Which server should you identify?

You plan to enable Credential Guard on four servers. Credential Guard secrets will be bound to the TPM The servers run Windows Server 201 & and are configured as shown in the following table.

You need to identify which server you must modify to support the planned implementation
Which server should you identify?
A. Server1
B. Server2
C. Server3
D. Server4

microsoft-exams

7 thoughts on “Which server should you identify?

  1. K is correct, the correct answer is C.
    Defender Credential Guard uses:
    -Support for Virtualization-based security (required)
    -Secure boot (required)
    -TPM 2.0 either discrete or firmware (preferred – provides binding to hardware)
    -UEFI lock (preferred – prevents an attacker from disabling with a simple registry key change)

  2. Not C because : hypervisor installed : None
    Maybe A because : TPM 1.2 or 2.0, either discrete or firmware (preferred – provides binding to hardware)

  3. Incorrect, answer should be C, one of requirements Windows hypervisor
    https://docs.microsoft.com/en-us/windows/security/identity-protection/credential-guard/credential-guard-requirements
    Windows Defender Credential Guard uses:
    Support for Virtualization-based security (required)
    Secure boot (required)
    TPM 1.2 or 2.0, either discrete or firmware (preferred – provides binding to hardware)
    UEFI lock (preferred – prevents attacker from disabling with a simple registry key change) 2.3.1.c or higher
    The Virtualization-based security requires:
    64-bit CPU
    CPU virtualization extensions plus extended page tables
    Windows hypervisor

Leave a Reply

Your email address will not be published. Required fields are marked *


The reCAPTCHA verification period has expired. Please reload the page.