Download  Print this page

Advertisement

Table 5-2
Computer Setup—Security (continued)
Option
70
Chapter 5 Computer Setup (F10) Utility
Description
Displays the current TPM version.
TPM Device
Lets you set the Trusted Platform Module as available or hidden.
TPM State
Select to enable the TPM.
ClearTPM
Select to reset the TPM to an unowned state. After the TPM is cleared, it is also turned off. To
temporarily suspend TPM operations, turn the TPM off instead of clearing it.
CAUTION:
Clearing the TPM resets it to factory defaults and turns it off. You will lose all created
keys and data protected by those keys.
BIOS Sure Start
Verify Boot Block on every boot. Default is disabled.
BIOS Data Recovery Policy. Default is Automatic.
IMPORTANT:
Only select Manual in situations in which forensic analysis is to be performed before
HP Sure Start Recovery. When this policy is set to manual, HP Sure Start will not correct any issues
that are found until the manual recovery key sequence is entered by the local user. This can result in
a system that is unable to boot after inputting the manual recovery key sequence.
Sure Start BIOS Settings Protection. This setting requires setting the BIOS Administrator password.
Default is disabled.
Sure Start Secure Boot Keys Protection. Default is enabled.
Enhanced HP Firmware Runtime Intrusion Prevention and Detection. Enables monitoring of
firmware executing out of main memory while the operating system is running. Any anomalies
detected in firmware that are active while the operating system is running results in generation of a
Sure Start Security Event. Default is enabled.
Sure Start Security Event Policy. Controls HP Sure Start behavior upon identifying a critical security
event (any modification to firmware) during operating system runtime. When set to Log Event Only,
HP Sure Start logs all critical security events. When set to Log Event and Notify User, HP Sure Start
notifies the user that a critical event has occurred. When set to Log Event and Power Off System, HP
Sure Start powers off the system upon detecting a security event. Default is Log Event Only.
Sure Start Security Event Boot Notification. Default is Require Acknowledgment.
HP Secure Platform Management (SPM)
HP Sure Run Current State (Inactive/Active)
Deactivate HP Sure Run
SPM Current State (Not provisoned/Provisioned)
Unprovision SPM
Physical Presence Interface. Notifies the user upon system power up when changes are made to system
security policy. The user must agree to the changes to confirm them. Default is enabled.
Smart Cover
Cover Lock. Default is 'Unlock'.
Cover Removal Sensor. Lets you disable the cover sensor or configure what action is taken if the
computer cover was removed. Default is 'Disabled'.

Advertisement

Table of Contents

Comments to this Manuals

Symbols: 0
Latest comments: