Asus TS300E8PS4 118

Image Execution Policy

This item only appears when you set the Secure Boot Mode to [Custom]. This allows you to manage the Image Policy on Security Violation.

Interval FV	[Always Execute]	Image Execution	Policy
Option ROM	[Deny Execute]	per device path	on
Removable Media	[Deny Execute]	Security Violation.
Fixed Media	[Deny Execute]

Internal FV [Always Execute]

Configuration options: [Always Execute]

Option ROM/Removable Media/Fixed Media [Deny Execute]

Configuration options: [Always Execute] [Always Deny] [Allow Execute] [Defer Execute] [Deny Execute] [Query User]

Key Management

This item only appears when you set the Secure Boot Mode to [Custom]. This allows you to modify Secure Boot variables and set Key Management page.


		Security

Factory Default Key Provisioning [Disabled]			Install Factory default
Install All Factory Default Keys			Secure Boot Keys when
Install All Factory Default Keys			System is in Setup Mode
Platform Key (PK)	NOT INSTALLED
Set new PK
Delete PK
Key Exchange Key Database (KEK)	NOT INSTALLED
Set new KEK
Delete KEK
Append Var to KEK
Authorized Signature Database (DB)	NOT INSTALLED
Set new DB
Delete DB
Append Var to DB
Forbidden Signature Database (DBX)	NOT INSTALLED
Set new DBX
Delete DBX
Append Var to DBX

Factory Default Key Provisioning [Disabled]

Configuration options: [Disabled] [Enabled]

Install All Factory Default Keys

This item will ask you if you want to Install Factory Default secure variables. Select Yes if you want to load the default secure variables, otherwise select No.

Platform Key (PK)/Key Exchange Key Database (KEK)/Authorized Signature Database (DB)/ Forbidden Signature Database (DBX)

Configuration options: [Set New] [Delete] [Append]

5-36	Chapter 5: BIOS setup