In his blog post Ronnie Flathers writes ‘without full disk encryption (like BitLocker), sensitive system files will always be available to an attacker, and credentials can be compromised. Since Windows file encryption is based on user credentials (either local or AD), once these creds are compromised, an attacker would have full access to all “encrypted” files on the system. I will outline an attack scenario below to stress the importance of full drive encryption.’
Read the full blog post here - http://labs.neohapsis.com/author/ropnop/