Microsoft 70-411 Exam – Q79

Your network contains an Active Directory domain named contoso.com. You have a failover cluster named Cluster1. All of the nodes in Cluster1 have BitLocker Drive Encryption (BitLocker) installed.

You plan to add a new volume to the shared storage of Cluster1. You need to add the new volume to the shared storage. The solution must meet the following requirements:
– Encrypt the volume.
– Avoid using maintenance mode on the cluster.

Which three actions should you perform? To answer, move the three appropriate actions from the list of actions to the answer area and arrange them in the correct order.

Select and Place:
79a

Correct Answer:
79b

Explanation:
When using BitLocker with volumes designated for a cluster, the volume will need to turn on BitLocker before its addition to the storage pool within cluster or put the resource into maintenance mode before BitLocker operations will complete.

When the cluster service owns a disk resource already, it needs to be set into maintenance mode before BitLocker can be enabled.

Turning on BitLocker before adding disks to a cluster using Windows PowerShell BitLocker encryption is available for disks before or after addition to a cluster storage pool. The advantage of encrypting volumes prior to adding them to a cluster is that the disk resource does not require suspending the resource to complete the operation. To turn on BitLocker for a disk before adding it to a cluster, do the following:

1. Install the BitLocker Drive Encryption feature if it is not already installed.

2. Ensure the disk is formatted NTFS and has a drive letter assigned to it.

3. Enable BitLocker on the volume using your choice of protector. A password protector is used in the Windows PowerShell script example below.
Enable-BitLocker E: -PasswordProtector -Password $pw

4. Identify the name of the cluster with Windows PowerShell.
Get-Cluster

5. Add an ADAccountOrGroupProtector to the volume using the cluster name using a command such as:
Add-BitLockerProtector E: -ADAccountOrGroupProtector -ADAccountOrGroup CLUSTER$

6. Repeat steps 1-6 for each disk in the cluster.

7. Add the volume(s) to the cluster.

https://technet.microsoft.com/en-us/library/dn383585.aspx