Table 31. System Setup options—Security menu
Security
Intel Platform Trust Technology
Intel Platform Trust Technology On Enables or disables the TPM.
By default, the Intel Platform Trust Technology On option is enabled.
For additional security, Dell Technologies recommends keeping TPM enabled to
allow these security technologies to fully function.
NOTE: To view this option, enable Advanced Setup mode as described in View
Advanced Setup options.
PPI Bypass for Clear Commands The PPI Bypass for Clear Commands option allows the operating system to manage
certain aspects of PTT. When enabled, you are not prompted to confirm changes to
the PTT configuration.
By default, the PPI Bypass for Clear Commands option is disabled.
For additional security, Dell Technologies recommends keeping the PPI Bypass for
Clear Commands option disabled.
SMM Security Mitigation Enables or disables additional UEFI SMM Security Mitigation protections. This
option uses the Windows SMM Security Mitigations Table (WSMT) to confirm to
the operating system that security best practices have been implemented by the
UEFI firmware.
By default, the SMM Security Mitigation option is enabled.
For additional security, Dell Technologies recommends keeping the SMM Security
Mitigation option enabled unless you have a specific application which is not
compatible.
NOTE: This feature may cause compatibility issues or loss of functionality with
some legacy tools and applications.
NOTE: To view this option, enable Service options as described in View Service
options.
Data Wipe on Next Boot
Start Data Wipe
Data Wipe is a secure wipe operation that deletes information from a storage
device.
CAUTION: The secure Data Wipe operation deletes information in a way that
it cannot be reconstructed.
Commands such as delete and format in the operating system may remove files from
showing up in the file system. However, they can be reconstructed through forensic
means as they are still represented on the physical media. Data Wipe prevents this
reconstruction and the data can no longer be recovered.
When enabled, the data wipe option provides prompts to wipe any storage devices
that are connected to the computer on the next boot.
By default, the Start Data Wipe option is disabled.
NOTE: To view this option, enable Advanced Setup mode as described in View
Advanced Setup options.
HDD Security
SED Block SID Authentication Enables or disables the SED Block SID Authentication setting controls used by the
BIOS to block entities from taking ownership of the Self-Encrypting Drive (SED)
when the drive does not have a password set.
By default, the SED Block SID Authentication option is enabled.
PPI Bypass for SED Block SID Command Enables or disables the SED Block SID Physical Presence Interface (PPI).
152 BIOS Setup
To Next Page
Loading...
