BitLocker (OS Disk) - should be set to "Do not allow 256-bit recovery key"

[pscook25]

Regarding: Table 15. Basics - Win - OIB - ES - Encryption - D - BitLocker (OS Disk) - v3.0 CIS Benchmark: 3.11.7.2.3 (BL) Ensure 'Choose how BitLocker-protected operating system drives can be recovered: Recovery Key' is set to 'Enabled: Do not allow 256-bit recovery key' (Automated) CIS = Do not allow 256-bit recovery key. OIB = Allow 256-bit recovery key.