Policy : Microsoft Windows: BitLocker-protected removable drives recovery (require AD)

Vulnerability Search		Search 324607 CVE descriptions and 145615 test descriptions, access 10,000+ cross references.
	Tests CVE All

Test ID: 1.3.6.1.4.1.25623.1.0.109417

Category: Policy

Title: Microsoft Windows: BitLocker-protected removable drives recovery (require AD)

Summary: This policy setting allows you to control how BitLocker-protected;removable data drives are recovered in the absence of the required credentials. This policy setting;is applied when you turn on BitLocker.;;In 'Save BitLocker recovery information to Active Directory Domain Services' choose which BitLocker;recovery information to store in AD DS for removable data drives. If you select 'Backup recovery;password and key package', both the BitLocker recovery password and key package are stored in AD DS.;If you select 'Backup recovery password only' only the recovery password is stored in AD DS.;;Select the 'Do not enable BitLocker until recovery information is stored in AD DS for removable data;drives' check box if you want to prevent users from enabling BitLocker unless the computer is;connected to the domain and the backup of BitLocker recovery information to AD DS succeeds.;;Note: If the 'Do not enable BitLocker until recovery information is stored in AD DS for fixed data;drives' check box is selected, a recovery password is automatically generated.;;(C) Microsoft Corporation 2015.

Description: Summary:
This policy setting allows you to control how BitLocker-protected
removable data drives are recovered in the absence of the required credentials. This policy setting
is applied when you turn on BitLocker.

In 'Save BitLocker recovery information to Active Directory Domain Services' choose which BitLocker
recovery information to store in AD DS for removable data drives. If you select 'Backup recovery
password and key package', both the BitLocker recovery password and key package are stored in AD DS.
If you select 'Backup recovery password only' only the recovery password is stored in AD DS.

Select the 'Do not enable BitLocker until recovery information is stored in AD DS for removable data
drives' check box if you want to prevent users from enabling BitLocker unless the computer is
connected to the domain and the backup of BitLocker recovery information to AD DS succeeds.

Note: If the 'Do not enable BitLocker until recovery information is stored in AD DS for fixed data
drives' check box is selected, a recovery password is automatically generated.

(C) Microsoft Corporation 2015.

CVSS Score:
0.0

CVSS Vector:
AV:L/AC:H/Au:S/C:N/I:N/A:N

Copyright Copyright (C) 2018 Greenbone Networks GmbH

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit.
To run a free test of this vulnerability against your system, register below.

Test ID:	1.3.6.1.4.1.25623.1.0.109417
Category:	Policy
Title:	Microsoft Windows: BitLocker-protected removable drives recovery (require AD)
Summary:	This policy setting allows you to control how BitLocker-protected;removable data drives are recovered in the absence of the required credentials. This policy setting;is applied when you turn on BitLocker.;;In 'Save BitLocker recovery information to Active Directory Domain Services' choose which BitLocker;recovery information to store in AD DS for removable data drives. If you select 'Backup recovery;password and key package', both the BitLocker recovery password and key package are stored in AD DS.;If you select 'Backup recovery password only' only the recovery password is stored in AD DS.;;Select the 'Do not enable BitLocker until recovery information is stored in AD DS for removable data;drives' check box if you want to prevent users from enabling BitLocker unless the computer is;connected to the domain and the backup of BitLocker recovery information to AD DS succeeds.;;Note: If the 'Do not enable BitLocker until recovery information is stored in AD DS for fixed data;drives' check box is selected, a recovery password is automatically generated.;;(C) Microsoft Corporation 2015.
Description:	Summary: This policy setting allows you to control how BitLocker-protected removable data drives are recovered in the absence of the required credentials. This policy setting is applied when you turn on BitLocker. In 'Save BitLocker recovery information to Active Directory Domain Services' choose which BitLocker recovery information to store in AD DS for removable data drives. If you select 'Backup recovery password and key package', both the BitLocker recovery password and key package are stored in AD DS. If you select 'Backup recovery password only' only the recovery password is stored in AD DS. Select the 'Do not enable BitLocker until recovery information is stored in AD DS for removable data drives' check box if you want to prevent users from enabling BitLocker unless the computer is connected to the domain and the backup of BitLocker recovery information to AD DS succeeds. Note: If the 'Do not enable BitLocker until recovery information is stored in AD DS for fixed data drives' check box is selected, a recovery password is automatically generated. (C) Microsoft Corporation 2015. CVSS Score: 0.0 CVSS Vector: AV:L/AC:H/Au:S/C:N/I:N/A:N
Copyright	Copyright (C) 2018 Greenbone Networks GmbH