Dell XPS 13 9340 Owners Manual - Page 85

Table 36. System setup options-Security menu continued, PPI Bypass for Clear Commands

Get Dell XPS 13 9340 PDF manuals and user guides View all Dell XPS 13 9340 manuals
Add to My Manuals
Save this manual to your list of manuals

Page 85 highlights

Table 36. System setup options-Security menu (continued) Security Chassis intrusion Chassis Intrusion Detection The chassis intrusion detection enables a physical switch that triggers an event when the computer cover is opened. When set to Enabled, a notification is displayed on the next boot and the event is logged in the BIOS Events log. When set to On-Silent, the event is logged in the BIOS Events log, but no notification is displayed. When set to Disabled, no notification is displayed and no event is logged in the BIOS Events log. By default, the Chassis Intrusion Detection option is enabled. For additional security, Dell Technologies recommends keeping the Chassis Intrusion Detection option enabled. TPM State Enables or disables the Trusted Platform Module (TPM). This is the normal operating state for the Trusted Platform Module (TPM) when you want to use its complete array of capabilities. By default, the TPM State option is enabled. Intel Platform Trust Technology (PTT) Intel PTT is a firmware-based Trusted Platform Module (fTPM) device that is part of Intel chipsets. It provides credential storage and key management that can replace the equivalent functionality of a discrete TPM chip. NOTE: The options that are listed apply to computers with a discrete Trusted Platform Module (TPM). PTT On Enables or disables the Intel PTT option. By default, the PTT On option is enabled. For additional security, Dell Technologies recommends keeping the PTT On option enabled. Physical Presence Interface (PPI) Bypass for Clear Commands The PPI Bypass for Clear Commands option allows the operating system to manage certain aspects of PTT. When enabled, you are not prompted to confirm changes to the PTT configuration. By default, the PPI Bypass for Clear Commands option is disabled. For additional security, Dell Technologies recommends keeping the PPI Bypass for Clear Commands option disabled. Clear When enabled, the Clear option clears the information that is stored in the PTT fTPM after exiting the computer's BIOS. This option returns to the disabled state when the computer restarts. By default, the Clear option is disabled. Dell Technologies recommends enabling the Clear option only when PTT fTPM data needs to be cleared. Block Boot Until Cleared Enables or disables the Block Boot Until Cleared option. By default, the Block Boot Until Cleared option is disabled. NOTE: When enabled, the computer does not boot until the chassis intrusion is cleared. If the administrator password is set, Setup has to be unlocked before the warning can be cleared. SMM Security Mitigation Enables or disables additional UEFI SMM Security Mitigation protections. This option uses the Windows SMM Security Mitigations Table (WSMT) to confirm to the operating system that security best practices have been implemented by the UEFI firmware. By default, the SMM Security Mitigation option is enabled. BIOS Setup 85

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
Table 36. System setup options—Security menu (continued)
Security
Chassis intrusion
Chassis Intrusion Detection
The chassis intrusion detection enables a physical switch that triggers an event
when the computer cover is opened.
When set to
Enabled
, a notification is displayed on the next boot and the event
is logged in the BIOS Events log.
When set to
On-Silent
, the event is logged in the BIOS Events log, but no
notification is displayed.
When set to
Disabled
, no notification is displayed and no event is logged in the
BIOS Events log.
By default, the
Chassis Intrusion Detection
option is enabled.
For additional security, Dell Technologies recommends keeping the
Chassis
Intrusion Detection
option enabled.
TPM State
Enables or disables the Trusted Platform Module (TPM). This is the normal
operating state for the Trusted Platform Module (TPM) when you want to use its
complete array of capabilities.
By default, the
TPM State
option is enabled.
Intel Platform Trust Technology (PTT)
Intel PTT is a firmware-based Trusted Platform Module (fTPM) device that is
part of Intel chipsets. It provides credential storage and key management that
can replace the equivalent functionality of a discrete TPM chip.
NOTE:
The options that are listed apply to computers with a discrete
Trusted Platform Module (TPM)
.
PTT On
Enables or disables the Intel PTT option.
By default, the
PTT On
option is enabled.
For additional security, Dell Technologies recommends keeping the
PTT On
option enabled.
Physical Presence Interface (PPI) Bypass
for Clear Commands
The PPI Bypass for Clear Commands option allows the operating system to
manage certain aspects of PTT. When enabled, you are not prompted to confirm
changes to the PTT configuration.
By default, the
PPI Bypass for Clear Commands
option is disabled.
For additional security, Dell Technologies recommends keeping the
PPI Bypass
for Clear Commands
option disabled.
Clear
When enabled, the
Clear
option clears the information that is stored in the PTT
fTPM after exiting the computer's BIOS. This option returns to the disabled state
when the computer restarts.
By default, the
Clear
option is disabled.
Dell Technologies recommends enabling the
Clear
option only when PTT fTPM
data needs to be cleared.
Block Boot Until Cleared
Enables or disables the Block Boot Until Cleared option.
By default, the
Block Boot Until Cleared
option is disabled.
NOTE:
When enabled, the computer does not boot until the chassis intrusion
is cleared. If the administrator password is set, Setup has to be unlocked
before the warning can be cleared.
SMM Security Mitigation
Enables or disables additional UEFI SMM Security Mitigation protections. This
option uses the Windows SMM Security Mitigations Table (WSMT) to confirm to
the operating system that security best practices have been implemented by the
UEFI firmware.
By default, the
SMM Security Mitigation
option is enabled.
BIOS Setup
85