Option Description
Enables you to control the reporting mode of the TPM. The TPM Security option is
set to Off by default. You can only modify the TPM Status, TPM Activation, and Intel
TXT fields if the TPM Status field is set to either On with Pre-boot Measurements
or On without Pre-boot Measurements.
TPM Information Changes the operational state of the TPM. This option is set to No Change by
default.
TPM Status Specifies the TPM status.
TPM Command
CAUTION: Clearing the TPM results in the loss of all keys in the TPM. The
loss of TPM keys may affect booting to the operating system.
Clears all the contents of the TPM. The TPM Clear option is set to No by default.
Intel TXT Enables or disables the Intel Trusted Execution Technology (TXT) option. To enable
the Intel TXT option, virtualization technology and TPM Security must be enabled
with Pre-boot measurements. This option is set to Off by default.
Power Button Enables or disables the power button on the front of the system. This option is set
to Enabled by default.
NMI Button Enables or disables the NMI button on the front of the system. This option is set to
Disabled by default.
AC Power
Recovery
Sets how the system behaves after AC power is restored to the system. This option
is set to Last by default.
AC Power
Recovery Delay
Sets the time delay for the system to power up after AC power is restored to the
system. This option is set to Immediate by default.
User Defined
Delay (60s to
240s)
Sets the User Defined Delay option when the User Defined option for AC Power
Recovery Delay is selected.
UEFI Variable
Access
Provides varying degrees of securing UEFI variables. When set to Standard (the
default), UEFI variables are accessible in the operating system per the UEFI
specification. When set to Controlled, selected UEFI variables are protected in the
environment and new UEFI boot entries are forced to be at the end of the current
boot order.
Secure Boot Enables Secure Boot, where the BIOS authenticates each pre-boot image by using
the certificates in the Secure Boot Policy. Secure Boot is disabled by default.
Secure Boot
Policy
When Secure Boot policy is set to Standard, the BIOS uses the system
manufacturer’s key and certificates to authenticate pre-boot images. When Secure
Boot policy is set to Custom, the BIOS uses the user-defined key and certificates.
Secure Boot policy is set to Standard by default.
Secure Boot
Policy Summary
Specifies the list of certificates and hashes that secure boot uses to authenticate
images.
Related links
System Security
Viewing System Security
58
To Next Page
Loading...
