I'm relatively new to bitlocker drive encryption, although I do have a decent understanding of how it works. My question here is that, if I have a system that has bitlocker drive encryption enabled and I wanted to make hardware/BIOS changes I would run the suspend-bitlocker command and temporarily suspend system integrity checks, make the desired changes, and then boot back up. When bitlocker is re-enabled, the next time I reboot it will perform a system integrity check and it will detect the changes I have made... is there something that needs to be done after making a change to the BIOS or hardware that basically tells the bitlocker protected system that this is the new norm, and this was an intentional system modification rather than something malicious? Or does it auto-detect the changes the next time it boots into the OS?
I appreciate any help, I'm just looking to thoroughly understand how the encryption works. Cheers!
