HP EliteBook 735 PC Commercial BIOS UEFI Setup - Page 26
Trusted Platform Module TPM Embedded Security Menu
View all HP EliteBook 735 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 26 highlights
HP PC Commercial BIOS (UEFI) Setup July 2020 919946-004 4.3 Trusted Platform Module (TPM) Embedded Security Menu This submenu for the Trusted Platform Module (TPM.) is a dedicated microprocessor that provides security functions for secure communication and software and hardware integrity. The built-in TPM hardware solution is more secure than a software-only solution. Table 13 TPM Embedded Security Menu features Feature TPM Specification Version TPM Device TPM State Clear TPM TPM Activation Policy Type Display Only Setting Setting Action Setting Description The Trusted Computing Group (TCG) is an industry group that defines specifications for a TPM. As of this writing, possible TPM specification versions are 1.2 or 2.0. NOTE: Windows 10 requires TPM 2.0 capability. Makes the TPM available. The following settings are possible: • Available • Hidden When checked, enables the ability for the OS to take ownership of the TPM (v1.2) or enables OS and application access to the various security capabilities of the TPM (v2.0). When selected, clears the TPM on the next boot. After clearing the TPM, this resets to No. The following settings are possible: • No • On next boot This setting allows an administrator to choose between convenience and extra security. The extra security is to ensure that the user of the system will at least see that the TPM device upgraded its firmware (F1 to Boot), or at most the user has the ability to reject the upgrade of the TPM device (Allow user to reject.) These user prompts limit the impact of remote attacks on the system by requiring a user to be physically present for the upgrade. When security of the system is of less concern, the third option (No prompts) removes any requirement for a user to acknowledge the upgrade. This last option is the most convenient for remotely upgrading many systems at once. The following settings are possible: • F1 to Boot • Allow user to reject • No prompts Default 2.0 Available Checked No Allow user to reject Notes Reboot, Physical Presence Required Reboot, Physical Presence Required Reboot Required HP recommends an option that requires the physical presence of the user © Copyright 2016-2020 HP Development Company, L.P. 4 Security Menu 26