1.2.4.2.1.11 Set 'Do not enable BitLocker until recovery information is stored to AD DS for fixed data drives' to 'False'

Information

This policy setting allows you to control how BitLocker-protected fixed data drives are recovered in the
absence of the required credentials.

Solution

Make sure Set 'Do not enable BitLocker until recovery information is stored to AD DS for fixed data drives' is set to 'False'

See Also

https://workbench.cisecurity.org/files/17

Item Details

Category: CONTINGENCY PLANNING, SYSTEM AND COMMUNICATIONS PROTECTION

References: 800-53|CP-10(6), 800-53|SC-28(1), CSCv6|10.3, CSCv6|13.2

Plugin: Windows

Control ID: 78296214f3dff3c26103b670de4473f36f96f0e5e62ccfc1ff49676025a90323