BitLocker nug txog tus yuam sij rov qab ntawm txhua lub khau raj

BitLocker nkag rov qab tom qab hloov khau raj (TPM/BIOS/UEFI, USB-C/TBT, Ruaj Ntseg, khau raj sab nraud).
Tus yuam sij tsuas yog hauv MSA, Azure AD, AD, luam tawm, lossis khaws cia los ntawm tus neeg siv; Yog tsis muaj nws, nws tsis tuaj yeem decrypted.
Cov kev daws teeb meem: tshem tawm / rov pib BitLocker, tswj-bde hauv WinRE, tweak BIOS (USB-C / TBT, Ruaj Ntseg Boot), hloov kho BIOS / Windows.

¿Puas yog BitLocker nug txog qhov yuam kev rov qab ntawm txhua lub khau raj? Thaum BitLocker thov tus yuam sij rov qab los ntawm txhua lub khau raj, nws yuav tsum tsis txhob ua ib txheej ntsiag to ntawm kev ruaj ntseg thiab dhau los ua qhov teeb meem txhua hnub. Qhov xwm txheej no feem ntau tsa lub tswb nrov: Puas muaj qhov tsis txaus ntseeg, kuv puas tau kov qee yam hauv BIOS / UEFI, TPM puas lawm, lossis Windows puas tau hloov "ib yam dab tsi" yam tsis tau ceeb toom? Qhov tseeb yog tias, feem ntau, BitLocker nws tus kheej ua raws nraim li nws yuav tsum: nkag mus rau hom rov qab yog tias nws pom qhov khau raj uas tsis muaj kev nyab xeeb.

Qhov tseem ceeb yog kom nkag siab tias yog vim li cas qhov no tshwm sim, qhov twg yuav nrhiav tau tus yuam sij, thiab yuav ua li cas tiv thaiv nws los ntawm kev thov nws dua. Raws li cov neeg siv kev paub hauv lub neej tiag tiag (zoo li tus uas pom cov lus xiav tom qab rov pib dua lawv HP Envy) thiab cov ntaub ntawv kev tshaj lij los ntawm cov tuam txhab, koj yuav pom tias muaj cov laj thawj tshwj xeeb (USB-C / Thunderbolt, Secure Boot, firmware hloov pauv, khau raj zaub mov, khoom siv tshiab) thiab txhim khu kev qha daws teeb meem uas tsis xav tau tej yam txawv txawv. Ntxiv rau, peb yuav ua kom pom tseeb tias koj ua tau dab tsi thiab ua tsis tau yog tias koj poob koj tus yuam sij, vim Yog tsis muaj tus yuam sij rov qab nws tsis tuaj yeem decrypt cov ntaub ntawv.

BitLocker rov qab npo yog dab tsi thiab vim li cas nws tshwm sim?

BitLocker encrypts lub system disk thiab cov ntaub ntawv tsav mus rau tiv thaiv lawv los ntawm kev siv tsis tau tso cai. Thaum nws pom tias muaj kev hloov pauv hauv qhov chaw khau raj (firmware, TPM, khau raj ntaus ntawv xaj, txuas nrog cov khoom siv sab nraud, thiab lwm yam), nws qhib hom rov qab thiab thov rau 48-tus lej codeQhov no yog ib txwm coj cwj pwm thiab yog li cas Windows tiv thaiv ib tug neeg los ntawm booting lub tshuab nrog hloov tsis tau rho tawm cov ntaub ntawv.

Microsoft piav qhia tsis meej: Windows xav tau tus yuam sij thaum nws pom lub xeev tsis muaj kev nyab xeeb uas tuaj yeem qhia txog kev sim nkag tsis tau. Hauv kev tswj hwm lossis tus kheej lub computer, BitLocker yeej ib txwm qhib los ntawm ib tus neeg uas muaj kev tso cai rau tus thawj tswj hwm (koj, lwm tus, lossis koj lub koom haum). Yog li thaum lub vijtsam tshwm ntau zaus, nws tsis yog tias BitLocker yog "tawg," tab sis qhov ntawd ib yam dab tsi hauv khau raj txawv txhua lub sijhawm thiab ua rau daim tshev.

