Dell NOT22188 Owner's Manual page 139

Table 44. System setup options—Security menu (continued)
Security
SHA-256
Clear
PPI ByPass for Clear Commands
Intel Total Memory Encryption
Total Memory Encryption
Chassis intrusion
SMM Security Mitigation
Data Wipe on Next Boot
Start Data Wipe
Absolute
UEFI Boot Path Security
Authenticated BIOS Interface
Enable Authenticated BIOS Interface
Clear Certificate Store
Firmware Device Tamper Detection
Clear Firmware Device Tamper Detection
Table 45. System setup options—Passwords menu
Passwords
Admin Password
System Password
138 BIOS Setup
BIOS and the TPM will use the SHA-256 hash algorithm to extend
measurements into the TPM PCRs during BIOS boot.
By default, the SHA-256 option is enabled.
Enables to clear the TPM owner information and returns the TPM to the
default state.
By default, the Clear option is disabled.
Controls the TPM Physical Presence Interface (PPI).
By default, the PPI ByPass for clear Commands option is disabled.
Enable or disable you to protect memory from physical attacks including freeze
spray, probing DDR to read the cycles, and others.
By default, the Total Memory Encryption option is disabled.
Controls the chassis intrusion feature.
By default, the On-Silent option is enabled.
Enable or disable SMM Security Mitigation.
By default, the option is enabled.
Enable or disable the data wipe on next boot.
By default, the option is enabled.
Enable or disable or permanently disable the BIOS module interface of the
optional Absolute Persistence Module service from Absolute software.
By default, the option is enabled.
Controls whether or not the computer will prompt the user to enter the admin
password (if set) when booting to a UEFI boot device from the F12 boot menu.
By default, the Always Except Internal HDD option is enabled.
By default, this option is disabled.
By default, this option is disabled.
Enables you to control the firmware device tamper detection feature. This
feature notifies the user when the firmware device is tampered. When enabled,
a screen warning messages are displayed on the computer and a tamper
detection event is logged in the BIOS Events log. The computer fails to reboot
until the event is cleared.
By default, the Firmware Device Tamper Detection option is set to Silent.
For additional security, Dell Technologies recommends keeping the Firmware
Device Tamper Detection option enabled.
By default, this option is disabled.
Set, change, or delete the administrator password.
Set, change, or delete the computer password.