A company has an Active Directory Domain Services (AD DS) domain with Windows 10 Enterprise client computers.You need to minimize the amount of Trusted Platform Module (TPM) authorization information that is stored in the registry.What should you do?References: https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-8.1-and-8/jj679889(v=ws.11)#BKMK_tpmgp_oauthos
Question:
What should you do?
Options:
Create a Group Policy Object (GPO) that enables the Turn on TPM Local Encryption policy setting.
Enable Platform Configuration Register indices (PCRs) 0, 2, 4, and 11 for the Configure TPM validation profile for native UEFI firmware configuration policy setting.
Create a Group Policy Object (GPO) that disables the Configure the level of TPM owner authorization information available to operating system policy setting.
Create a Group Policy Object (GPO) that sets the Configure the level of TPM owner authorization information available to operating system policy setting to None.
Correct Answer
The Correct Answer for this Question is
Create a Group Policy Object (GPO) that sets the Configure the level of TPM owner authorization information available to operating system policy setting to None.
