SY0-301 · Question #255
Which of the following should be enabled in a laptop's BIOS prior to full disk encryption?
The correct answer is D. TPM. TPM (Trusted Platform Module) is a dedicated hardware chip on the motherboard that must be enabled in the BIOS before full disk encryption (such as BitLocker) can be used. The TPM stores the encryption keys and performs platform integrity checks at boot time, ensuring the system
Question
Which of the following should be enabled in a laptop's BIOS prior to full disk encryption?
Options
- AUSB
- BHSM
- CRAID
- DTPM
How the community answered
(27 responses)- B4% (1)
- C4% (1)
- D93% (25)
Explanation
TPM (Trusted Platform Module) is a dedicated hardware chip on the motherboard that must be enabled in the BIOS before full disk encryption (such as BitLocker) can be used. The TPM stores the encryption keys and performs platform integrity checks at boot time, ensuring the system hasn't been tampered with before releasing the decryption key. Without TPM enabled, many FDE solutions cannot securely seal and unseal the encryption key. Option A (USB) is a peripheral interface. Option B (HSM - Hardware Security Module) is an external enterprise device, not a BIOS setting. Option C (RAID) is a storage redundancy technology unrelated to encryption.
Topics
Community Discussion
No community discussion yet for this question.