Table 32. System setup options—Security menu (continued)
Security
PPI Bypass for Enable Commands
PPI Bypass for Disable Commands
Attestation Enable
Key Storage Enable
SHA-256
Clear
PPI Bypass for Clear Commands
TPM State
Enable Pre-Boot DMA support
Enable OS kernel DMA support
Secure Boot
System Status:
Secure Boot Database
Secure Boot Status
Default: On
Controls the TPM Physical Presence Interface(PPI). When
enabled, this setting allows the OS to skip BIOS PPI
user prompts when issuing TPM PPI enable and activate
commands.
Default: Disabled
Controls the TPM Physical Presence Interface(PPI). When
enabled, this setting will allow the OS to skip BIOS PPI
user prompts when issuing TPM PPI disable and deactivate
commands(#2, 4, 7, 9, & 11).
Default: Disabled
Allws the user to control whether the TPM Endorsement
Hierarchy is available to the OS.
Default: Enabled
Allows the user to control whether TPM Storage Hierarchy
is available to the operating system.
Default: Enabled
Enables the BIOS and the TPM to use the SHA-256 hash
algorithm to extend measurements into the TPM PCRs
during BIOS boot.
Default: Enabled
Clears the TPM owner information, and returns the TPM to
the default state.
Default: Disabled
Controls the TPM Physical Presence Interface(PPI). When
enabled, this setting will allow the OS to skip BIOS PPI user
prompts when issuing the Clear command.
Default: Disabled
Displays the state of the TPM Module on the computer.
Default: Enabled
Enable or disable the pre-boot DMA support.
Default: Enabled
Enable or disable the OS kernel DMA support.
Default: Enabled
A security standard that ensures the device boots using
only software that is trusted by the Original Equipment
Manufacturer (OEM)
Default: Installed and Locked
Ensure that only trusted software can be executed on the
system.
Default: Disabled
BIOS Setup
95