Cov laj thawj tiag tiag vim li cas BitLocker nug tus yuam sij ntawm txhua lub khau raj

Muaj ntau ntau ua rau sau los ntawm manufacturers thiab cov neeg siv. Nws yog ib qho tsim nyog los tshuaj xyuas lawv vim tias lawv cov cim qhia nyob ntawm xaiv txoj kev daws teeb meem:

USB-C / Thunderbolt (TBT) khau raj thiab preboot enabledNtawm ntau lub khoos phis tawj niaj hnub no, USB-C / TBT khau raj txhawb nqa thiab Thunderbolt ua ntej khau raj tau qhib los ntawm lub neej ntawd hauv BIOS / UEFI. Qhov no tuaj yeem ua rau lub firmware sau cov kab tshiab khau raj, uas BitLocker txhais raws li kev hloov pauv thiab qhia rau tus yuam sij.
Secure Boot thiab nws txoj cai- Kev ua haujlwm, tsis siv, lossis hloov txoj cai (piv txwv li, los ntawm "Off" mus rau "Microsoft nkaus xwb") tuaj yeem ua rau kev kuaj xyuas kev ncaj ncees thiab ua rau muaj qhov tseem ceeb.
BIOS/UEFI thiab firmware hloov tshiab: Thaum hloov kho BIOS, TPM, lossis firmware nws tus kheej, qhov hloov pauv tseem ceeb ntawm khau raj hloov. BitLocker kuaj pom qhov no thiab ceeb toom rau tus yuam sij ntawm kev rov pib dua tom ntej, thiab txawm tias tom qab reboots yog tias lub platform tseem nyob hauv lub xeev tsis sib haum.
Graphical Boot Menu vs. Legacy BootMuaj cov xwm txheej uas Windows 10/11 niaj hnub khau raj tshuab raj ua rau tsis sib xws thiab yuam kom rov qab los sai. Hloov txoj cai mus rau qub txeeg qub teg yuav ua rau qhov no ruaj khov.
Cov khoom siv sab nraud thiab kho vajtse tshiab: USB-C/TBT docks, docking stations, USB flash drives, external drives, los yog PCIe phaib "tom qab" Thunderbolt tshwm nyob rau hauv txoj kev khau raj thiab hloov qhov BitLocker pom.
Auto-lock thiab TPM xeev: Tsis siv neeg xauv cov ntaub ntawv ntim thiab TPM uas tsis hloov kho kev ntsuas tom qab qee qhov kev hloov pauv tuaj yeem ua rau rov ua kom rov qab sai sai.
Teeb meem Windows Updates: Qee qhov kev hloov tshiab tuaj yeem hloov cov khoom siv khau raj / kev ruaj ntseg, yuam kom qhov tshwm sim kom txog rau thaum qhov hloov tshiab yog rov nruab lossis kho dua tshiab.

Ntawm cov platforms tshwj xeeb (xws li Dell nrog USB-C / TBT chaw nres nkoj), lub tuam txhab nws tus kheej lees paub tias muaj USB-C / TBT khau raj txhawb nqa thiab TBT ua ntej khau raj qhib los ntawm lub neej ntawd yog qhov ua rau raug. Disabling lawv, ploj ntawm daim ntawv teev khau raj thiab nres ua kom rov qab hom. Qhov tsis zoo tsuas yog qhov ntawd Koj yuav tsis tuaj yeem PXE khau raj ntawm USB-C / TBT lossis qee qhov chaw nres nkoj..

