Table 10. Security (continued)
Option
Description
●
Disabled — Always prompt for the system and internal
HDD password when they are set. This option is selected
by default.
●
Reboot Bypass — Bypass the password prompts on
Restarts (warm boots).
NOTE:
The system will always prompt for the system and
internal HDD passwords when powered on from the off
state (a cold boot). Also, the system will always prompt
for passwords on any module bay HDDs that may be
present.
Password Change
This option lets you determine whether changes to the
System and Hard Disk passwords are permitted when an
administrator password is set.
Allow Non-Admin Password Changes
- This option is
enabled by default.
UEFI Capsule Firmware Updates
This option controls whether this system allows BIOS updates
via UEFI capsule update packages. This option is selected by
default. Disabling this option will block BIOS updates from
services such as Microsoft Windows Update and Linux Vendor
Firmware Service (LVFS)
TPM 2.0 Security
Allows you to control whether the Trusted Platform Module
(TPM) is visible to the operating system.
●
TPM On (default)
●
Clear
●
PPI Bypass for Enable Commands
●
PPI Bypass for Disable Commands
●
Attestation Enable (default)
●
Key Storage Enable(default)
●
SHA-256(default)
●
Disabled
●
Enabled (default)
Computrace
This field lets you Activate or Disable the BIOS module
interface of the optional Computrace Service from Absolute
Software. Enables or disables the optional Computrace service
designed for asset management.
●
Deactivate
- This option is selected by default.
●
Disable
●
Activate
Chassis Intrusion
Allows you to control the chassis intrusion feature. You can
set this option to:
●
Enabled
●
Disabled (default)
●
On-Silent
CPU XD Support
Allows you to enable or disable the Execute Disable mode of
the processor. This option is enabled by default.
OROM Keyboard Access
This option determines whether users are able to enter
Option ROM Configuration screens via hotkeys during boot.
Specifically, these settings are capable of preventing access
to Intel RAID (CTRL+I) or Intel Management Engine BIOS
Extension (CTRL+P/F12).
●
Enable (selected by default)— User may enter OROM
configuration screens via the hotkey.
40
BIOS setup