You have a server named Server1 that runs Windows Server 2012 R2.
Server1 has a single volume that is encrypted by using BitLocker Drive Encryption (BitLocker).
BitLocker is configured to save encryption keys to a TrustedPlatform Module (TPM). Server1 is
configured to perform a daily system image backup.
The motherboard on Server1 is upgraded.
After the upgrade, Windows Server 2012 R2 on Server1 fails to start.
You need to start the operating system on Server1 as soon as possible.
What should you do?
A.
Start Server1 from the installation media. Run startrec.exe.
B.
Move the disk to a server that has a model of the old motherboard. Start the server from the
installation media. Run bcdboot.exe.
C.
Move the disk to a server that has a model of the old motherboard. Start the server. Run
tpm.msc.
D.
Start Server1 from the installation media. Perform a system image recovery.
Explanation:
By moving the hard drive to server with that has a model of the old motherboard the system would
be able to start. As BitLocker was configured to save encryption keys to a TrustedPlatform Module
(TPM), we can use tpm.msc to access the TPM settings.
Note: After you replaced the motherboard, you need to repopulate the TPM with new information
regarding the encryption of the hard disk.
We use these commands to repopulate the information in the TPM (without PIN):
manage-bde –delete -protectors C: -type TPM
manage-bde –protectors –add C: -tpm
Incorrect:
Not D. After the system image recovery you would still have the new motherboard installed. The
problem would return.
BitLocker – New motherboard replacement
https://technet.microsoft.com/ru-ru/library/hh228214%28v=ws.11%29.aspx?f=255&MSPPError=-2147217396
When drives, folders, and files are backed up by the server, an unencrypted version is saved to the server. During full system restore, this unencrypted version is copied to the computer. After a successful full system restore, you have to reactivate BitLocker on the server.
Answer D
for c: encryption key is being asked for, and needs to be manually input, each time the computer is restarted
1
0
I’d say answer is D. There is no answer which gives you access to the original motherboard, only one of the same model. The original motherboard is needed if any drives are going to decrypt. If no decryption is possible then system image recovery is the solution.
3
0
As messed-up as it sounds, I believe the given answer to be correct. The reason for this is you just need the same type of TPM in order to decrypt the drive using “MANAGE-BDE.” When you have the same type of TPM you just need to remove the protectors. Then you can move the drive to the new motherboard to configure Bitlocker again.
0
2
but the decryption keys are stored in the TPM of the original mainboard wich is not an option in any of the answers. manually entering the key and then store it to new TPM is also not listed…
so you have no other option as to get the system image backup and restore this to the new equipped system.
1
0
Answer D.
After the new motherboard replacement i go to start->run->tpm.msc and click initialize tpm.this gives me options to set the owner password and save it(either to disk or print it).
I want to be able to backup the new TPM owner password hash to AD.
2
0
Answer D
You need the password or the same TPM chip which is not an option since the MB was replaced. An identical MB with a TPM chip is not going to help.
2
0