Dell OptiPlex 7090 Small Form Factor Service Manual - Page 77

Table 21. Security continued

Get Dell OptiPlex 7090 Small Form Factor PDF manuals and user guides View all Dell OptiPlex 7090 Small Form Factor manuals
Add to My Manuals
Save this manual to your list of manuals

Page 77 highlights

Table 21. Security (continued) Options PPI Bypass for Clear Commands TPM State Intel Total Memory Encryption Total Memory Encryption(TME) Chassis Intrusion Chassis Intrusion Clear Intrusion Warning SMM Security Mitigation Data Wipe on Next Boot Start Data Wipe Absolute Absolute UEFI Boot Path Security UEFI Boot Path Security Description This section contains a toggle switch which controls the TPM Physical Presence Interface(PPI). When enabled, this setting will allow the OS to skip BIOS PPI user prompts when issuing the clear command (OFF by default). This section allows the user to enable or disable the TPM. This is the default operating state for the TPM when you want to use its complete arrays of capabilities (enabled by default). This section allows the user to enable/disable TME to protect memory from physical attachs including freeze spray, probing DDR to read the cycles etc. All of the system memory is encrypted by the TME block attached to the memory controller This field controls the chassis intrusion feature ● Disabled - Will not report intrusions during POST ● Enabled - Will report intrusions during POST ● On-silent - Detects intrusions but does not display any detected intrusions during POST (Selected by default) This section contains a toggle switch to enable/disable warnings on intrusion (OFF by default). This section allows the user to enable or disable UEFI SMM security Mitigation protections (ON by default). This section contains toggle switch which when enabled ensures that the BIOS will queue up a data wipe cycle for storage device(s) connected to the system board on the next reboot (OFF by default). This section lets the user enable, disable or permanently disable the BIOS module interface of the optional Absolute Persistence Module service from Absolute Software. The options available are as follows: ● Enable Absolute - Enables Absolute Persistence and load the firmware Persistence Module (Selected by default) ● Disable Absolute - Disables Absolute Persistence. The firmware Persistence Module is not installed. ● Permanently Disable Absolute - Permanently disables Absolute Persistence module interface from further use. This section lets the user control whether the system will prompt the user to enter the admin password(if set) when booting to a UEFI booth path device from F12 boot menu. The options available are as below: ● Never ● Always ● Always Except Internal HDD (Selected by default) System setup 77

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
Table 21. Security (continued)
Options
Description
PPI Bypass for Clear Commands
This section contains a toggle switch which controls the TPM
Physical Presence Interface(PPI). When enabled, this setting
will allow the OS to skip BIOS PPI user prompts when issuing
the clear command (OFF by default).
TPM State
This section allows the user to enable or disable the TPM. This
is the default operating state for the TPM when you want to
use its complete arrays of capabilities (enabled by default).
Intel Total Memory Encryption
Total Memory Encryption(TME)
This section allows the user to enable/disable TME to protect
memory from physical attachs including freeze spray, probing
DDR to read the cycles etc. All of the system memory
is encrypted by the TME block attached to the memory
controller
Chassis Intrusion
Chassis Intrusion
This field controls the chassis intrusion feature
Disabled - Will not report intrusions during POST
Enabled - Will report intrusions during POST
On-silent - Detects intrusions but does not display any
detected intrusions during POST (Selected by default)
Clear Intrusion Warning
This section contains a toggle switch to enable/disable
warnings on intrusion (OFF by default).
SMM Security Mitigation
This section allows the user to enable or disable UEFI SMM
security Mitigation protections (ON by default).
Data Wipe on Next Boot
Start Data Wipe
This section contains toggle switch which when enabled
ensures that the BIOS will queue up a data wipe cycle for
storage device(s) connected to the system board on the next
reboot (OFF by default).
Absolute
Absolute
This section lets the user enable, disable or permanently
disable the BIOS module interface of the optional Absolute
Persistence Module service from Absolute Software. The
options available are as follows:
Enable Absolute - Enables Absolute Persistence and load
the firmware Persistence Module (Selected by default)
Disable Absolute - Disables Absolute Persistence. The
firmware Persistence Module is not installed.
Permanently Disable Absolute - Permanently disables
Absolute Persistence module interface from further use.
UEFI Boot Path Security
UEFI Boot Path Security
This section lets the user control whether the system will
prompt the user to enter the admin password(if set) when
booting to a UEFI booth path device from F12 boot menu. The
options available are as below:
Never
Always
Always Except Internal HDD (Selected by default)
System setup
77