Qhov twg yuav nrhiav tau tus yuam sij BitLocker rov qab (thiab qhov twg tsis mus)

Ua ntej koj kov dab tsi, koj yuav tsum nrhiav tus yuam sij. Microsoft thiab cov thawj tswj hwm qhov system yog qhov tseeb: tsuas muaj ob peb qhov chaw siv tau xwb qhov twg tus yuam sij rov qab yuav khaws cia:

Microsoft Account (MSA)Yog tias koj kos npe rau hauv Microsoft account thiab encryption tau qhib, tus yuam sij feem ntau yog thaub qab rau koj qhov profile online. Koj tuaj yeem tshawb xyuas https://account.microsoft.com/devices/recoverykey los ntawm lwm lub cuab yeej.
Azure AD- Rau cov nyiaj ua haujlwm / tsev kawm ntawv, tus yuam sij yog khaws cia hauv koj qhov Azure Active Directory profile.
Active Directory (AD) nyob rau hauv qhov chaw: Nyob rau hauv ib txwm ua lag luam ib puag ncig, tus thawj coj tuaj yeem muab nws nrog cov Key ID uas tshwm ntawm BitLocker screen.
Sau los yog PDF: Tej zaum koj tau luam tawm thaum koj qhib encryption, lossis koj tau khaws cia rau hauv cov ntaub ntawv hauv zos lossis USB tsav. Kuj xyuas koj cov ntaub ntawv thaub qab.
Txuag rau hauv ib cov ntaub ntawv ntawm lwm tus tsav tsheb lossis hauv koj lub koom haum huab cua, yog tias muaj kev coj ua zoo.

Cov ntsiab lus tshwj xeeb - Nyem qhov no Yuav tshawb nrhiav cov kev pabcuam hauv Tor network li cas?

Yog tias koj tsis tuaj yeem pom nws ntawm ib qho ntawm cov vev xaib no, tsis muaj "magic shortcuts": Tsis muaj txoj hauv kev los txiav txim siab tsis muaj tus yuam sijQee cov ntaub ntawv rov qab cov cuab yeej tso cai rau koj khau raj rau hauv WinPE thiab tshawb xyuas cov disks, tab sis koj tseem yuav xav tau tus lej 48 tus lej txhawm rau nkag mus rau cov ntsiab lus encrypted ntawm lub kaw lus ntim.

Kev kuaj ceev ua ntej koj pib

Muaj ntau qhov kev sim yooj yim uas tuaj yeem txuag lub sijhawm thiab tiv thaiv kev hloov pauv tsis tsim nyog. Coj kom zoo dua ntawm lawv mus txheeb xyuas qhov tshwm sim tiag tiag los ntawm hom rov qab:

Disconnect txhua yam sab nraud: docks, nco, disks, phaib, saib nrog USB-C, thiab lwm yam. Nws khau raj nrog tsuas yog ib qho yooj yim keyboard, nas thiab zaub.
Sim nkag mus rau tus yuam sij ib zaug thiab xyuas yog tias tom qab nkag mus rau Windows koj tuaj yeem ncua thiab rov pib tiv thaiv kom hloov kho TPM.
Txheeb xyuas qhov xwm txheej tiag tiag ntawm BitLocker nrog cov lus txib: manage-bde -status. Nws yuav qhia koj yog tias OS ntim tau encrypted, txoj kev (xws li XTS-AES 128), qhov feem pua, thiab yog cov tiv thaiv ua haujlwm.
Sau tus yuam sij ID uas tshwm nyob rau ntawm xiav rov qab screen. Yog tias koj tso siab rau koj pab pawg IT, lawv tuaj yeem siv tus ID no los nrhiav tus yuam sij hauv AD / Azure AD.

Kev daws 1: Ncua tseg thiab rov pib BitLocker kom rov kho TPM

Yog tias koj tuaj yeem nkag mus los ntawm kev nkag mus rau tus yuam sij, txoj kev ceev tshaj plaws yog ncua thiab rov pib tiv thaiv kom muaj BitLocker hloov kho TPM ntsuas rau lub xeev tam sim no ntawm lub computer.

