Table 6. Security menu items (continued)
Menu item | Submenu item | Value | Comments | |
|
|
|
|
|
Security Chip | Security Chip | • | Active | If you select Active, the security chip is functional. |
|
| • | Inactive | If you select Inactive, the Security Chip option |
|
| is visible, but the security chip is not functional. If | ||
|
| • | Disabled | |
|
| you select Disabled, the Security Chip option is | ||
|
|
|
| hidden and the security chip is not functional. |
|
|
|
|
|
| Security Reporting |
|
| Enable or disable the following Security Reporting |
| Options |
|
| Options: |
|
|
|
| • BIOS ROM String Reporting: BIOS text string |
|
|
|
| • CMOS Reporting: CMOS data |
|
|
|
| • NVRAM Reporting: Security data stored in |
|
|
|
| the Asset ID |
|
|
|
| • SMBIOS Reporting: SMBIOS data |
|
|
|
|
|
| Clear Security Chip | • | Enter | Clear the encryption key. |
|
|
|
| Note: This item is displayed only if you have |
|
|
|
| selected Active for the Security Chip option. |
|
|
|
|
|
| Intel TXT Feature | • | Disabled | Enable or disable Intel Trusted Execution |
|
| • | Enabled | Technology. |
|
|
| ||
|
|
|
|
|
| Physical Presence for | • | Disabled | This option enables or disables the confirmation |
| Provisioning | • | Enabled | message when you change the settings of the |
|
| security chip. | ||
|
|
|
| |
|
|
|
|
|
| Physical Presence for | • | Disabled | This option enables or disables the confirmation |
| Clear | • | Enabled | message when you clear the security chip. |
|
|
| ||
|
|
|
|
|
UEFI BIOS | Flash BIOS Updating | • | Disabled | If you select Enabled, all users can update the |
Update Option | by | • | Enabled | UEFI BIOS. If you select Disabled, only the |
|
| person who knows the supervisor password can | ||
|
|
|
| |
|
|
|
| update the UEFI BIOS. |
|
|
|
|
|
| Secure RollBack | • | Disabled | If you select Disabled, you can flash to the |
| Prevention | • | Enabled | previous version of UEFI BIOS. If you select |
|
| Enabled, you can not flash to the previous | ||
|
|
|
| |
|
|
|
| version of UEFI BIOS. |
|
|
|
|
|
Memory | Execution Prevention | • | Disabled | Some computer viruses and worms cause |
Protection |
| • | Enabled | memory buffers to overflow by running code |
|
| where only data is allowed. If the Data Execution | ||
|
|
|
| |
|
|
|
| Prevention feature can be used with your |
|
|
|
| operating system, then by selecting Enabled |
|
|
|
| you can protect your computer against attacks |
|
|
|
| by such viruses and worms. If after choosing |
|
|
|
| Enabled you find that an program does not run |
|
|
|
| correctly, select Disabled and reset the setting. |
|
|
|
|
|
Virtualization | Intel Virtualization | • | Disabled | If you select Enabled, a Virtual Machine Monitor |
| Technology | • | Enabled | (VMM) can utilize the additional hardware |
|
| capabilities provided by Intel Virtualization | ||
|
|
|
| |
|
|
|
| Technology. |
|
|
|
|
|
| Intel | • | Disabled | Intel |
|
| • | Enabled | Directed I/O. When enabled, a VMM can utilize |
|
| the platform infrastructure for I/O virtualization. | ||
|
|
|
| |
|
|
|
|
|
