PdfPrep.com

Which Group Policy should you configure?

Note: This question is part of a series of questions that use the same scenario. For yourconvenience, the scenario is repeated in each question. Each question presents a different goaland answer choices, but the text of the scenario is exactly the same in each question in this series.

Start of repeated scenario.

Your company has a marketing department.

The network contains an Active Directory domain named contoso.com.

The domain contains the servers configured as shown in the following table.

All servers run Windows Server 2016. All client computers run Windows 10 and are domain members. All laptops are protected by using BitLocker Drive Encryption (BitLocker).

You have an organizational unit (OU) named OU1 that contains the computer accounts of application servers. An OU named OU2 contains the computer accounts of the computers in the marketing department. A Group Policy object (GPO) named GP1 is linked to OU1. A GPO named GP2 is linked to OU2.

All computers receive updates from Server1. You create an update rule named Update1.

End of repeated scenario.

You need to ensure that you can encrypt the operating system drive of VM1 by using BitLocker.

Which Group Policy should you configure?
A . Configure use of hardware-based encryption for operating system drives
B . Configure TPM platform validation profile for native UEFI firmware configurations
C . Require additional authentication at startup
D . Configure TPM platform validation profile for BIOS-based firmware configurations

Answer: C

Explanation:

References:

https://www.dell.com/support/article/za/en/zadhs1/sln171842/using-the-group-policy-editor-to-enable­bitlocker-authentication-in-the-pre-boot-environment-for-windows-7-8-8-1-10?lang=en

Exit mobile version