HP Engage Flex Pro G2 Maintenance and Service Guide - Page 74
Sure Start Security Event Policy. Controls HP Sure Start behavior upon identifying a critical, Option
View all HP Engage Flex Pro G2 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 74 highlights
Table 5-2 Computer Setup Security (continued) Option Description Security Configuration ● Sure Start Security Event Policy. Controls HP Sure Start behavior upon identifying a critical security event, such as any modification to HP firmware, while the operating system is running. - Log Event Only: HP Sure Start will log all critical security events in the HP Sure Start audio log within the HP Sure Start nonvolatile (flash) memory. - Log Event and notify user: In addition to logging all critical security events, HP Sure Start will notify the user within the operating system that a critical event has occurred. - Log Event and power off system: In addition to logging all critical security events, HP Sure Start turns off the computer upon detecting a HP Sure Start Security Event. Because of the potential for data loss, HP recommends this setting only in situations where security integrity of the system is a higher priority than the risk of potential data loss. ● Sure Start Security Event Boot Notification: Lets you enable a warning message on the startup screen if a Sure Start event, such as BIOS recovery or Memory intrusion, occurs. Secure Boot Configuration. Lets you be sure that an operating system is legitimate before booting to it, making Windows resistant to malicious modification from preboot to full operating system booting, preventing firmware attacks. UEFI and Windows Secure Boot only allow code signed by preapproved digital certificates to run during the firmware and OS boot process. NOTE: An administrator password must be set to activate this setting. Secure Boot must also be enabled. ● Secure Boot: Default is disabled. ● Secure Boot Key Management: Lets you manage the custom key settings. NOTE: Access to these settings requires Sure Start Secure Boot Keys Protection to be disabled. - Import Custom Secure Boot Keys: Default is disabled. - Clear Secure Boot keys: Lets you delete any previously loaded custom boot keys. Clearing keys will disable secure boot. Default is disabled. - Reset Secure Boot keys to factory defaults: Default is disabled. - Enable MS UEFI CA key: Disabling this setting alters the Secure Boot key list to further restrict the allowed software components. Set this option to disable to support Device Guard. Default is enabled. - Ready BIOS for Device Guard Use: Requires BIOS Administrator password to be configured and Secure Boot to be enabled. Computer Setup Security 67