ExamTopics Logo
Mail Us[email protected]
Menu
Microsoft Discussions
exam questions

Exam MD-100 All Questions

View all questions & answers for the MD-100 exam
Go to Exam

Exam MD-100 topic 4 question 33 discussion

Actual exam question from Microsoft's MD-100
Question #: 33
Topic #: 4
[All MD-100 Questions]

Your network contains an Active Directory domain. The domain contains the objects shown in the following table.

The domain is configured to store BitLocker Drive Encryption (BitLocker) recovery passwords.
User1 encrypts an external disk on Computer1 by using BitLocker to Go.
User2 moves the external disk to Computer2 and unlocks the disk.
You need to view the BitLocker recovery password.
Which objects are used to store the recovery password?

  • A. Computer1 and Computer2 only
  • B. User1 only
  • C. Computer1 only
  • D. User1 and Computer1 only
  • E. User1 and User2 only
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️
Reference:
https://docs.microsoft.com/en-us/windows/security/information-protection/bitlocker/bitlocker-and-adds-faq
by Davidchercm at June 14, 2021, 5:57 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Kodoi
1 year, 11 months ago
Selected Answer: B
This is not a BitLocker question. This is a BitLocker to Go question. With BitLocker to Go encryption, the recovery key is not stored in the OU of the drive or AD. It must be saved by the user themselves when they encrypt. The use of BitLocker to Go is officially deprecated. In my opinion, it is unlikely that this question will be asked.
upvoted 1 times
...
Kock
2 years, 9 months ago
RESPOSTA CORRETA: Quando um computador entra no modo de recuperação, o usuário deve digitar a senha de recuperação correta para continuar. A senha de recuperação está vinculada a um determinado TPM ou computador e não a um usuário individual. https://learn.microsoft.com/pt-br/training/modules/explore-device-encryption-features/4-recover-bitlocker-encrypted-drive
upvoted 2 times
...
99redeyeflight
3 years, 2 months ago
Answer seems correct When AD recovery passwords are backed up to AD, they can be accessed on the "Bitlocker Recovery" tab within the computer AD object https://docs.microsoft.com/en-us/windows/security/information-protection/bitlocker/bitlocker-use-bitlocker-recovery-password-viewer
upvoted 1 times
...
PChi
3 years, 3 months ago
You can store the recovery key on a file (hence computer 1) or on a usb or print the recovery key. DRA can be used as well. Would the answer not be user 1 and computer 1? Since user 1 is the one who ecrypted the drive?
upvoted 1 times
...
SeanQ
3 years, 11 months ago
You can backup recovery key on your computer 1 when you start to use BitLocker Drive Encryption (BitLocker). so the answer is right.
upvoted 1 times
...
cdhoesje
3 years, 12 months ago
my last mabey if the key is stored in AD such as the question is telling. De key is importerd in AD and is in de Computer object. So answer is correct! Only computer 1
upvoted 3 times
...
cdhoesje
4 years ago
No, again the (only) mark is not correct in al options. You can always do 'manage-bde -protectors D: -get' from all computers, and only user one must de crypt the drive first. Tested on one USB with multiple computers
upvoted 4 times
...
Davidchercm
4 years ago
is the answer correct?
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel