Table 37. BIOS Setup options—Security menu(continued)
Security
SMM Security Mitigation Enables or disables additional UEFI SMM Security Mitigation protections. This
option uses the Windows SMM Security Mitigations Table (WSMT) to confirm to
the operating system that security best practices have been implemented by the
UEFI firmware.
By default, the SMM Security Mitigation option is enabled.
For additional security, Dell Technologies recommends keeping the SMM
Security Mitigation option enabled unless you have a specific application which
is not compatible.
NOTE: This feature may cause compatibility issues or loss of functionality
with some legacy tools and applications.
Data Wipe on Next Boot
Start Data Wipe Data Wipe is a secure wipe operation that deletes information from a storage
device.
CAUTION: The secure Data Wipe operation deletes information in a
way that it cannot be reconstructed.
Commands such as delete and format in the operating system may remove files
from showing up in the file system. However, they can be reconstructed through
forensic means as they are still represented on the physical media. Data Wipe
prevents this reconstruction and the data can no longer be recovered.
When enabled, the data wipe option provides prompts to wipe any storage
devices that are connected to the computer on the next boot.
By default, the Start Data Wipe option is disabled.
Absolute Absolute Software provides various cyber security solutions, some requiring
software preloaded on Dell computers and integrated into the BIOS. To use these
features, you must enable the Absolute BIOS setting and contact Absolute for
configuration and activation.
By default, the Absolute option is enabled.
For additional security, Dell Technologies recommends keeping the Absolute
option enabled.
NOTE: When the Absolute features are activated, the Absolute integration
cannot be disabled from the BIOS setup screen.
UEFI Boot Path Security Enables or disables the computer to prompt the user to enter the Administrator
password (if set) when booting to a UEFI boot path device from the F12 boot
menu.
By default, the Always Except Internal HDD option is enabled.
Authenticated BIOS Interface
Enable Authenticated BIOS Interface
Allows the administrator to control access to BIOS configuration through
an authenticated interface. When enabled, this option ensures that BIOS
configuration changes are secured by authentication.
By default, the Enable Authenticated BIOS Interface option is disabled.
Clear Certificate Store
Allows the administrator to delete all certificates stored in the Key Management
System (KMS). When enabled, this option will remove all certificates, which may
be necessary for security purposes or if the certificates have expired or are no
longer valid.
By default, the Clear Certificate Store option is disabled.
Legacy Manageability Interface Access
Allows the administrator to control the access to BIOS configuration through the
Legacy Manageability Interface option. When enabled, this prevents the BIOS
BIOS Setup 131
To Next Page
Loading...
