Table 2-1  Computer Setup (F10) Utility menu descriptions (continued)
Heading Option Description
 Master Boot
Record Security
Enable or Disable—This option is for advanced users. When Master Boot Record (MBR) Security is
enabled, the BIOS prevents any changes being made to the MBR of the current bootable disk
while in MS-DOS or Windows Safe Mode.
NOTE: Most operating systems control access to the MBR of the current bootable disk; the BIOS
cannot prevent changes that may occur while the operating system is running.
  System Security Provides these options:
●
Data Execution Prevention—Enables or disables Data Execution Prevention mode in the
CPUs. This mode prohibits code from running in pages that were set up as data pages, and
prevents attacks such as buffer overflows. Operating system support is required for this
feature.
●
Virtualization Technology (VTx)—Enables or disables Intel Virtualization Technology to
increase workstation performance.
●
Intel(R) (VTd)—(Enabled or Disabled) Controls the underlying processor and chipset features
needed to support a virtual appliance. To enable this feature you must enable:
●
Interrupt Remapping—Enables or disables...only available when Intel(R) (VTx) is enabled.
●
Coherency Support—Enables or disables...only available when Intel(R) (VTx) is enabled.
●
ATS Support—Enables or disables...only available when Intel(R) (VTx) is enabled.
●
Pass-through DMA—Enables or disables...only available when Intel(R) (VTx) is enabled.
●
Embedded Security Device—This option becomes available if Embedded Device is set to
Available under Device Security.
NOTE: Embedded Security Device must be set to Device Available in the Device Security
menu, and you must create a Setup Password, in order to configure the Embedded Security
Device.
Embedded Security Device—(Hidden or Available) turns the Trusted Platform Mechanism
(TPM) on and off. Device Hidden is the default. If this option is made available, the following
options become available:
◦
Power-On Authentication Support—Enables and disables an authentication feature that
requires you to enter a TPM user key password to start the workstation. This feature uses
the TPM to generate and store the authentication password.
◦
Reset Authentication Credential—Resets the authentication functionality and clears
authentication credentials.
To enable the Embedded Security Device and to access any security features associated with
the device, you must enter a setup password.
Setting a device to Available enables the operating system to access the device. Hidden
makes the device unavailable. It is disabled by the BIOS and cannot be enabled by the
operating system.
Computer Setup (F10) Utility
19