What should you request?

A user’s computer fails. The help desk provides the user with a new computer. The user’s Documents folder is restored from the backup.

The user reports that he can no longer access his encrypted files. The help desk recovers the files by using a data recovery agent (DRA).

You need to ensure that when users receive new computers, they can access their encrypted files without administrative intervention.

What should you request?

A.
credential roaming be enabled

B.
BitLocker be enabled on all computers

C.
user accounts be trusted for delegation

D.
the CA be configured for key archival and recovery

Explanation:
Topic 10, Humongous Insurance
Scenario:

You are an enterprise desktop support technician for Humongous Insurance.

Active Directory Configuration

The company has two offices named Office1 and Office2.

The network contains an Active Directory forest named humongousinsurance.com. An Active Directory site exists for each office. The sites are named Site1 and Site2.

Server Configuration

All servers run Windows Server 2008 R2 and are joined to the domain. The relevant servers are configured as shown in the following table.
(Exhibit)

The corporate security policy states that all domain controllers must have only the following roles:

– AD DS
– DNS server
– DHCP server

Network Configuration

Site1 and Site2 connect to each other by using a WAN link.

Client Computer Configuration

All client computers run Windows 7 Enterprise and are members of the domain. Some client computers are portable computers and some are desktop computers. The computers do not support hardware virtualization.

All computers are configured to receive Windows Updates from WSUS1.

Remote Access Configuration

Users can connect to NPAS1 from the Internet by using all of the VPN protocols that are supported by Windows Server 2008 R2.

Fabrikam, Inc. is a customer of Humongous Insurance. Several Humongous Insurance users work at the Fabrikam office and access resources on the Humongous Insurance network by using direct VPN connections to NPAS1. Fabrikam contains several wireless access points.

Application Configuration

All computers in the finance department run a custom application suite named App1.

Several users in the sales department install an application named App2. App2 runs as a service and logs on by using the credentials of the user who installed the application.