Nkag mus rau tus yuam sij rov qab thaum nws tshwm sim.
Hauv Windows, mus rau Tswj Vaj Huam Sib Luag → System thiab Kev Ruaj Ntseg → BitLocker Drive Encryption.
Hauv qhov system tsav (C:), nias Ncua kev tiv thaiv. Paub meej.
Tos ob peb feeb thiab nias Rov qab tiv thaivQhov no yuam BitLocker kom lees txais lub xeev khau raj tam sim no ua "zoo."

Txoj kev no yog qhov tshwj xeeb tshaj yog tom qab hloov kho firmware lossis hloov kho UEFI me. Yog hais tias tom qab rebooting tsis nug tus password lawm, koj yuav tau daws lub voj tsis tas kov BIOS.

Kev daws 2: Xauv thiab lov tes taw ib ntus tiv thaiv los ntawm WinRE

Thaum koj tsis tuaj yeem dhau qhov kev hais kom rov qab los lossis xav kom paub tseeb tias khau raj tsis nug tus yuam sij dua, koj tuaj yeem siv Windows Recovery Ib puag ncig (WinRE) thiab tswj-bde kho cov tiv thaiv.

Ntawm qhov screen rov qab, nias Esc kom pom cov kev xaiv siab heev thiab xaiv Hla chav tsev no.
Mus rau Troubleshoot → Advanced Options → Kev hais kom ua kiag.
Xauv OS ntim nrog: manage-bde -unlock C: -rp TU-CLAVE-DE-48-DÍGITOS (Hloov nrog koj tus password).
Tshem tawm cov tiv thaiv ib ntus: manage-bde -protectors -disable C: thiab rov pib dua.

Tom qab booting rau hauv Windows, koj tuaj yeem ua tau rov pib tiv thaiv los ntawm Control Vaj Huam Sib Luag los yog nrog manage-bde -protectors -enable C:, thiab xyuas seb lub voj puas ploj lawm. Qhov maneuver no muaj kev nyab xeeb thiab feem ntau nres qhov kev rov ua kom sai thaum lub kaw lus ruaj khov.

Kev daws 3: Kho USB-C / Thunderbolt thiab UEFI Network Stack hauv BIOS / UEFI

Ntawm USB-C / TBT cov khoom siv, tshwj xeeb tshaj yog cov laptops thiab chaw nres tsheb docking, kev ua haujlwm tsis zoo ntawm qee qhov kev tshaj tawm khau raj tiv thaiv lub firmware los ntawm kev qhia "tshiab" txoj hauv kev uas ua rau BitLocker tsis meej pem. Ntawm ntau Dell qauv, piv txwv li, cov no yog cov pom zoo xaiv:

Nkag mus rau BIOS / UEFI (cov yuam sij ib txwm: F2 o F12 thaum qhib).
Saib rau ntu configuration ntawm USB thiab Thunderbolt. Nyob ntawm tus qauv, qhov no yuav nyob rau hauv System Configuration, Integrated Devices, los yog zoo sib xws.
Disables kev txhawb nqa rau USB-C khau raj o Thunderbolt 3.
Xu cov USB-C/TBT Preboot (thiab, yog tias muaj, "PCIe qab TBT").
Xu cov UEFI network pawg Yog tias koj tsis siv PXE.
Hauv POST Tus Cwj Pwm, teeb tsa Kev pib ceev nyob rau hauv "Ntsig".

Tom qab txuag thiab rov pib dua, cov lus qhia tsis tu ncua yuav tsum ploj mus. Nco ntsoov qhov kev sib pauv: Koj yuav poob lub peev xwm khau raj ntawm PXE los ntawm USB-C / TBT lossis los ntawm qee qhov chaw nres nkoj.Yog tias koj xav tau nws hauv IT ib puag ncig, xav txog ua kom nws nquag thiab tswj qhov kev zam nrog cov cai.

