🔥 3-day streak
Microsoft 365 Endpoint Administrator44 / 117
Question 44 of 117

A laptop belonging to a finance employee was recently reported as briefly left unattended in a public area. The device is Entra joined and managed by Intune, and BitLocker is enabled with the recovery key escrowed to Entra ID. Your security team wants to invalidate the existing recovery key so the old escrowed value can no longer be used to unlock the drive, without wiping or re-imaging the device. From the Microsoft Intune admin center, which remote action should you perform on the device?

Reviewed for accuracy · Report an issueNext question