Manuals / Lenovo / Computer Equipment / Laptop

Lenovo 2355AK4 manual Menu item Submenu item Value Comments Security Chip, Inactive, Update Option

Models: T430S T430SI 2355AK4

1 192
Download 192 pages 3.6 Kb
Page 140
Image 140

Table 6. Security menu items (continued)

Menu item

Submenu item

Value

Comments

 

 

 

 

 

Security Chip

Security Chip

Active

If you select Active, the security chip is functional.

 

 

Inactive

If you select Inactive, the security chip option

 

 

is visible, but is not functional. If you select

 

 

Disabled

 

 

Disabled, the security chip is hidden and the

 

 

 

 

option is not functional.

 

 

 

 

 

 

Security Reporting

 

 

Enable or disable the following Security Reporting

 

Options

 

 

Options:

 

 

 

 

BIOS ROM String Reporting: BIOS text string

 

 

 

 

CMOS Reporting: CMOS data

 

 

 

 

NVRAM Reporting: Security data stored in

 

 

 

 

the Asset ID

 

 

 

 

SMBIOS Reporting: SMBIOS data

 

 

 

 

 

 

Clear Security Chip

Enter

Clear the encryption key.

 

 

 

 

Note: This item is displayed only if you have

 

 

 

 

selected Active for the security chip option.

 

 

 

 

 

 

Intel TXT Feature

Disabled

Enable or disable Intel Trusted Execution

 

 

Enabled

Technology.

 

 

 

 

 

 

 

 

 

Physical Presence for

Disabled

This option enables or disables the confirmation

 

Provisioning

Enabled

message when you change the settings of the

 

 

security chip.

 

 

 

 

 

 

 

 

 

 

Physical Presence for

Disabled

This option enables or disables the confirmation

 

Clear

Enabled

message when you clear the security chip.

 

 

 

 

 

 

 

 

UEFI BIOS

Flash UEFI Updating by

Disabled

If you select Enabled, all users can update the

Update Option

End-Users

Enabled

UEFI BIOS. If you select Disabled, only the

 

 

person who knows the supervisor password can

 

 

 

 

 

 

 

 

update the UEFI BIOS.

 

 

 

 

 

 

Secure RollBack

Disabled

If you select Disabled, end-user can flash the

 

Prevention

Enabled

older version UEFI BIOS. If you select Enabled,

 

 

end-user cannot flash the older version UEFI

 

 

 

 

 

 

 

 

BIOS.

 

 

 

 

 

Memory

Execution Prevention

Disabled

Some computer viruses and worms cause

Protection

 

Enabled

memory buffers to overflow by running code

 

 

where only data is allowed. If the Data Execution

 

 

 

 

 

 

 

 

Prevention feature can be used with your

 

 

 

 

operating system, then by selecting Enabled

 

 

 

 

you can protect your computer against attacks

 

 

 

 

by such viruses and worms. If after choosing

 

 

 

 

Enabled you find that program does not run

 

 

 

 

correctly, select Disabled and reset the setting.

 

 

 

 

 

Virtualization

Intel Virtualization

Disabled

If you select Enabled, a VMM (Virtual Machine

 

Technology

Enabled

Monitor) can utilize the additional hardware

 

 

capabilities provided by Intel Virtualization

 

 

 

 

 

 

 

 

Technology.

 

 

 

 

 

 

Intel VT-d Feature

Disabled

Intel VT-d stands for Intel Virtualization Technology

 

 

Enabled

for Directed I/O. When enabled, a VMM can utilize

 

 

the platform infrastructure for I/O virtualization.

 

 

 

 

 

 

 

 

 

124User Guide

Page 139 Page 141
Page 140
Image 140
Lenovo 2355AK4 Menu item Submenu item Value Comments Security Chip, Inactive, Bios ROM String Reporting Bios text string
Page 139 Page 141