Dell Inspiron 3030 Small Desktop Owners Manual - Page 85

Table 32. System setup options-Security menu continued, PPI Bypass for Clear Commands

Get Dell Inspiron 3030 Small Desktop PDF manuals and user guides View all Dell Inspiron 3030 Small Desktop manuals
Add to My Manuals
Save this manual to your list of manuals

Page 85 highlights

Table 32. System setup options-Security menu (continued) Security keys for encryption and features such as BitLocker, Virtual Secure Mode, remote Attestation. By default, the Trusted Platform Module (TPM) option is enabled. For additional security, Dell Technologies recommends keeping Trusted Platform Module (TPM) enabled to allow these security technologies to fully function. NOTE: The options that are listed apply to computers with a discrete Trusted Platform Module (TPM) chip. Attestation Enable The Attestation Enable option controls the endorsement hierarchy of TPM. Disabling the Attestation Enable option prevents TPM from being used to digitally sign certificates. By default, the Attestation Enable option is enabled. For additional security, Dell Technologies recommends keeping the Attestation Enable option enabled. NOTE: When disabled, this feature may cause compatibility issues or loss of functionality in some operating systems. Key Storage Enable The Key Storage Enable option controls the storage hierarchy of TPM, which is used to store digital keys. Disabling the Key Storage Enable option restricts the ability of TPM to store owner's data. By default, the Key Storage Enable option is enabled. For additional security, Dell Technologies recommends keeping the Key Storage Enable option enabled. NOTE: When disabled, this feature may cause compatibility issues or loss of functionality in some operating systems. SHA-256 Allows you to control the hashing algorithm that is used by the TPM. When enabled, the TPM uses the SHA-256 hashing algorithm. When disabled, the TPM uses the SHA-1 hash algorithm. By default, the SHA-256 option is enabled. For additional security, Dell Technologies recommends keeping the SHA-256 option enabled. Clear When enabled, the Clear option clears information that is stored in the TPM after exiting the computer's BIOS. This option returns to the disabled state when the computer restarts. By default, the Clear option is disabled. Dell Technologies recommends enabling the Clear option only when TPM data is required to be cleared. Physical Presence Interface (PPI) Bypass for Clear Commands The PPI Bypass for Clear Commands option allows the operating system to manage certain aspects of PTT. When enabled, you are not prompted to confirm changes to the PTT configuration. By default, the PPI Bypass for Clear Commands option is disabled. For additional security, Dell Technologies recommends keeping the PPI Bypass for Clear Commands option disabled. SMM Security Mitigation Enables or disables additional UEFI SMM Security Mitigation protections. This option uses the Windows SMM Security Mitigations Table (WSMT) to confirm to the operating system that security best practices have been implemented by the UEFI firmware. By default, the SMM Security Mitigation option is enabled. BIOS Setup 85

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
Table 32. System setup options—Security menu (continued)
Security
keys for encryption and features such as BitLocker, Virtual Secure Mode, remote
Attestation.
By default, the
Trusted Platform Module (TPM)
option is enabled.
For additional security, Dell Technologies recommends keeping
Trusted
Platform Module (TPM)
enabled to allow these security technologies to fully
function.
NOTE:
The options that are listed apply to computers with a discrete
Trusted Platform Module (TPM)
chip.
Attestation Enable
The
Attestation Enable
option controls the endorsement hierarchy of TPM.
Disabling the
Attestation Enable
option prevents TPM from being used to
digitally sign certificates.
By default, the
Attestation Enable
option is enabled.
For additional security, Dell Technologies recommends keeping the
Attestation
Enable
option enabled.
NOTE:
When disabled, this feature may cause compatibility issues or loss of
functionality in some operating systems.
Key Storage Enable
The
Key Storage Enable
option controls the storage hierarchy of TPM, which is
used to store digital keys. Disabling the
Key Storage Enable
option restricts the
ability of TPM to store owner's data.
By default, the
Key Storage Enable
option is enabled.
For additional security, Dell Technologies recommends keeping the
Key Storage
Enable
option enabled.
NOTE:
When disabled, this feature may cause compatibility issues or loss of
functionality in some operating systems.
SHA-256
Allows you to control the hashing algorithm that is used by the TPM. When
enabled, the TPM uses the SHA-256 hashing algorithm. When disabled, the TPM
uses the SHA-1 hash algorithm.
By default, the
SHA-256
option is enabled.
For additional security, Dell Technologies recommends keeping the
SHA-256
option enabled.
Clear
When enabled, the
Clear
option clears information that is stored in the TPM
after exiting the computer's BIOS. This option returns to the disabled state when
the computer restarts.
By default, the
Clear
option is disabled.
Dell Technologies recommends enabling the
Clear
option only when TPM data is
required to be cleared.
Physical Presence Interface (PPI) Bypass
for Clear Commands
The PPI Bypass for Clear Commands option allows the operating system to
manage certain aspects of PTT. When enabled, you are not prompted to confirm
changes to the PTT configuration.
By default, the
PPI Bypass for Clear Commands
option is disabled.
For additional security, Dell Technologies recommends keeping the
PPI Bypass
for Clear Commands
option disabled.
SMM Security Mitigation
Enables or disables additional UEFI SMM Security Mitigation protections. This
option uses the Windows SMM Security Mitigations Table (WSMT) to confirm to
the operating system that security best practices have been implemented by the
UEFI firmware.
By default, the
SMM Security Mitigation
option is enabled.
BIOS Setup
85