I'm not sure about your 2nd question. I guess that if the software and the user has access to the keys, it should be able to decrypt the files. However, I'll test it before in a test environment, as this encrypted information is normally very important to make things to it without being sure which will be the results.