Microsoft 70-411 Exam – Q77

You have a server named Server1.

You enable BitLocker Drive Encryption (BitLocker) on Server1. You need to change the password for the Trusted Platform Module (TPM) chip.

What should you run on Server1?

A. Manage-bde.exe
B. Set-TpmOwnerAuth
C. bdehdcfg.exe
D. tpmvscmgr.exe

Correct Answer: B

Explanation:
The Set-TpmOwnerAuth cmdlet changes the current owner authorization value of the Trusted Platform Module (TPM) to a new value. You can specify the current owner authorization value or specify a file that contains the current owner authorization value. If you do not specify an owner authorization value, the cmdlet attempts to read the value from the registry.
https://technet.microsoft.com/en-us/library/jj603120.aspx

An owner authorization file is not simply a password. It is generated for a specific system. For more information on TPM, see the Trusted Platform Module Technology Overview in the TechNet library at:
http://technet.microsoft.com/en-us/library/jj131725.aspx