A company has an Active Directory Domain Services (AD
DS) domain. All client computers run Windows 10 Enterprise.
You are configuring security for a portable client computer that does not have a Trusted Platform Module (TPM) chip installed.
You need to configure local Group Policy to tum on Windows BitLocke
r Drive Encryption on the computer.
Which two actions should you perform? Each correct answer presents part of the solution.
NOTE:
Each correct selection is worth one point.
A. Enable the Enforce drive encryption type on operating system drives policy s
etting.
B. Enable the option to allow BitLocker without a compatible TPM.
C. Enable the Require additional authentication at startup policy setting.
D. Configure the TPM validation profile to enable Platform Configuration Register indices (PCRs) 0, 2, 4, a
nd 11.
References: https://www.howtogeek.com/howto/6229/how-to-use-bitlocker-on-drives-without-tpm/