Cov ntsiab lus tshwj xeeb - Nyem qhov no Yuav ua li cas soj on WhatsApp lus

Solution 4: Secure Boot (pab, lov tes taw, lossis "Microsoft nkaus xwb" txoj cai)

Secure Boot tiv thaiv malware nyob rau hauv khau raj saw. Hloov nws cov xwm txheej lossis txoj cai yuav tsuas yog qhov koj lub computer xav tau tawm ntawm lub vojMuaj ob txoj kev xaiv uas feem ntau ua haujlwm:

Qhib nws yog tias nws raug kaw, lossis xaiv txoj cai "Tsuas yog Microsoft" ntawm cov khoom siv sib xws.
tig nws tawm yog tias ib qho tsis tau kos npe los yog teeb meem firmware ua rau qhov kev thov tseem ceeb.

Txhawm rau hloov nws: mus rau WinRE → Hla lub tsav no → Troubleshoot → Advanced xaiv → UEFI firmware teeb tsa → Reboot. Hauv UEFI, nrhiav Khaws Khov Secure, kho rau qhov kev xaiv uas nyiam thiab txuag nrog F10. Yog hais tias qhov tam sim ntawd tso tseg, koj tau lees tias lub hauv paus yog a Kev ruaj ntseg khau raj incompatibility.

Kev daws 5: Cov Ntawv Teev Npe Hauv Tsev Kho Mob nrog BCDEdit

Ntawm qee lub tshuab, Windows 10/11 graphical boot menu ua rau hom rov qab. Hloov txoj cai mus rau "legacy" stabilizes khau raj thiab tiv thaiv BitLocker los ntawm kev hais kom tus yuam sij dua.

Qhib a Command Prompt ua tus thawj tswj hwm.
Khiav: bcdedit /set {default} bootmenupolicy legacy thiab ntaus Sau.

Reboot thiab xyuas seb qhov kev ceeb toom tau ploj lawm. Yog tias tsis muaj dab tsi hloov pauv, koj tuaj yeem thim rov qab qhov chaw nrog sib npaug simplicity hloov txoj cai mus rau "standard".

Kev daws 6: Hloov kho BIOS / UEFI thiab firmware

Ib qho dhau los lossis buggy BIOS tuaj yeem ua rau TPM ntsuas tsis ua haujlwm thiab yuam rov qab hom. Hloov kho mus rau qhov tseeb ruaj khov version los ntawm koj cov chaw tsim khoom feem ntau yog godsend.

Mus saib cov chaw tsim khoom nplooj ntawv txhawb nqa thiab rub tawm qhov tseeb BIOS / UEFI rau koj tus qauv.
Nyeem cov lus qhia tshwj xeeb (qee zaus tsuas yog khiav EXE hauv Windows txaus; lwm zaus, nws yuav tsum tau ua USB FAT32 thiab Flashback).
Thaum lub sijhawm ua haujlwm, khaws cia alimentación tsim nyog thiab zam kev cuam tshuam. Thaum ua tiav, thawj khau raj yuav hais kom tus yuam sij (ib txwm). Tom qab ntawd, ncua thiab rov pib BitLocker.

Ntau tus neeg siv qhia tias tom qab hloov kho BIOS, qhov kev ceeb toom nres tshwm tom qab a ib qho tseem ceeb nkag thiab ncua / rov pib tiv thaiv lub voj voog.

Kev daws 7: Windows Update, yob rov qab thaj ua rau thaj thiab rov ua dua lawv

Kuj tseem muaj cov xwm txheej uas qhov hloov tshiab Windows tau hloov pauv qhov tseem ceeb ntawm khau raj. Koj sim tau reinstall los yog uninstall qhov teeb meem hloov tshiab:

Chaw → Hloov tshiab & kev ruaj ntseg → Saib qhov hloov tshiab keeb kwm.
Nkag mus rau hauv Uninstall hloov tshiab, txheeb xyuas qhov tsis txaus ntseeg thiab tshem tawm nws.
Reboot, ncua ib ntus BitLocker, rov pib dua nruab hloov tshiab thiab tom qab ntawd rov pib kev tiv thaiv.

