Home » Microsoft » 70-646 » What should you recommend?
Your company has a main office and a branch office. Your network contains a single Active Directory domain.
You install 25 Windows Server 2008 R2 member servers in the branch office.
You need to recommend a storage solution that meets the following requirements:
. Encrypts all data on the hard disks.
. Allows the operating system to start only when the authorized user is present.
What should you recommend?
A. Encrypting File System (EFS)
B. File Server Resource Manager (FSRM)
C. Windows BitLocker Drive Encryption (BitLocker)
D. Windows System Resource Manager (WSRM)
Correct Answer: C
Explanation/Reference:
BITLOCKER DRIVE ENCRYPTION
BitLocker Drive Encryption is a data protection feature available Windows Server 2008 R2 and in some editions of Windows 7. Having BitLocker integrated with the operating system addresses the threats of data theft or exposure from lost, stolen, or inappropriately decommissioned computers.
BitLocker provides the most protection when used with a Trusted Platform Module (TPM) version 1.2. The TPM is a hardware component installed in many newer computers by the computer manufacturers. It works with BitLocker to help protect user data and to ensure that a computer has not been tampered with while the system was offline.
On computers that do not have a TPM version 1.2, you can still use BitLocker to encrypt the Windows operating system drive. However, this implementation will require the user to insert a USB startup key to start the computer or resume from hibernation, and it does not provide the pre-startup system integrity verification offered by BitLocker with a TPM.
http://technet.microsoft.com/en-us/library/cc732774.aspx
