4. Click Turn On BitLocker, as shown in Figure 10-9.
5. Click Continue with BitLocker Drive Encryption when asked if you want to
use BitLocker Drive Encryption, as shown in Figure 10-10.
Figure 10-8. Allowing BitLocker without a compatible TPM
347 Chapter 10: Windows DNS, BitLocker Drive Encryption, and Itanium Support
Figure 10-9. Turn on BitLocker.
Figure 10-10. Confirm that you want to encrypt the volume.
348 Microsoft Windows Server 2008 Administration
6. Select a BitLocker startup preference. You can choose Use BitLocker without
Additional Keys, which uses TPM only authentication. You can then choose
Require PIN at Every Startup or Require a Startup USB Key at Every Startup.
The last option is your only choice if you do not have a compatible TPM on
your system, as shown in Figure 10-11.
7. You will then be prompted to save the recovery password (Figure 10-12). Select
the location that best suits your needs and click Next.
8. Make sure that the Run BitLocker System Check is enabled and click Continue,
as shown in Figure 10-13.
9. Click Restart Now to begin the encryption process.
Figure 10-11. Configure BitLocker startup preferences.
349 Chapter 10: Windows DNS, BitLocker Drive Encryption, and Itanium Support
Figure 10-12. Specify the location at which to save the recovery password.
Figure 10-13. Verify that Run BitLocker System Check is enabled.
350 Microsoft Windows Server 2008 Administration
BitLocker Recovery
Whenever you talk about encryption, you must include a discussion about how to recover
the data if the original protection unlocking mechanism doesn??™t work.
Pages:
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388