Yog tias qhov kev ceeb toom nres tom qab lub voj voog no, qhov teeb meem nyob hauv ib qho nruab nrab xeev uas ua rau start-up trust chain incoherent.

Solution 8: Disable auto-lock of data drives

Nyob rau hauv ib puag ncig nrog ntau encrypted drives, lub kev xauv tus kheej Cov ntaub ntawv ntim xauv khi rau TPM tuaj yeem cuam tshuam. Koj tuaj yeem lov tes taw nws los ntawm Tswj Vaj Huam Sib Luag → BitLocker → "Disable automatic unlocking” ntawm cov tsav cuam tshuam thiab rov pib dua los sim yog tias qhov kev hais kom nres rov ua dua.

Txawm hais tias nws yuav zoo li me me, hauv pab pawg nrog complex khau raj chains thiab ntau lub disks, tshem tawm qhov kev vam meej tuaj yeem yooj yim txaus los daws cov voj voog.

Txoj Kev 9: Tshem tawm cov khoom siv tshiab thiab cov khoom siv sab nraud

Yog tias koj ntxiv ib daim npav, hloov chaw nres nkoj, lossis txuas lub cuab yeej tshiab ua ntej qhov teeb meem, sim ua tshem nws ib ntus. Tshwj xeeb, cov khoom siv "tom qab Thunderbolt" yuav tshwm sim raws li kev khau raj. Yog tias tshem lawv nres qhov kev hais kom ua, koj ua tiav. muaj txim thiab koj tuaj yeem rov qhia nws tom qab kev teeb tsa tau ruaj khov.

Lub neej tiag tiag: lub laptop nug tus password tom qab reboot

Ib qho xwm txheej: HP Envy uas khau looj plab hlaub nrog lub vijtsam dub, tom qab ntawd qhia lub thawv xiav nug kom pom tseeb thiab tom qab ntawd BitLocker tus yuam sijTom qab nkag mus rau nws, Windows khau raj ib txwm muaj tus lej PIN lossis ntiv tes, thiab txhua yam zoo li muaj tseeb. Thaum rov pib dua, qhov kev thov rov ua dua. Tus neeg siv khiav kev kuaj mob, hloov kho BIOS, thiab tsis muaj dab tsi hloov. Yuav ua li cas?

Feem ntau yuav muaj qee yam ntawm cov khau raj tau tso tseg tsis sib xws (tsis ntev los no firmware hloov pauv, Secure Boot hloov, cov khoom siv sab nraud tau teev tseg) thiab TPM tsis tau hloov kho nws qhov ntsuas. Hauv cov xwm txheej no, cov kauj ruam zoo tshaj plaws yog:

Nkag mus ib zaug nrog tus yuam sij, ncua thiab rov pib dua bitlocker.
Tshawb xyuas manage-bde -status kom paub meej tias encryption thiab tiv thaiv.
Yog tias nws tshwm sim, kos BIOS: disable USB-C/TBT preboot thiab UEFI network pawg, lossis kho Secure Boot.

Tom qab kho BIOS thiab ua qhov ncua sij hawm / rov pib dua, nws yog qhov qub uas qhov kev thov ploj musYog tias tsis yog, siv qhov kev tsis taus ib ntus ntawm cov neeg tiv thaiv los ntawm WinRE thiab sim dua.

BitLocker puas tuaj yeem hla dhau yam tsis muaj tus yuam sij rov qab?

Nws yuav tsum tau meej: nws tsis tuaj yeem decrypt ib BitLocker-tiv thaiv ntim yam tsis muaj 48-tus lej code los yog tus tiv thaiv siv tau. Koj tuaj yeem ua dab tsi yog, yog tias koj paub tus yuam sij, qhib ntim thiab tom qab ntawd lov tes taw tiv thaiv ib ntus kom lub khau raj txuas ntxiv yam tsis tau thov rau nws thaum koj txhim kho lub platform.

Cov ntsiab lus tshwj xeeb - Nyem qhov no Muaj ntau yam kev hem thawj dab tsi Malwarebytes Anti-Malware npog?

