Your network contains an Active Directory domain named contoso.com.
The functional level of the forest and the domain is Windows Server 2008 R2.
The domain contains the servers configured as shown in the following table.
You have an organizational unit (OU) named Marketing that contains the computers in the marketing
department.
You have an OU named Finance that contains the computers in the finance department.
You have an OU named AppServers that contains application servers.
A Group Policy object (GPO) named GP1 is linked to the Marketing OU. A GPO named GP2 is linked to the
AppServers OU.
You install Windows Defender on Nano1.
You plan to implement BitLocker Drive Encryption (BitLocker) on the operating system volumes of the
application servers.
You need to ensure that the BitLocker recovery keys are stored in Active Directory. Which Group Policy setting
should you configure?
A.
Store BitLocker recovery information in Active Directory Domain Services (Windows Server 2008 and
Windows Vista)
B.
Choose how BitLocker-protected operating system drives can be recovered
C.
System cryptography: Use FIPS compliant algorithms for encryption, hashing, and signing
D.
System cryptography: Force strong key protection for user keys stored on the computer
Explanation:
https://technet.microsoft.com/en-us/library/jj679890%28v=ws.11%29.aspx?f=255&MSPPError=-
2147217396#BKMK_rec1
