During a physical assessment you seize a powered-on Windows 10 laptop that uses BitLocker with its default settings-protection by a TPM only, no PIN or USB key. You will cut power, reboot from your own media, and launch a cold-boot attack to copy the unencrypted Full-Volume Encryption Key (FVEK) from residual RAM without user input. Which BitLocker mode permits this?
In BitLocker's TPM-only transparent operation mode, the Trusted Platform Module automatically unseals the Volume Master Key during boot without requiring a PIN or startup key. Once the operating system loads, the VMK decrypts the Full-Volume Encryption Key, which remains in RAM and can be captured with a cold-boot attack. Adding a PIN or USB key would block the key release until the secret is provided, preventing unauthenticated memory scraping.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is BitLocker and how does it work?
Open an interactive chat with Bash
What is a cold-boot attack and how does it work?
Open an interactive chat with Bash
What role does the TPM play in BitLocker’s security?
Open an interactive chat with Bash
Certified Ethical Hacker (CEH)
Cryptography
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
Pass with Confidence.
IT & Cybersecurity Package
You have hit the limits of our free tier, become a Premium Member today for unlimited access.
Military, Healthcare worker, Gov. employee or Teacher? See if you qualify for a Community Discount.
Monthly
$19.99
$19.99/mo
Billed monthly, Cancel any time.
3 Month Pass
$44.99
$14.99/mo
One time purchase of $44.99, Does not auto-renew.
MOST POPULAR
Annual Pass
$119.99
$9.99/mo
One time purchase of $119.99, Does not auto-renew.
BEST DEAL
Lifetime Pass
$189.99
One time purchase, Good for life.
What You Get
All IT & Cybersecurity Package plans include the following perks and exams .