Filter
Top Products
Table 6. Security menu items (continued)
Menu item
Submenu item
Value
Comments
Password
Authentication
• Disabled
• Enabled
Enable or disable password authentication.
If high security mode is selected, this item is
displayed.
Reset Fingerprint Data • Enter
This option is used to erase all ngerprint data
stored in the ngerprint reader and reset settings
to the factory state. As a result, any power-on
security features previously enabled will not be
able to work until they are re-enabled in the
ngerprint software.
Security Chip
• Active
• Inactive
• Disabled
If you select Active, the security chip is functional.
If you select Inactive, the Security Chip option
is visible, but the security chip is not functional. If
you select Disabled, the Security Chip option is
hidden and the security chip is not functional.
Security Reporting
Options
Enable or disable the following Security Reporting
Options:
• BIOS ROM String Reporting: BIOS text string
• ESCD Reporting: Extended system
conguration data
• CMOS Reporting: CMOS data
• NVRAM Reporting: Security data stored in
the Asset ID
• SMBIOS Reporting: SMBIOS data
Clear Security Chip
• Enter
Clear the encryption key.
Note: This item is displayed only if you have
selected Active for the Security Chip option.
Intel TXT Feature • Disabled
• Enabled
Enable or disable Intel Trusted Execution
Technology.
Physical Presence for
Provisioning
• Disabled
• Enabled
This option enables or disables the conrmation
message when you change the settings of the
security chip.
Security Chip
Physical Presence for
Clear
• Disabled
• Enabled
This option enables or disables the conrmation
message when you clear the security chip.
Flash UEFI Updating by
End-Users
• Disabled
• Enabled
If you select Enabled, all users can update the
UEFI BIOS. If you select Disabled, only the
person who knows the supervisor password can
update the UEFI BIOS.
UEFI BIOS
Update Option
Secure RollBack
Prevention
• Disabled
• Enabled
If you select Disabled, end-user can ash the
older version UEFI BIOS. If you select Enabled,
end-user cannot ash the older version UEFI
BIOS.
Memory
Protection
Execution Prevention • Disabled
• Enabled
Some computer viruses and worms cause
memory buffers to overow. By selecting
Enabled you can protect your computer against
attacks by such viruses and worms. If after
choosing Enabled you nd that an application
program does not run correctly, select Disabled
and reset the setting.
Chapter 8. Advanced conguration 117