Dell XPS 16 9640 Owners Manual - Page 92
Table 36. BIOS Setup options-Security menu continued, PPI Bypass for Enable Commands
View all Dell XPS 16 9640 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 92 highlights
Table 36. BIOS Setup options-Security menu (continued) Security Attestation Enable The Attestation Enable option controls the endorsement hierarchy of TPM. Disabling the Attestation Enable option prevents TPM from being used to digitally sign certificates. By default, the Attestation Enable option is enabled. For additional security, Dell Technologies recommends keeping the Attestation Enable option enabled. NOTE: When disabled, this feature may cause compatibility issues or loss of functionality in some operating systems. Key Storage Enable The Key Storage Enable option controls the storage hierarchy of TPM, which is used to store digital keys. Disabling the Key Storage Enable option restricts the ability of TPM to store owner's data. By default, the Key Storage Enable option is enabled. For additional security, Dell Technologies recommends keeping the Key Storage Enable option enabled. NOTE: When disabled, this feature may cause compatibility issues or loss of functionality in some operating systems. SHA-256 Allows you to control the hashing algorithm that is used by the TPM. When enabled, the TPM uses the SHA-256 hashing algorithm. When disabled, the TPM uses the SHA-1 hash algorithm. By default, the SHA-256 option is enabled. For additional security, Dell Technologies recommends keeping the SHA-256 option enabled. Clear When enabled, the Clear option clears information that is stored in the TPM after exiting the computer's BIOS. This option returns to the disabled state when the computer restarts. By default, the Clear option is disabled. Dell Technologies recommends enabling the Clear option only when TPM data is required to be cleared. Physical Presence Interface (PPI) Bypass for Enable Commands The Physical Presence Interface (PPI) Bypass options can be used to allow the operating system to manage certain aspects of the TPM. If these options are enabled, you are not prompted to confirm certain changes to the TPM configuration. By default, the PPI Bypass for Enable Commands option is enabled. For additional security, Dell Technologies recommends keeping the PPI Bypass for Enable Commands option enabled. Intel Total Memory Encryption Multi-Key Total Memory Encryption (Up to 16 keys) Enable or disable the protection of memory from physical attacks including freeze spray, probing DDR to read the cycles, and others. When enabled, the system memory is encrypted bu the Total Memory Encryption (TME) block attached to the memory controller. By default, the Multi-Key Total Memory Encryption option is disabled. Chassis intrusion Chassis Intrusion Detection The chassis intrusion detection enables a physical switch that triggers an event when the computer cover is opened. When set to Enabled, a notification is displayed on the next boot and the event is logged in the BIOS Events log. 92 BIOS Setup