Table 42. System setup options—Power menu(continued)
Power
NOTE: This feature is only functional when the AC power adapter is
connected. If the AC power adapter is removed before Standby, the BIOS
will remove power from all of the USB ports to conserve battery power.
By default, the Enable USB Wake Support option is disabled.
AC Behavior
Enables the system to turn on automatically, when AC is inserted.
By default, the Power Off option is enabled.
Block Sleep Enable to block entering sleep (S3) mode in the operating system.
By default, the Block Sleep (S3) option is disabled.
Deep Sleep Control
Deep Sleep Control option is disabled in order to enable the Wake from USB
keyboard and mouse feature to work in the shutdown (S5) and Hibernate (S4)
states.
By default, the Enabled in S4 and S5 option is enabled.
Table 43. System setup options—Security menu
Security
TPM 2.0 Security
TPM 2.0 Security On Allows you to enable or disable TPM visibility to operating system.
By default, the TPM 2.0 Security On option is enabled.
Attestation Enable The Attestation Enable option controls the endorsement hierarchy of TPM.
Disabling the Attestation Enable option prevents TPM from being used to
digitally-sign certificates.
By default, the Attestation Enable option is enabled.
For additional security, Dell Technologies recommends keeping the
Attestation Enable option enabled.
NOTE: When disabled, this feature may cause compatibility issues or loss
of functionality in some operating systems.
Key Storage Enable The Key Storage Enable option controls the storage hierarchy of TPM, which
is used to store digital keys. Disabling the Key Storage Enable option restricts
the ability of TPM to store owner's data.
By default, the Key Storage Enable option is enabled.
For additional security, Dell Technologies recommends keeping the Key
Storage Enable option enabled.
NOTE: When disabled, this feature may cause compatibility issues or loss
of functionality in some operating systems.
SHA-256 Allows you control the usage of SHA-256 by TPM. When enabled, the BIOS
and TPM use the SHA-256 hash algorithm to extend measurements into the
TPM PCRs during BIOS boot. When disabled, the BIOS and TPM use the
SHA-1 hash algorithm to extend measurements into the TPM PCRs during
BIOS boot.
By default, the SHA-256 option is enabled.
For additional security, Dell Technologies recommends keeping the SHA-256
option enabled.
Clear When enabled, the Clear option clears information stored in the TPM after
exiting the system's BIOS. This option returns to disabled state when the
system restarts.
BIOS Setup 165
To Next Page
Loading...
