Table 3-3Computer Setup—Security (continued)

System Security

Data Execution Prevention (some models) (enable/disable) - Helps prevent operating system

(some models: these

security breaches. Default is enabled.

options are hardware

Virtualization Technology (VTx/VTd) (some models) (enable/disable) - Controls the virtualization

dependent)

 

features of the processor and virtualization DMA remapping features of the chipset. Changing this

 

setting requires turning the computer off and then back on. Default is disabled.

 

Intel TXT (LT) Support (some models) (enable/disable) - Controls the underlying processor and

 

chipset features needed to support a virtual appliance. Changing this setting requires turning the

 

computer off and then back on. Default is disabled. To enable this feature you must enable the

 

following features:

 

Embedded Security Device Support

 

Virtualization Technology

 

Embedded Security Device (some models) (enable/disable) - Permits activation and deactivation

 

of the Embedded Security Device. Changing this setting requires turning the computer off and

 

then back on.

 

NOTE: To configure the Embedded Security Device, a Setup password must be set.

 

Reset to Factory Settings (some models) (Do not reset/Reset) - Resetting to factory defaults

 

will erase all security keys. Changing this setting requires turning the computer off and then

 

back on. Default is Do not reset.

 

CAUTION: The embedded security device is a critical component of many security

 

schemes. Erasing the security keys will prevent access to data protected by the Embedded

 

Security Device. Choosing Reset to Factory Settings may result in significant data loss.

 

OS management of Embedded Security Device (some models) (enable/disable) - This option

 

allows the user to limit operating system control of the Embedded Security Device. Changing this

 

setting requires turning the computer off and then back on. This option allows the user to limit OS

 

control of the Embedded Security Device. Default is enabled. This option is automatically disabled

 

if Trusted Execution Technology is enabled.

 

Reset of Embedded Security Device through OS (some models) (enable/disable) - This option

 

allows the user to limit the operating system ability to request a Reset to Factory Settings of the

 

Embedded Security Device. Changing this setting requires turning the computer off and then back

 

on. Default is disabled.

 

NOTE: To enable this option, a Setup password must be set.

 

 

DriveLock Security

Allows you to assign or modify a master or user password for hard drives. When this feature is

 

enabled, the user is prompted to provide one of the DriveLock passwords during POST. If neither

 

is successfully entered, the hard drive will remain inaccessible until one of the passwords is

 

successfully provided during a subsequent cold-boot sequence.

 

NOTE: This selection will only appear when at least one drive that supports the DriveLock

 

feature is attached to the system.

 

 

14 Chapter 3 Computer Setup (F10) Utility

Page 22
Image 22
HP 8300 C5J37AWABA, 8300 D0K72US#ABA manual System Security, DriveLock Security