Question

You work as the IT Administrator for a small corporate network. Employees in Branch Office 1 are working on a very sensitive project. Files for the project are store on the BranchFiles12 server. Management is concerned that if the hard drive in the server were to be stolen, sensitive information could be compromised. As a result, you have been asked to encrypt the entire System volume. The BranchFiles12 server has a built-in TPM on the motherboard.

Your task in this lab is to configure BitLocker drive encryption as follows:

Turn on BitLocker for the System (C:) drive
Turn on and activate the TPM
Save the recovery key to \\CorpFiles12\Backup
Encrypt the entire drive
Perform a BitLocker system check
To activate the TPM, restart the server and press the Delete key to enter setup.

Answer 1

To secure the BranchFiles12 server, you must configure BitLocker drive encryption with TPM activation, save a recovery key, encrypt the drive, and perform a system check. The server's BIOS or UEFI settings are accessed to activate the TPM, which is a prerequisite for enabling BitLocker.

Step-by-step explanation:

The task described involves configuring BitLocker drive encryption on the BranchFiles12 server to protect sensitive information. To accomplish this, you need to turn on BitLocker for the System (C:) drive, activate the built-in Trusted Platform Module (TPM), save the recovery key to a network location, encrypt the entire drive, and perform a system check to ensure BitLocker is properly set up. The process includes accessing the BIOS or UEFI settings to activate the TPM by restarting the server and entering the setup, usually by pressing a key such as Delete during the boot process. Once the TPM is activated, you can proceed with enabling BitLocker within the Windows environment, following the specific guidelines and steps provided by the system.