Free Trial

Safari Books Online is a digital library providing on-demand subscription access to thousands of learning resources.

Microsoft Windows Server 2008: Data Protection Note It is important to create a recovery password in case there are any hardware failures that may prevent the system from booting. Things such as motherboard failures and USB flash drive failures, where applicable, will affect the system. If a hardware failure occurs, the only way to recover the data is through the recover mode, and a recovery password is required. There are no other ways to restore the data without the recovery password. The default configuration for BitLocker is to be used in conjunction with a TPM. The TPM is a hardware microchip embedded into the motherboard that is used to store the encryption keys. This protects the hard drive even if it has been removed from the computer and installed into another computer. You can also use BitLocker on systems that don't have the TPM hardware manufactured on the mother board. You can do this by changing the BitLocker's default configurations with either a Group Policy or a script. When you use BitLocker without a TPM, you must store the key on a USB flash drive and insert the USB flash drive into the computer for the system to boot. The hardware and software requirements for BitLocker are: # A computer that is capable of running Windows Server 2008 # A Trusted Platform Module version 1.2, enabled in BIOS # A Trusted Computing Group (TCG)-compliant BIOS. # Two NTFS disk partitions, one for the system volume and one for the operating system volume