Dell Latitude 7200 2-in-1 Service Manual - Page 74

Secure Boot, Intel software Guard Extensions

Get Dell Latitude 7200 2-in-1 PDF manuals and user guides View all Dell Latitude 7200 2-in-1 manuals
Add to My Manuals
Save this manual to your list of manuals

Page 74 highlights

Option Description • Enabled. This option is selected by default. • One Time Enable • Disabled Default setting: Enable Admin Setup Lockout Allows you to prevent users from entering the setup when an Administrator password is set. Enable Admin Setup Lockout This option is not selected by default. Master Password Lockout Allows you to prevent users from entering the setup when an Master password is set. Hard disk passwords need to be cleared before the setting can be changed. Enable Master Password Lockout This option is not selected by default. SSM Security Mitigation Allows you to enable or disable additional UEFI SMM Security Mitigation protections. The OS can use the feature to help protect the secure environment created by virtualization based security. SSM Security Mitigation This option is disabled by default. Secure Boot Option Description Secure Boot Enable This option enables or disables the Secure Boot feature. • Disabled • Enabled Default setting: Enabled. Expert Key Management Allows you to manipulate the security key databases only if the system is in Custom Mode. The Enable Custom Mode option is disabled by default. Custom Mode Key Management Allows you to manage the security key databases only if the system is in Custom Mode .The options are: • PK. This option is selected by default. • KEK • db • dbx NOTE: If you disable the Enable Custom Mode, all the changes made will be erased and the keys will restore to default settings. Save to File will save the key to a user-selected file. Intel software Guard Extensions Option Intel SGX Enable Enclave Memory Size Description This option enables or disables to provide a secured environment for running code/storing sensitive information in the context of the main OS. The options are: • Disabled • Enabled • Software Controlled.This option is selected by default. Allows you to reserve the memory size. The memory size can be set from 32 MB to 128 MB, these options are disabled by default. The options are: • 32 MB • 64 MB • 128 MB 74 System setup

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
Option
Description
Enabled
. This option is selected by default.
One Time Enable
Disabled
Default setting: Enable
Admin Setup
Lockout
Allows you to prevent users from entering the setup when an Administrator password is set.
Enable Admin Setup Lockout
This option is not selected by default.
Master Password
Lockout
Allows you to prevent users from entering the setup when an Master password is set. Hard disk passwords need
to be cleared before the setting can be changed.
Enable Master Password Lockout
This option is not selected by default.
SSM Security
Mitigation
Allows you to enable or disable additional UEFI SMM Security Mitigation protections. The OS can use the feature
to help protect the secure environment created by virtualization based security.
SSM Security Mitigation
This option is disabled by default.
Secure Boot
Option
Description
Secure Boot
Enable
This option enables or disables the
Secure Boot
feature.
Disabled
Enabled
Default setting: Enabled.
Expert Key
Management
Allows you to manipulate the security key databases only if the system is in Custom Mode. The
Enable Custom
Mode
option is disabled by default.
Custom Mode Key
Management
Allows you to manage the security key databases only if the system is in Custom Mode .The options are:
PK
. This option is selected by default.
KEK
db
dbx
NOTE:
If you disable the Enable Custom Mode, all the changes made will be erased and the keys
will restore to default settings. Save to File will save the key to a user-selected file.
Intel software Guard Extensions
Option
Description
Intel SGX Enable
This option enables or disables to provide a secured environment for running code/storing sensitive information in
the context of the main OS. The options are:
Disabled
Enabled
Software Controlled
.This option is selected by default.
Enclave Memory
Size
Allows you to reserve the memory size. The memory size can be set from 32 MB to 128 MB, these options are
disabled by default. The options are:
32 MB
64 MB
128 MB
74
System setup