HP Z240 Maintenance and Service Guide - Page 33

Computer Setup-Security continued - manual

Get HP Z240 PDF manuals and user guides View all HP Z240 manuals
Add to My Manuals
Save this manual to your list of manuals

Page 33 highlights

Table 2-2 Computer Setup-Security (continued) ● Data Recovery Policy Select 'Automatic' or 'Manual' to set data recovery policy. 'Manual' lets you select whether or not to execute recovery of a corrupted region if it is detected. Dynamic Runtime Scanning of Boot Block Verifies the integrity of the BIOS boot block region several times each hour while the system is running. Set Up BIOS Power-On Password Lets you set and enable a BIOS power-on password. The power-on password prompt appears after a power cycle or reboot. If the user does not enter the correct power-on password, the unit will not boot. Change BIOS Power-On Password (This selection is active only if a BIOS power-on password is set.) Lets you change the BIOS power-on password. You must know the current password to be able to change it. DriveLock Allows you to assign or modify a master or user password for hard drives. When this feature is enabled, the user is prompted to provide one of the DriveLock passwords during POST. If neither is successfully entered, the hard drive will remain inaccessible until one of the passwords is successfully provided during a subsequent cold-boot sequence. NOTE: This selection will only appear when at least one drive that supports the DriveLock feature is attached to the system. CAUTION: Be aware that these settings take place immediately. A save is not necessary. CAUTION: Be sure to document the DriveLock password. Losing a DriveLock password will render a drive permanently locked. After you select a drive, the following options are available: Set DriveLock Master Password. Sets the drive's master password but does not enable DriveLock. Enable DriveLock. Sets the drive's user password and enables DriveLock. Secure Erase Lets you select a hard drive to completely erase. Once a hard drive has been erased with a program that utilizes Secure Erase firmware commands, no file recovery program, partition recovery program, or other data recovery method will be able to extract data from the drive. Save/Restore MBR of the NOTE: Windows 8.1 and Windows 10 systems are generally not formatted to include an MBR. Instead system hard drive they use GUID Partition Table (GPT) format, which better supports large hard drives. Enabling this feature will save the Master Boot Record (MBR) of the system hard drive. If the MBR gets changed, the user will be prompted to restore the MBR. Default is disabled. The MBR contains information needed to successfully boot from a disk and to access the data stored on the disk. Master Boot Record Security may prevent unintentional or malicious changes to the MBR, such as those caused by some viruses or by the incorrect use of certain disk utilities. It also allows you to recover the "last known good" MBR, should changes to the MBR be detected when the system is restarted. NOTE: Most operating systems control access to the MBR of the current bootable disk; the BIOS cannot prevent changes that may occur while the operating system is running. Restores the backup Master Boot Record to the current bootable disk. Default is disabled. Only appears if all of the following conditions are true: ● MBR security is enabled ● A backup copy of the MBR has been previously saved ● The current bootable disk is the same disk from which the backup copy was saved Computer Setup (F10) Utilities 23

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106
Table 2-2
Computer Setup—Security (continued)
Data Recovery Policy
Select ‘Automatic’ or ‘Manual’ to set data recovery policy. ‘Manual’ lets you select whether or not to
execute recovery of a corrupted region if it is detected.
Dynamic Runtime Scanning of Boot Block
Verifies the integrity of the BIOS boot block region several times each hour while the system is running.
Set Up BIOS Power-On
Password
Lets you set and enable a BIOS power-on password. The power-on password prompt appears after a
power cycle or reboot. If the user does not enter the correct power-on password, the unit will not boot.
Change BIOS Power-On
Password
(This selection is active
only if a BIOS power-on
password is set.)
Lets you change the BIOS power-on password.
You must know the current password to be able to change it.
DriveLock
Allows you to assign or modify a master or user password for hard drives. When this feature is enabled,
the user is prompted to provide one of the DriveLock passwords during POST. If neither is successfully
entered, the hard drive will remain inaccessible until one of the passwords is successfully provided during
a subsequent cold-boot sequence.
NOTE:
This selection will only appear when at least one drive that supports the DriveLock feature is
attached to the system.
CAUTION:
Be aware that these settings take place immediately. A save is not necessary.
CAUTION:
Be sure to document the DriveLock password. Losing a DriveLock password will render a drive
permanently locked.
After you select a drive, the following options are available:
Set DriveLock Master Password
. Sets the drive’s master password but does not enable DriveLock.
Enable DriveLock
. Sets the drive’s user password and enables DriveLock.
Secure Erase
Lets you select a hard drive to completely erase.
Once a hard drive has been erased with a program that utilizes Secure Erase firmware commands, no file
recovery program, partition recovery program, or other data recovery method will be able to extract data
from the drive.
Save/Restore MBR of the
system hard drive
NOTE:
Windows 8.1 and Windows 10 systems are generally not formatted to include an MBR. Instead
they use GUID Partition Table (GPT) format, which better supports large hard drives.
Enabling this feature will save the Master Boot Record (MBR) of the system hard drive. If the MBR gets
changed, the user will be prompted to restore the MBR. Default is disabled.
The MBR contains information needed to successfully boot from a disk and to access the data stored on
the disk. Master Boot Record Security may prevent unintentional or malicious changes to the MBR, such as
those caused by some viruses or by the incorrect use of certain disk utilities. It also allows you to recover
the "last known good" MBR, should changes to the MBR be detected when the system is restarted.
NOTE:
Most operating systems control access to the MBR of the current bootable disk; the BIOS cannot
prevent changes that may occur while the operating system is running.
Restores the backup Master Boot Record to the current bootable disk. Default is disabled.
Only appears if all of the following conditions are true:
MBR security is enabled
A backup copy of the MBR has been previously saved
The current bootable disk is the same disk from which the backup copy was saved
Computer Setup (F10) Utilities
23