Qee cov cuab yeej rov qab muab WinPE bootable media sim thiab khaws cov ntaub ntawv, tab sis kom nyeem cov ntsiab lus encrypted ntawm lub kaw lus tsav lawv tseem yuav tsum tau ua. tus yuam sij. Yog tias koj tsis muaj nws, lwm txoj hauv kev yog format lub tsav thiab nruab Windows los ntawm kos, xav tias cov ntaub ntawv poob.

Format thiab nruab Windows: qhov chaw kawg

disk tsav yuam kev

Yog tias tom qab tag nrho cov kev teeb tsa koj tseem tsis tuaj yeem dhau qhov kev hais kom sai (thiab koj tsis muaj tus yuam sij), txoj kev ua haujlwm tsuas yog format lub tsav thiab rov nruab Windows. Los ntawm WinRE → Command Prompt koj tuaj yeem siv diskpart txhawm rau txheeb xyuas lub disk thiab format nws, thiab tom qab ntawd nruab los ntawm USB installation.

Ua ntej koj mus txog qhov no, tso koj txoj kev tshawb nrhiav rau tus yuam sij hauv qhov chaw raug cai thiab sab laj nrog koj tus thawj coj Yog hais tias nws yog ib lub koom haum ntaus ntawv. Nco ntsoov tias qee cov tuam ntxhab muab WinPE tsab ntawm kev rov qab software los luam cov ntaub ntawv los ntawm lwm yam tsis tau encrypted drives, tab sis qhov ntawd tsis zam qhov xav tau ntawm tus yuam sij rau lub ntim OS ntim.

Kev lag luam ib puag ncig: Azure AD, AD thiab Key ID rov qab

Ntawm cov khoom siv ua haujlwm lossis tsev kawm ntawv, nws yog ib txwm muaj rau tus yuam sij rau hauv Azure AD lossis hauv Active Directory. Los ntawm qhov screen rov qab, nias Esc pom cov Key ID, sau nws thiab xa mus rau tus thawj tswj hwm. Nrog tus lej ntawd, lawv tuaj yeem nrhiav tus yuam sij cuam tshuam nrog lub cuab yeej thiab tso cai rau koj nkag mus.

Tsis tas li, tshuaj xyuas koj lub koom haum txoj cai khau raj. Yog tias koj cia siab rau PXE booting dhau USB-C / TBT, koj yuav tsis xav lov tes taw nws; hloov, koj IT tuaj yeem kos npe rau saw los yog standardize ib configuration uas zam qhov rov tshwm sim sai.

Cov qauv thiab cov khoom siv nrog tshwj xeeb cuam tshuam

Qee lub khoos phis tawj Dell nrog USB-C / TBT thiab cov khoom sib txuas tau nthuav tawm tus cwj pwm no: WD15, TB16, TB18DC, nrog rau qee qhov Latitude ranges (5280/5288, 7280, 7380, 5480/5488, 7480, 5580), XPS, Precision 3520 thiab lwm tsev neeg (Inspiron, OptiPlex, Vostro, Alienware, G Series, Fixed thiab Pro-line Workstations). Nws tsis txhais hais tias lawv poob, tab sis nrog USB-C / TBT khau raj thiab preboot enabled BitLocker feem ntau yuav "pom" txoj kev khau raj tshiab.

Yog tias koj siv cov platforms no nrog cov chaw nres tsheb docking, nws yog ib lub tswv yim zoo los txuas a ruaj khov BIOS configuration thiab sau cov kev xav tau lossis tsis yog rau PXE los ntawm cov chaw nres nkoj kom tsis txhob muaj qhov tshwm sim.

Kuv puas tuaj yeem tiv thaiv BitLocker los ntawm ib txwm ua haujlwm?

Hauv Windows 10/11, yog tias koj kos npe nrog Microsoft account, qee lub khoos phis tawj qhib ntaus ntawv encryption yuav luag pob tshab thiab txuag tus yuam sij hauv koj lub MSA. Yog tias koj siv tus account hauv zos thiab txheeb xyuas tias BitLocker yog neeg xiam oob qhab, nws yuav tsum tsis txhob qhib.

