Your network contains an Active Directory domain named contoso.com. The domain functional level in Windows Server 2008. All domain controllers run Windows
Server 2008 R2. The domain contains a file server named Server1 that runs Windows Server 2012. Server1 has a BitLocker Drive Encryption (BitLocker)-encrypted
drive. Server1 uses a trusted Platform Module (TPM) chip. You enable the Turn on TPM backup to Active Directory Domain Services policy setting by using a
Group Policy object (GPO). You need to ensure that you can back up the BitLocker recovery information to Active Directory. What should you do?
A.
Upgrade a domain controller to Windows 2012.
B.
Enable the Store BitLocker recovery information in the Active Directory Services (Windows Server2008 and Windows Vista) policy settings.
C.
Raise the forest functional level to Windows 2008 R2.
D.
Add a BitLocker data recovery agent
Raise the forest functional level to Windows 2008 R2.
It’s A.
“If you are not upgrading your domain controller to Windows Server 2012 you need to extend the schema to support this change. If Active Directory backup of the TPM owner authorization value is enabled in a Windows Server 2008 R2 environment without extending the schema, the TPM provisioning will fail and the TPM will remain in a Not Ready state for computers running Windows 8.”
https://technet.microsoft.com/en-us/library/jj635854.aspx
So either you extend the schema or you upgrade the DC.
Agree A is the only valid answer (since the schema extension for 2008 R2 was not listed).
Note: If you will use a domain controller running Windows Server 2003 with SP1 or SP2, you will need to apply the schema extension (BitLockerTPMSchemaExtension.ldf) to store BitLocker and TPM passwords in Active Directory. This file can be downloaded from the Configuring Active Directory to Back up Windows BitLocker Drive Encryption and Trusted Platform Module Recovery Information download page.
B. is correct