Table 3-3Computer Setup—Security (continued)

System Security

Data Execution Prevention (some models) (enable/disable) - Helps prevent operating system

(some models: these

security breaches. Default is enabled.

options are hardware

PAVP (Models with Blu-ray drives) (disabled/min/max) - PAVP enables the Protected Audio Video

dependent)

 

Path in the Chipset. This may allow viewing of some protected high definition content that would

 

otherwise be prohibited from playback. Selecting Max will assign 96 Megabytes of system

 

memory exclusively to PAVP.

 

Virtualization Technology (VTx) (some models) (enable/disable) - Controls the virtualization

 

features of the processor. Changing this setting requires turning the computer off and then back

 

on. Default is disabled.

 

Virtualization Technology Directed I/O (VTd) (some models) (enable/disable) - Controls

 

virtualization DMA remapping features of the chipset. Changing this setting requires turning the

 

computer off and then back on. Default is disabled.

 

Intel TXT (LT) Support (some models) (enable/disable) - Controls the underlying processor and

 

chipset features needed to support a virtual appliance. Changing this setting requires turning the

 

computer off and then back on. Default is disabled. To enable this feature you must enable the

 

following features:

 

Embedded Security Device Support

 

Virtualization Technology

 

Virtualization Technology Directed I/O

 

Embedded Security Device (some models) (enable/disable) - Permits activation and deactivation

 

of the Embedded Security Device. Changing this setting requires turning the computer off and

 

then back on.

 

NOTE: To configure the Embedded Security Device, a Setup password must be set.

 

Reset to Factory Settings (some models) (Do not reset/Reset) - Resetting to factory defaults

 

will erase all security keys. Changing this setting requires turning the computer off and then

 

back on. Default is Do not reset.

 

CAUTION: The embedded security device is a critical component of many security

 

schemes. Erasing the security keys will prevent access to data protected by the Embedded

 

Security Device. Choosing Reset to Factory Settings may result in significant data loss.

 

OS management of Embedded Security Device (some models) (enable/disable) - This option

 

allows the user to limit operating system control of the Embedded Security Device. Changing this

 

setting requires turning the computer off and then back on. This option allows the user to limit OS

 

control of the Embedded Security Device. Default is enable.

 

Reset of Embedded Security Device through OS (some models) (enable/disable) - This

 

option allows the user to limit the operating system ability to request a Reset to Factory

 

Settings of the Embedded Security Device. Changing this setting requires turning the

 

computer off and then back on. Default is disable.

 

NOTE: To enable this option, a Setup password must be set.

 

 

DriveLock Security

Allows you to assign or modify a master or user password for hard drives. When this feature is

 

enabled, the user is prompted to provide one of the DriveLock passwords during POST. If neither

 

is successfully entered, the hard drive will remain inaccessible until one of the passwords is

 

successfully provided during a subsequent cold-boot sequence.

 

NOTE: This selection will only appear when at least one drive that supports the DriveLock

 

feature is attached to the system.

 

 

16 Chapter 3 Computer Setup (F10) Utility

Page 24
Image 24
HP 8200 SM774UP manual System Security, DriveLock Security