Tam sim no, qhov tsim nyog tshaj plaws tsis yog "castrate" nws mus ib txhis, tab sis tswj nws: Disable BitLocker ntawm tag nrho cov drives yog tias koj tsis xav tau nws, paub meej tias "Device Encryption" tsis ua haujlwm, thiab khaws ib daim qauv ntawm tus yuam sij yog tias koj qhib nws yav tom ntej. Disabling cov kev pabcuam tseem ceeb Windows tsis pom zoo vim nws tuaj yeem ua tau cuam tshuam kev ruaj ntseg ntawm qhov system los yog tsim cov kev mob tshwm sim.

FAQ ceev

Kuv tus password nyob qhov twg yog tias kuv siv Microsoft account? Mus rau https://account.microsoft.com/devices/recoverykey los ntawm lwm lub computer. Nyob ntawd koj yuav pom cov npe ntawm cov yuam sij rau ib lub cuab yeej nrog lawv ID.

Kuv puas tuaj yeem thov tus yuam sij los ntawm Microsoft yog tias kuv siv tus lej hauv zos? Tsis yog. Yog tias koj tsis khaws nws lossis rov qab rau hauv Azure AD / AD, Microsoft tsis muaj nws. Tshawb xyuas cov ntawv luam tawm, PDFs, thiab thaub qab, vim tsis muaj tus yuam sij tsis muaj decryption.

¿tswj-bde - xwm txheej pab kuv? Yog, qhia tau hais tias lub ntim yog encrypted, txoj kev (xws li, XTS-AES 128), seb kev tiv thaiv puas tau qhib, thiab seb lub disk puas raug kaw. Qhov no pab tau rau kev txiav txim siab yuav ua li cas ntxiv.

Yuav ua li cas yog tias kuv lov tes taw USB-C / TBT khau raj? Qhov kev ceeb toom feem ntau ploj mus, tab sis rov qab los koj yuav tsis tuaj yeem khau raj ntawm PXE los ntawm cov chaw nres nkoj lossis los ntawm qee lub hauv paus. Ntsuas nws raws li koj qhov scenario.

Yog tias BitLocker nug tus yuam sij ntawm txhua lub khau raj, feem ntau koj yuav pom qhov hloov pauv tsis tu ncua: USB-C / TBT cov chaw nres nkoj nrog kev txhawb nqa khau raj, Khaws Khov Secure mismatched, nyuam qhuav hloov tshiab firmware, los yog lwm hardware nyob rau hauv lub khau raj txoj kev. Nrhiav tus yuam sij uas nws nyob (MSA, Azure AD, AD, Sau, lossis Cov Ntaub Ntawv), nkag mus rau nws, thiab ua qhov "ncua thiab rov pib dua"kom ruaj khov TPM. Yog tias nws tseem nyob, kho BIOS / UEFI (USB-C / TBT, UEFI network pawg, Secure Boot), sim cov ntawv qhia qub qub nrog BCDEdit, thiab khaws BIOS thiab Windows mus txog hnub. Yog tsis muaj tus yuam sij tsis muaj kev nkag mus rau cov ntaub ntawv encrypted; Nyob rau hauv tas li ntawd, formatting thiab txhim kho yuav yog qhov chaw kawg kom rov qab mus ua haujlwm.

Christian Garcia

Mob siab rau technology txij thaum nws tseem me. Kuv nyiam nyob rau hnub tim hauv lub sector thiab, qhov tseem ceeb tshaj, kev sib txuas lus. Tias yog vim li cas kuv tau mob siab rau kev sib txuas lus ntawm thev naus laus zis thiab video game websites tau ntau xyoo. Koj tuaj yeem pom kuv sau txog Android, Windows, MacOS, iOS, Nintendo lossis lwm yam ntsiab lus uas los rau hauv siab.