You have a server named Server1 that runs Windows Server 2012 R2.
Server1 has a single volume that is encrypted by using BitLocker Drive Encryption (BitLocker).
BitLocker is configured to save encryption keys to a Trusted Platform Module (TPM). Server1 is
configured to perform a daily system image backup.
The motherboard on Server1 is upgraded.
After the upgrade, Windows Server 2012 R2 on Server1 fails to start.
You need to start the operating system on Server1 as soon as possible.
What should you do?
A.
Start Server1 from the installation media. Run startrec.exe.
B.
Move the disk to a server that has a model of the old motherboard. Start the server from the
installation media. Run bcdboot.exe.
C.
Move the disk to a server that has a model of the old motherboard. Start the server. Run tpm.msc.
D.
Start Server1 from the installation media. Perform a system image recovery.
Explanation:
By moving the hard drive to server with that has a model of the old motherboard the system would
be able to start. As BitLocker was configured to save encryption keys to a Trusted Platform Module
(TPM), we can use tpm.msc to access the TPM settings.
Note: After you replaced the motherboard, you need to repopulate the TPM with new information
regarding the encryption of the hard disk.
We use these commands to repopulate the information in the TPM (without PIN):
manage-bde –delete -protectors C: -type TPM
manage-bde –protectors –add C: -tpm
Incorrect:
Not D. After the system image recovery you would still have the new motherboard installed. The
problem would return.BitLocker – New motherboard replacement
It’s recovery:
https://technet.microsoft.com/en-us/library/cc732774.aspx
System recovery
A number of scenarios can trigger a recovery process, for example:
Moving the BitLocker-protected drive into a new computer.
****Installing a new motherboard with a new TPM.****
****Turning off, disabling, or clearing the TPM.****
Updating the BIOS.
Updating option ROM.
Upgrading critical early boot components that cause system integrity validation to fail.
Forgetting the PIN when PIN authentication has been enabled.
Losing the USB flash drive containing the startup key when startup key authentication has been enabled.
0
0
If the computer is equipped with a compatible TPM, BitLocker uses the TPM to lock the encryption keys that protect the data. As a result, the keys cannot be accessed until the TPM has verified the state of the computer. Encrypting the entire volume protects all of the data, including the operating system itself, the Windows registry, temporary files, and the hibernation file. Because the keys needed to decrypt data remain locked by the TPM, an attacker cannot read the data just by removing your hard disk and installing it in another computer.
0
0
System image Backups are not encrypted. So Answer D will work and is the preferred Answer.
1
0
For people that is still confused.
It’s a trick question, C and D is correct for sure. Buuuut question says…
“As soon as possible”
What will best fits in this “possible”?
Of course is perform a system recovery that is more fast then go to have fun with Hardware. =]
Right guys?
Thanks and good study everyone
0
0
David says:
January 9, 2016 at 9:38 pm
https://technet.microsoft.com/en-us/library/hh211414.aspx
When drives, folders, and files are backed up by the server, an unencrypted version is saved to the server. During full system restore, this unencrypted version is copied to the computer. After a successful full system restore, you have to reactivate BitLocker on the server.
so the backed up image is just an image without encryption. we can simply restore it and then after restoring we can enable bitlocker again if needed.
I think D should fix the problem
1
0
I’ll also go with D
1
0
D
1
0
Bitlocker is not in 70-412 content.
0
0