Table 6. Security menu items (continued)

Menu item

Submenu item

Value

Comments

 

 

 

 

 

 

Password

Disabled

Enable or disable password authentication.

 

Authentication

Enabled

If high security mode is selected, this item is

 

 

displayed.

 

 

 

 

 

 

 

 

 

 

Reset Fingerprint Data

Enter

This option is used to erase all fingerprint data

 

 

 

 

stored in the fingerprint reader and reset settings

 

 

 

 

to the factory state. As a result, any power-on

 

 

 

 

security features previously enabled will not be

 

 

 

 

able to work until they are re-enabled in the

 

 

 

 

fingerprint software.

 

 

 

 

 

Security Chip

Security Chip

Active

If you select Active, the security chip is functional.

 

 

Inactive

If you select Inactive, the Security Chip option

 

 

is visible, but the security chip is not functional. If

 

 

Disabled

 

 

you select Disabled, the Security Chip option is

 

 

 

 

hidden and the security chip is not functional.

 

 

 

 

 

 

Security Reporting

 

 

Enable or disable the following Security Reporting

 

Options

 

 

Options:

 

 

 

 

BIOS ROM String Reporting: BIOS text string

 

 

 

 

ESCD Reporting: Extended system

 

 

 

 

configuration data

 

 

 

 

CMOS Reporting: CMOS data

 

 

 

 

NVRAM Reporting: Security data stored in

 

 

 

 

the Asset ID

 

 

 

 

SMBIOS Reporting: SMBIOS data

 

 

 

 

 

 

Clear Security Chip

Enter

Clear the encryption key.

 

 

 

 

Note: This item is displayed only if you have

 

 

 

 

selected Active for the Security Chip option.

 

 

 

 

 

 

Intel TXT Feature

Disabled

Enable or disable Intel Trusted Execution

 

 

Enabled

Technology.

 

 

 

 

 

 

 

 

 

Physical Presence for

Disabled

This option enables or disables the confirmation

 

Provisioning

Enabled

message when you change the settings of the

 

 

security chip.

 

 

 

 

 

 

 

 

 

 

Physical Presence for

Disabled

This option enables or disables the confirmation

 

Clear

Enabled

message when you clear the security chip.

 

 

 

 

 

 

 

 

UEFI BIOS

Flash UEFI Updating by

Disabled

If you select Enabled, all users can update the

Update Option

End-Users

Enabled

UEFI BIOS. If you select Disabled, only the

 

 

person who knows the supervisor password can

 

 

 

 

 

 

 

 

update the UEFI BIOS.

 

 

 

 

 

 

Secure RollBack

Disabled

If you select Disabled, end-user can flash the

 

Prevention

Enabled

older version UEFI BIOS. If you select Enabled,

 

 

end-user cannot flash the older version UEFI

 

 

 

 

 

 

 

 

BIOS.

 

 

 

 

 

Memory

Execution Prevention

Disabled

Some computer viruses and worms cause

Protection

 

Enabled

memory buffers to overflow. By selecting

 

 

Enabled you can protect your computer against

 

 

 

 

 

 

 

 

attacks by such viruses and worms. If after

 

 

 

 

choosing Enabled you find that an application

 

 

 

 

program does not run correctly, select Disabled

 

 

 

 

and reset the setting.

 

 

 

 

 

Chapter 8. Advanced configuration 117

Page 134 Page 136
Page 135
Image 135
Lenovo X230 Enter, Security Chip, Inactive, Bios ROM String Reporting Bios text string, Cmos Reporting Cmos data, Memory
Page 134 Page 136
Top Page Image Contents