Cyber Monday 2024! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions

Microsoft Exam MD-100 Topic 10 Question 49 Discussion

Actual exam question for Microsoft's MD-100 exam
Question #: 49
Topic #: 10
[All MD-100 Questions]

Your network contains an Active Directory domain. The domain contains computers that run Windows 10.

You must ensure that Windows BitLocker Drive Encryption is enabled on all client computers, even though a Trusted Platform Module (TPM) chip is installed in only some of them.

You need to accomplish this goal by using one Group Policy object (GPO).

What should you do?

Show Suggested Answer Hide Answer
Suggested Answer: C

We need to allow Windows BitLocker Drive Encryption on all client computers (including client computers that do not have Trusted Platform Module (TPM) chip).

We can do this by enabling the option to allow BitLocker without a compatible TPM in the group policy. The 'Allow BitLocker without a compatible TPM' option is a checkbox in the 'Require additional authentication at startup' group policy setting. To access the 'Allow BitLocker without a compatible TPM' checkbox, you need to first select Enabled on the 'Require additional authentication at startup' policy setting.


https://docs.microsoft.com/en-us/windows/security/information-protection/bitlocker/bitlocker-group-policy-settings#bkmk-unlockpol4

Contribute your Thoughts:

Currently there are no comments in this discussion, be the first to comment!


Save Cancel