×

BITLOCK - Planning and Deploying BitLocker Drive Encryption

This 2-day instructor-led course teaches you everything you need to know about BitLocker. This course includes hands-on labs. These labs reinforce and expand on the instructor-led portion by having you actually deploy and operate BitLocker. You’ll practice techniques for setting up a BitLocker-enabled environment, implementing BitLocker on multiple system configurations, and recovering BitLocker after the detection of a possible compromise.

Data security is an increasingly critical part of IT. More and more organizations require data encryption in order to meet regulatory security requirements. BitLocker Drive Encryption is a popular choice to meet these requirements. BitLocker is a highly effective and low-cost data encryption technology that’s built into Windows. But because of this strong protection, your organization must understand and carefully plan for BitLocker deployment to avoid data loss and system downtime.

Although the labs focus primarily on Windows 10 and Windows Server 2012, the class also applies to Windows 7, Windows 8, Windows Server 2008, and Windows Server 2016.

Click here to print this page »

Prerequisites


A strong understanding of Windows deployment and management in an enterprise environment is required. Familiarity with cryptography and data storage technology is highly recommended.

Detailed Class Syllabus


Analyzing BitLocker


Context and background
Understanding BitLocker
Understanding BitLocker to Go
Cryptography
Trusted Platform Module (TPM)

Understanding BitLocker


Pre-Boot Authentication
System Tamper Detection\
System Integrity Verification
Network Unlock
Encrypted Drive Support

BitLocker Architecture


BitLocker Initialization
BitLocker Operation
BitLocker Suspend and Resume
BitLocker to Go Architecture

Planning BitLocker Deployment


Prerequisites
Examining Hardware Capabilities
Planning Configuration Options
Planning Recovery Options

IT Planning


Planning User Interaction Scenarios
Planning Recovery Key Access and Use
Planning BitLocker Deployment Through System Center Configuration Manager (SCCM)
Planning BitLocker Deployment Through Microsoft Deployment Toolkit (MDT)
Planning BitLocker Deployment Through Microsoft Baseline Administration and Monitoring (MBAM) and Microsoft Desktop Optimization Pack (MDOP)

User Planning


Identifying BitLocker Users and Devices
Educating BitLocker Users

Single Standalone Device


Configuring BitLocker Options
Enabling BitLocker
Encrypting the Drive
Verifying BitLocker Operation

Single Domain-Joined Device


Configuring BitLocker Options
Enabling BitLocker
Encrypting the Drive
Verifying BitLocker Operation

Multiple Devices


Deploying BitLocker Through Group Policy
Deploying BitLocker Through PowerShell
Deploying BitLocker Through SCCM, Altiris, and MBAM

Troubleshooting BitLocker Deployment and Operational Issues


Normal BitLocker Use
Suspending and Resuming BitLocker
BitLocker Recovery Mode
Recovering BitLocker Devices
Preventing BitLocker Recovery Mode
Managing the Trusted Platform Module (TPM)