Table5.Securitymenuitems(continued)
MenuitemSubmenuitemSelectionComments
SecurityChip•Active
•Inactive
•Disabled
IfyouselectActive,thesecuritychip
isfunctional.IfyouselectInactive,the
securitychipoptionisdisplayedbutthe
securitychipisnotfunctional.Ifyouselect
Disabled,thesecuritychipoptionishidden
andthesecuritychipisnotfunctional.
Security
Reporting
Options
EnableordisablethefollowingSecurity
ReportingOptions:
•BIOSROMStringReporting:BIOStext
string
•ESCDReporting:Extendedsystem
congurationdata
•CMOSReporting:CMOSdata
•NVRAMReporting:Securitydatastored
intheAssetID
•SMBIOSReporting:SMBIOSdata
ClearSecurity
Chip
•EnterCleartheencryptionkey.
Note:Theitemisdisplayedonlyifyou
haveselectedActivefortheSecurityChip
option.
Physical
Presencefor
Provisioning
•Disabled
•Enabled
Thisoptionenablesordisablesthe
conrmationmessagewhenyouchange
thesettingsofthesecuritychip.
SecurityChip
Physical
Presencefor
Clear
•Disabled
•Enabled
Thisoptionenablesordisablesthe
conrmationmessagewhenyouclearthe
securitychip.
FlashBIOS
Updatingby
End-Users
•Disabled
•Enabled
IfyouselectEnabled,alluserscanupdate
theUEFIBIOS.IfyouselectDisabled,
onlythepersonwhoknowsthesupervisor
passwordcanupdatetheUEFIBIOS.
UEFIBIOSUpdate
Option
SecureRollBack
Prevention
•Disabled
•Enabled
IfyouselectDisabled,end-usercanash
olderversionoftheUEFIBIOS.Ifyouselect
Enabled,end-usercannotasholder
versionoftheUEFIBIOS.
MemoryProtectionExecution
Prevention
•Disabled
•Enabled
UsetheDataExecutionPreventionfeature
toprotectyourcomputeragainstattacks
fromvirusesandwormsbyselecting
Enabled.Ifyoundthattheprogramdoes
notruncorrectlyafterchoosingEnabled
selectDisabledandresetthesetting.
IntelVirtualization
Technology
•Disabled
•Enabled
IfyouselectEnabled,aVirtualMachine
Monitor(VMM)canutilizetheadditional
hardwarecapabilitiesprovidedbyIntel
VirtualizationTechnology.
Virtualization
IntelVT-dF eature•Disabled
•Enabled
IntelVT-disIntelVirtualizationTechnology
forDirectedI/O.Whenenabled,aVMMcan
utilizetheplatforminfrastructureforI/O
virtualization.
Chapter8.Advancedconguration117