1.2.4.2.2.16 Set 'Allow BitLocker without a compatible TPM' to 'False'

Information

This policy setting allows you to configure whether BitLocker requires additional authentication each time the
computer starts and whether you are using BitLocker with or without a Trusted Platform Module (TPM).

Solution

Make sure 'Allow BitLocker without a compatible TPM' is set to 'False'

See Also

https://workbench.cisecurity.org/files/17

Item Details

Category: IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

References: 800-53|IA-5c., 800-53|SC-28(1), CSCv6|13.2, CSCv6|16.11

Plugin: Windows

Control ID: 71ebb3fe6a26e8861e1ef0384749ffd492c1d3104f76d7d66d53c96f60226ce2