Table of Contents
Advertisement
Table 37. System setup options—Security menu (continued)
Security
SHA-256
Clear
Physical Presence Interface (PPI) Bypass
for Clear Commands
SMM Security Mitigation
Data Wipe on Next Boot
Start Data Wipe
Absolute
Absolute
NOTE:
When disabled, this feature may cause compatibility issues or loss of
functionality in some operating systems.
Allows you to control the hashing algorithm that is used by the TPM. When
enabled, the TPM uses the SHA-256 hashing algorithm. When disabled, the TPM
uses the SHA-1 hash algorithm.
By default, the SHA-256 option is enabled.
For additional security, Dell Technologies recommends keeping the SHA-256
option enabled.
When enabled, the Clear option clears information that is stored in the TPM
after exiting the computer's BIOS. This option returns to the disabled state when
the computer restarts.
By default, the Clear option is disabled.
Dell Technologies recommends enabling the Clear option only when TPM data is
required to be cleared.
By default, the PPI Bypass for Clear Commands option is disabled.
For additional security, Dell Technologies recommends keeping the PPI Bypass
for Clear Commands option disabled.
Enables or disables additional UEFI SMM Security Mitigation protections. This
option uses the Windows SMM Security Mitigations Table (WSMT) to confirm to
the operating system that security best practices have been implemented by the
UEFI firmware.
By default, the SMM Security Mitigation option is enabled.
For additional security, Dell Technologies recommends keeping the SMM
Security Mitigation option enabled unless you have a specific application which
is not compatible.
NOTE:
This feature may cause compatibility issues or loss of functionality
with some legacy tools and applications.
Data Wipe is a secure wipe operation that deletes information from a storage
device.
CAUTION:
The secure Data Wipe operation deletes information in a
way that it cannot be reconstructed.
Commands such as delete and format in the operating system may remove files
from showing up in the file system. However, they can be reconstructed through
forensic means as they are still represented on the physical media. Data Wipe
prevents this reconstruction and is not recoverable.
When enabled, the data wipe option will prompt to wipe any storage devices that
are connected to the computer on the next boot.
By default, the Start Data Wipe option is disabled.
Absolute Software provides various cyber security solutions, some requiring
software preloaded on Dell computers and integrated into the BIOS. To use these
features, you must enable the Absolute BIOS setting and contact Absolute for
configuration and activation.
By default, the Absolute option is enabled.
For additional security, Dell Technologies recommends keeping the Absolute
option enabled.
Restricted - Confidential
BIOS Setup
121
Hide quick links:
Advertisement
Table of Contents
