Inhoudsopgave
Advertenties
Table 31. System setup options—Security menu (continued)
Security
Chassis Intrusion Detection
Block Boot Until Cleared
OROM Keyboard Access
Legacy Manageability Interface Access
SMM Security Mitigation
Data Wipe on Next Boot
The chassis intrusion detection enables a physical switch that triggers an event when
the computer cover is opened.
When set to Enabled, a notification is displayed on the next boot and the event is
logged in the BIOS Events log.
When set to On-Silent, the event is logged in the BIOS Events log, but no
notification is displayed.
When set to Disabled, no notification is displayed and no event is logged in the BIOS
Events log.
By default, the Chassis Intrusion Detection option is enabled.
For additional security, Dell Technologies recommends keeping the Chassis
Intrusion Detection option enabled.
Enables or disables the Block Boot Until Cleared option.
By default, the Block Boot Until Cleared option is enabled.
NOTE:
When enabled, the computer does not boot until the chassis intrusion is
cleared. If the administrator password is set, Setup has to be unlocked before
the warning can be cleared.
The OROM Keyboard Access feature allows you to enter the Option ROM
configuration screens using hotkeys during the boot process. This setting controls
only the Intel RAID (CTRL+I), MEBX (CTRL+P), and LSI RAID (CTRL+C) Option
ROMs. Other preboot Option ROMs which support entry via a key sequence are not
affected by this setting.
For additional security, Dell Technologies recommends keeping the OROM
Keyboard Access option enabled.
Allows the administrator to control the access to BIOS configuration through
the Legacy Manageability Interface option. When enabled, this prevents the BIOS
Administrator password-based manageability tools from running, prevents some Dell
software applications from reading configuration settings, and/or prevents changes
to the BIOS configuration settings.
When enabled, this option only supports the Authenticated BIOS Manageability
Interface (ABI) for managing the BIOS configuration changes. To support this
feature, ABI must be enabled and provisioned.
When set to Enabled, the Legacy Manageability Interface can be used to read and
change BIOS configuration settings.
When set to Read-Only, BIOS configuration settings can be read, but cannot be
changed through the Legacy Manageability Interface.
When set to Disabled, the Legacy Manageability Interface is disabled. BIOS
configuration reads and writes are blocked.
Enables or disables additional UEFI SMM Security Mitigation protections. This option
uses the Windows SMM Security Mitigations Table (WSMT) to confirm to the
operating system that security best practices have been implemented by the UEFI
firmware.
By default, the SMM Security Mitigation option is enabled.
For additional security, Dell Technologies recommends keeping the SMM Security
Mitigation option enabled unless you have a specific application which is not
compatible.
NOTE:
This feature may cause compatibility issues or loss of functionality with
some legacy tools and applications.
BIOS-instellingen
87
Advertenties
Inhoudsopgave
