You administer computers that run Windows 8 Pro and are members of an Active Directory domain.
The computers are encrypted with BitLocker and are configured to store BitLocker encryption
passwords in Active Directory. A user reports that he has forgotten the BitLocker encryption
password for volume E on his computer. You need to provide the user a BitLocker recovery key to
unlock the protected volume. Which two actions should you perform? (Each correct answer
presents part of the solution. Choose two.)
A.
Ask the user for his computer name.
B.
Ask the user to run the manage-bde-unlock E:-pw command.
C.
Ask the user for his logon name.
D.
Ask the user for a recovery key ID for the protected volume.
Explanation:
(1) Saying a name does not verify you at all. You can easily find out the name of the owner if you
have the access to the PC. For example, open Outlook or simply press Start to verify username. In
such cases mobile phone call verification would is preferred, but it is not mentioned in the answers.
(2) It is mentioned in the conditions, that some (NOT ONE) volumes on the computers are
encrypted. This means you will have to find out which is locked. So you need recovery key ID.
http://www.concurrency.com/blog/enable-bitlocker-automatically-save-keys-to-active-directory/