Table3.Securitymenuitems(continued)
MenuitemSubmenuitemSelectionComments
HardDisk2Password
PasswordStatus
•Disabled
•Enabled
Referto“Har ddiskpasswor ds”on
page38.
SecurityChip•Active
•Inactive
•Disabled
IfyouselectActive,thesecurity
chipisfunctional.Ifyouselect
Inactive,theSecurityChipoption
isvisible,butthesecuritychip
isnotfunctional.Ifyouselect
Disabled,theSecurityChipoption
ishiddenandthesecuritychipis
notfunctional.
SecurityReporting
Options
Enableordisablethefollowing
SecurityReportingOptions:
•BIOSROMStringReporting:
BIOSt extstring
•CMOSReporting:CMOSdata
•NVRAMReporting:Security
datastoredintheAssetID
•SMBIOSReporting:SMBIOS
data
ClearSecurityChipEnterCleartheencryptionkey.
Note:Thisitemisdisplayedonly
ifyouhaveselectedActiveforthe
SecurityChipoption.
PhysicalPresencefor
Provisioning
•Disabled
•Enabled
Thisoptionenablesordisablesthe
conrmationmessagewhenyou
changethesettingsofthesecurity
chip.
SecurityChip
PhysicalPresencefor
Clear
•Disabled
•Enabled
Thisoptionenablesordisablesthe
conrmationmessagewhenyou
clearthesecuritychip.
FlashUEFIUpdatingby
End-Users
•Disabled
•Enabled
IfyouselectEnabled,allusers
canupdatetheUEFI.Ifyouselect
Disabled,onlythepersonwho
knowsthesupervisorpasswordcan
updatetheUEFIBIOS.
UEFIBIOSUpdateOption
SecureRollBack
Prevention
•Disabled
•Enabled
IfyouselectDisabled,youcanash
theolderversiontheUEFIBIOS.
MemoryP rotectionExecutionPr evention•Disabled
•Enabled
Somecomputervirusesandworms
causememorybufferstooverow.
ByselectingEnabledyoucan
protectyourcomputeragainst
attacksbysuchvirusesandworms.
Ifyoundthatanapplication
programdoesnotruncorrectlyafter
choosingEnabled,selectDisabled
andresetthesetting.
Chapter7.Advancedconguration73