Dell XPS 13 9310 2-in-1 XPS 13 2-in-1 9310 2n1 Service Manual - Page 42

Security, Intel SGX, SMM Security Mitigation, Password Configuration, Admin Password, System Password

Get Dell XPS 13 9310 2-in-1 PDF manuals and user guides View all Dell XPS 13 9310 2-in-1 manuals
Add to My Manuals
Save this manual to your list of manuals

Page 42 highlights

Table 7. System setup options-Security menu (continued) Security PPI Bypass for Disable Commands Enables or disables The OS to skip BIOS PPI user prompts when issuing TPM PPI Disable and Deactivate commands. Default: OFF. PPI Bypass for Clear Commands Enables or disables the operating system to skip BIOS Physical Presence Interface (PPI) user prompts when issuing the Clear command. Default: OFF. Attestation Enables Enables to control whether the TPM Endorsement Hierarchy is available to the OS. Disabling this setting restricts the ability to use the TPM for signature operations. Default: ON. Key Storage Enable Enables to control whether the TPM Endorsement Hierarchy is available to the OS. Disabling this setting restricts the ability to use the TPM for storing owner data. Default: ON. SHA-256 Enables or disables the BIOS and the TPM to use the SHA-256 hash algorithm to extend measurements into the TPM PCRs during BIOS boot. Default: ON. Clear Enables or disables the computer to clear the PTT owner information, and returns the PTT to the default state. Default: OFF. TPM State Enables or disables the TPM. This is the normal operating state for the TPM when you want to use its complete array of capabilities. Default: Enabled. Intel SGX Enables or disables the Intel Software Guard Extensions (SGX) to provide a secured environment for running code/storing sensitive information. Default: Software Control SMM Security Mitigation Enables or disables additional UEFI SMM Security Mitigation protections. Default: OFF. NOTE: This feature may cause compatibility issues or loss of functionality with some legacy tools and applications. Enable Strong Passwords Enables or disables strong passwords. Default: OFF. Password Configuration Admin Password System Password Enable Master Password Lockout Control the minimum and maximum number of characters that are allowed for Admin and System passwords. Sets, Changes, or deletes the administrator (admin) password (sometimes called the "setup" password). Sets, Changes, or deletes the system password. Enables or disables the master password support. Default: OFF. Table 8. System setup options-Secure Boot menu Secure Boot Enable Secure Boot Enables or disables the computer to boos using only validated boot software. 42 System setup

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
Table 7. System setup options—Security menu (continued)
Security
PPI Bypass for Disable Commands
Enables or disables The OS to skip BIOS PPI user prompts when issuing TPM
PPI Disable and Deactivate commands.
Default: OFF.
PPI Bypass for Clear Commands
Enables or disables the operating system to skip BIOS Physical Presence
Interface (PPI) user prompts when issuing the Clear command.
Default: OFF.
Attestation Enables
Enables to control whether the TPM Endorsement Hierarchy is available to the
OS. Disabling this setting restricts the ability to use the TPM for signature
operations.
Default: ON.
Key Storage Enable
Enables to control whether the TPM Endorsement Hierarchy is available to the
OS. Disabling this setting restricts the ability to use the TPM for storing owner
data.
Default: ON.
SHA-256
Enables or disables the BIOS and the TPM to use the SHA-256 hash algorithm
to extend measurements into the TPM PCRs during BIOS boot.
Default: ON.
Clear
Enables or disables the computer to clear the PTT owner information, and
returns the PTT to the default state.
Default: OFF.
TPM State
Enables or disables the TPM. This is the normal operating state for the TPM
when you want to use its complete array of capabilities.
Default: Enabled.
Intel SGX
Enables or disables the Intel Software Guard Extensions (SGX) to provide a
secured environment for running code/storing sensitive information.
Default: Software Control
SMM Security Mitigation
Enables or disables additional UEFI SMM Security Mitigation protections.
Default: OFF.
NOTE:
This feature may cause compatibility issues or loss of functionality
with some legacy tools and applications.
Enable Strong Passwords
Enables or disables strong passwords.
Default: OFF.
Password Configuration
Control the minimum and maximum number of characters that are allowed for
Admin and System passwords.
Admin Password
Sets, Changes, or deletes the administrator (admin) password (sometimes
called the "setup" password).
System Password
Sets, Changes, or deletes the system password.
Enable Master Password Lockout
Enables or disables the master password support.
Default: OFF.
Table 8. System setup options—Secure Boot menu
Secure Boot
Enable Secure Boot
Enables or disables the computer to boos using only validated boot software.
42
System setup