Table 5. Security menu items (continued)
Menu item
Submenu item Selection Comments
Security Chip
• Active
• Inactive
• Disabled
If you select Active, the security chip
is functional. If you select Inactive, the
security chip option is displayed but the
security chip is not functional. If you select
Disabled, the security chip option is hidden
and the security chip is not functional.
Security
Reporting
Options
Enable or disable the following Security
Reporting Options:
• BIOS ROM String Reporting: BIOS text
string
• ESCD Reporting: Extended system
conguration data
• CMOS Reporting: CMOS data
• NVRAM Reporting: Security data stored
in the Asset ID
• SMBIOS Reporting: SMBIOS data
Clear Security
Chip
• Enter
Clear the encryption key.
Note: The item is displayed only if you
have selected Active for the Security Chip
option.
Physical
Presence for
Provisioning
• Disabled
• Enabled
This option enables or disables the
conrmation message when you change
the settings of the security chip.
Security Chip
Physical
Presence for
Clear
• Disabled
• Enabled
This option enables or disables the
conrmation message when you clear the
security chip.
Flash BIOS
Updating by
End-Users
• Disabled
• Enabled
If you select Enabled, all users can update
the UEFI BIOS. If you select Disabled,
only the person who knows the supervisor
password can update the UEFI BIOS.
UEFI BIOS Update
Option
Secure RollBack
Prevention
• Disabled
• Enabled
If you select Disabled, end-user can ash
older version of the UEFI BIOS. If you select
Enabled, end-user can not ash older
version of the UEFI BIOS.
Memory Protection Execution
Prevention
• Disabled
• Enabled
Use the Data Execution Prevention feature
to protect your computer against attacks
from viruses and worms by selecting
Enabled. If you nd that the program does
not run correctly after choosing Enabled
select Disabled and reset the setting.
Intel Virtualization
Technology
• Disabled
• Enabled
If you select Enabled, a Virtual Machine
Monitor (VMM) can utilize the additional
hardware capabilities provided by Intel
Virtualization Technology.
Virtualization
Intel VT-d Feature • Disabled
• Enabled
Intel VT-d is Intel Virtualization Technology
for Directed I/O. When enabled, a VMM can
utilize the platform infrastructure for I/O
virtualization.
Chapter 8. Advanced conguration 117