Dell OptiPlex 7071 Tower Tower Setup and specifications guide - Page 27

Secure boot options, Intel Software Guard Extensions options

Get Dell OptiPlex 7071 Tower PDF manuals and user guides View all Dell OptiPlex 7071 Tower manuals
Add to My Manuals
Save this manual to your list of manuals

Page 27 highlights

Secure boot options Table 27. Secure Boot Option Secure Boot Enable Description Allows you to enable or disable Secure Boot feature • Secure Boot Enable This option is not selected by default. Secure Boot Mode Allows you to modify the behavior of Secure Boot to allow evaluation or enforcement of UEFI driver signatures. • Deployed Mode (default) • Audit Mode Expert key Management Allows you to manipulate the security key databases only if the system is in Custom Mode. The Enable Custom Mode option is disabled by default. The options are: • PK (default) • KEK • db • dbx If you enable the Custom Mode, the relevant options for PK, KEK, db, and dbx appear. The options are: • Save to File- Saves the key to a user-selected file • Replace from File- Replaces the current key with a key from a user-selected file • Append from File- Adds a key to the current database from a user-selected file • Delete- Deletes the selected key • Reset All Keys- Resets to default setting • Delete All Keys- Deletes all the keys NOTE: If you disable the Custom Mode, all the changes made will be erased and the keys will restore to default settings. Intel Software Guard Extensions options Table 28. Intel Software Guard Extensions Option Intel SGX Enable Description This field specifies you to provide a secured environment for running code/storing sensitive information in the context of the main OS. The options are: • Disabled • Enabled • Software controlled-enabled by default Enclave Memory Size This option sets SGX Enclave Reserve Memory size. The options are: • 32 MB • 64 MB • 128 MB-enabled by default System setup 27

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
Secure boot options
Table 27. Secure Boot
Option
Description
Secure Boot Enable
Allows you to enable or disable Secure Boot feature
Secure Boot Enable
This option is not selected by default.
Secure Boot Mode
Allows you to modify the behavior of Secure Boot to allow evaluation or enforcement of UEFI
driver signatures.
Deployed Mode
(default)
Audit Mode
Expert key Management
Allows you to manipulate the security key databases only if the system is in Custom Mode. The
Enable Custom Mode
option is disabled by default. The options are:
PK
(default)
KEK
db
dbx
If you enable the
Custom Mode
, the relevant options for
PK, KEK, db, and dbx
appear. The
options are:
Save to File
- Saves the key to a user-selected file
Replace from File
- Replaces the current key with a key from a user-selected file
Append from File
- Adds a key to the current database from a user-selected file
Delete
- Deletes the selected key
Reset All Keys
- Resets to default setting
Delete All Key
s- Deletes all the keys
NOTE:
If you disable the Custom Mode, all the changes made will be erased and the
keys will restore to default settings.
Intel Software Guard Extensions options
Table 28. Intel Software Guard Extensions
Option
Description
Intel SGX Enable
This field specifies you to provide a secured environment for
running code/storing sensitive information in the context of the
main OS.
The options are:
Disabled
Enabled
Software controlled—enabled by default
Enclave Memory Size
This option sets
SGX Enclave Reserve Memory
size.
The options are:
32 MB
64 MB
128 MB—enabled by default
System setup
27