HP EliteBook 735 PC Commercial BIOS UEFI Setup - Page 77

HP PC Commercial BIOS (UEFI) Setup July 2020 919946-004 Feature Provisioning Version: Type Recovery Image Label URL: Username: Provisioning Version: Description Version of the recovery agent's provisioning data. This value will be 0 until a scheduled download occurs after a change is made to the recovery agent URL. Default Location of the current recovery image URL. Username (optional) to access the recovery image. Version of the recovery image's provisioning data. This value will be 0 until a scheduled download occurs after a change is made to the recovery image URL. Notes Not shown unless Recover from Network checked Not shown unless Recover from Network checked Not shown unless Recover from Network checked Not shown unless Recover from Network checked Not shown unless Recover from Network checked 8.6 Secure Boot Configuration Menu This submenu allows the user to configure boot mode and Secure Boot. Starting with Windows 8, Secure Boot is a UEFI feature that helps resist attacks and infection from malware. From the factory, your system came with a list of keys that identify trusted hardware, firmware, and an operating system loader code. It also created a list of keys to identify known malware. Table 51 Secure Boot Configurations Menu features Feature Configure Legacy Support and Secure Boot  Import Custom Secure Boot keys  Clear Secure Boot Keys  Reset Secure Boot keys to factory defaults  Enable MS UEFI CA key Type Setting Setting One Time Action One Time Action Setting Description Legacy Support has the ability to boot from a non-UEFI device. Only UEFI devices can support Secure Boot. The following settings are possible: • Legacy Support Enable and Secure Boot Disable • Legacy Support Disable and Secure Boot Enable • Legacy Support Disable and Secure Boot Disable When checked and system is rebooted, custom secure boot keys are imported from the EFI\HP directory from the hard drive or USB device. The custom keys consist of PK, KEK, DB, and Dbx .bin files. When import succeeds or fails, a preboot prompt shows the results of each key bin file. When checked, clears the Secure Boot keys one time on next save and exit. This setting will be unchecked again when you return from exit. This action is not available when Legacy Support is enabled or when no imported keys are present. When checked, restores secure boot keys to factory defaults one time on next save and exit. This setting will be unchecked again, when you return from exit. When checked, the Microsoft (MS) UEFI Certificate Authority (CA) key is trusted by Secure Boot NOTE: Uncheck this to support Windows 10 Device Guard feature Default OS Dependent Unchecked Unchecked Unchecked Checked Notes Reboot Required Reboot Required Reboot Required © Copyright 2016-2019 HP Development Company, L.P. 8 Advanced Menu (2019 and older) 77