HP EliteBook 735 PC Commercial BIOS UEFI Setup - Page 23

Feature, Description, Default, Notes

Get HP EliteBook 735 PDF manuals and user guides View all HP EliteBook 735 manuals
Add to My Manuals
Save this manual to your list of manuals

Page 23 highlights

HP PC Commercial BIOS (UEFI) Setup July 2020 919946-004 Feature BIOS Sure Start Secure Boot Configuration Secure Platform Management (SPM)  Physical Presence Interface Smart Cover  Trusted Execution Technology (TXT) Intel Software Guard Extensions (SGX) Full encryption of main memory (DRAM) Hard Drive Utilities Absolute Persistence Module Activation Status Absolute Persistence Module Permanent Disable Type Menu Menu Description Settings that control the behavior of HP Sure Start. HP Sure Start is a built-in hardware security system that protects your BIOS from accidental or malicious corruption by (1) detecting BIOS corruption and then (2) automatically restoring the BIOS to its last installed HP-certified version. Some platforms in 2019 have the capability to recover Intel ME as well. Default Options for managing Secure Boot state and Secure Boot keys. Secure Boot is a UEFI feature that helps resist attacks and infection from malware. From the factory your system came with a list of keys that identify trusted hardware, firmware, and operating system loader code. Your system also has a list of keys to identify known malware. Menu Menu Setting Setting Setting Options for managing HP Sure Run and HP Sure Recover and Sure Admin Enable or disable the local prompt to confirm that a sensitive setting change was requested by the user. Controls settings for Cover Lock and Cover Sensor When checked, enables Trusted Execution Technology on select Intel-based systems. NOTE: Enabling this feature disables OS management of TPM ( Embedded Security Device), prevents a reset of the TPM, and constrains the configuration of VTx, VTd, and TPM Enables Intel Software Guard Extensions. The following settings are possible: • Disable • Enable • Software control When checked, the system stores all data to DRAM in an encrypted format. Checked Unchecked Software control -or- Disable (non-vPro) Checked Menu Label Display Only Display Only Utilities to protect private information on individual hard drives: Drive Lock and Secure Erase. A subscription service that provides PC theft recovery, tracking and data delete solutions The subscription status can be inactive, active, or permanently disabled. Shows current state of the Absolute Persistence module (Yes = disabled, No = available). Inactive No Notes Only located here on systems without legacy support. Intel Only Reboot Required Intel Only Select products only © Copyright 2016-2020 HP Development Company, L.P. 4 Security Menu 23

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
HP PC Commercial BIOS (UEFI) Setup
July 2020
919946-004
© Copyright 2016-2020 HP Development Company, L.P.
4 Security
Menu
23
Feature
Type
Description
Default
Notes
BIOS Sure Start
Menu
Settings that control the behavior of HP Sure Start.
HP Sure Start is a built-in hardware security system
that protects your BIOS from accidental or malicious
corruption by (1) detecting BIOS corruption and then
(2) automatically restoring the BIOS to its last
installed HP-certified version. Some platforms in
2019 have the capability to recover Intel ME as well.
Secure Boot
Configuration
Menu
Options for managing Secure Boot state and Secure
Boot keys.
Secure Boot is a UEFI feature that helps resist attacks
and infection from malware. From the factory your
system came with a list of keys that identify trusted
hardware, firmware, and operating system loader
code. Your system also has a list of keys to identify
known malware
.
Only
located here
on systems
without
legacy
support.
Secure Platform
Management (SPM)
Menu
Options for managing HP Sure Run and HP Sure
Recover and Sure Admin
Physical Presence
Interface
Enable or disable the local prompt to confirm that a
sensitive setting change was requested by the user.
Checked
Smart Cover
Menu
Controls settings for Cover Lock and Cover Sensor
Trusted Execution
Technology (TXT)
Setting
When checked, enables Trusted Execution
Technology on select Intel-based systems.
NOTE:
Enabling this feature disables OS management
of TPM ( Embedded Security Device), prevents a reset
of the TPM, and constrains the configuration of VTx,
VTd, and TPM
Unchecked
Intel Only
Reboot
Required
Intel Software Guard
Extensions (SGX)
Setting
Enables Intel Software Guard Extensions. The
following settings are possible:
Disable
Enable
Software control
Software
control
or
Disable
(non-vPro)
Intel Only
Full encryption of main
memory (DRAM)
Setting
When checked, the system stores all data to DRAM in
an encrypted format.
Checked
Select
products
only
Hard Drive Utilities
Menu
Utilities to protect private information on individual
hard drives: Drive Lock and Secure Erase.
Absolute Persistence
Module
Label
A subscription service that provides PC theft recovery,
tracking and data delete solutions
Activation Status
Display
Only
The subscription status can be inactive, active, or
permanently disabled.
Inactive
Absolute Persistence
Module Permanent
Disable
Display
Only
Shows current state of the Absolute Persistence
module (Yes = disabled, No = available).
No