This policy setting controls computer restart performance at the risk of exposing BitLocker secrets. This policy setting is applied when you turn on BitLocker. BitLocker secrets include key material used to encrypt data. This policy setting applies only when BitLocker protection is enabled. If you enable this policy setting, memory will not be overwritten when the computer restarts. Preventing memory overwrite may improve restart performance but will increase the risk of exposing BitLocker secrets. If you disable or do not configure this policy setting, BitLocker secrets are removed from memory when the computer restarts. Countermeasure: By default, BitLocker secrets are overwritten during a system restart. Potential Impact: Enabling this setting could reduce the amount of time a computer takes to restart, but doing so will increase the risk of BitLocker secrets being exposed.

[enabled/disabled]

(1) GPO: Computer Configuration\Administrative Templates\Windows Components\BitLocker Drive Encryption\Prevent memory overwrite on restart (2) REG: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\FVE!MorBehavior