You have a hybrid Microsoft 365 deployment that contains the Windows 10 devices shown in the following table. You assign a Microsoft Endpoint Manager disk encryption policy that automatically and silently enables BitLocker Drive Encryption (BitLocker) on all the devices. Which devices will have BitLocker enabled? A. Device1, Device2, and Device3 B. Device2 only C. Device1 and Device2 only D. Device2 and Device3 only  Suggested Answer: B To silently enable BitLocker, the device must be Azure AD Joined or Hybrid Azure AD Joined and the device must contain TPM (Trusted Platform Module) 2.0. Incorrect Answers: A: Device1 is not Azure AD Joined or Hybrid Azure AD Joined, and the TPM version on Device3 is only 1.3. To silently enable BitLocker, the device must be Azure AD Joined or Hybrid Azure AD Joined and the device must contain TPM (Trusted Platform Module) 2.0. C: Device1 is not Azure AD Joined or Hybrid Azure AD Joined. To silently enable BitLocker, the device must be Azure AD Joined or Hybrid Azure AD Joined. D: The TPM version on Device3 is only 1.3. To silently enable BitLocker, the device must contain TPM (Trusted Platform Module) 2.0. Reference: https://docs.microsoft.com/en-us/mem/intune/protect/encrypt-devices This question is in MS-500 Microsoft 365 Security Administration Exam For getting Microsoft Certified: Security, Compliance, and Identity Fundamentals Certificate Disclaimers: The website is not related to, affiliated with, endorsed or authorized by Microsoft. The website does not contain actual questions and answers from Microsoft's Certification Exams. Trademarks, certification & product names are used for reference only and belong to Microsoft.
Please login or Register to submit your answer