Key management, Image execution policy – Asus TS100-E8-PI4 User Manual
Page 90
4-36
Chapter 4: BIOS setup
Internal FV [Always Execute]
Configuration options: [Always Execute]
Option ROM/Removable Media/Fixed Media [Deny Execute]
Configuration options: [Always Execute] [Always Deny] [Allow Execute] [Defer Execute]
[Deny Execute] [Query User]
Key Management
This item only appears when you set the Secure Boot Mode to [Custom]. This allows you to
modify Secure Boot variables and set Key Management page.
Aptio Setup Utility - Copyright (C) 2013 American Megatrends, Inc.
Security
Image Execution Policy
per device path on
Security Violation.
Interval FV
[Always Execute]
Option ROM
[Deny Execute]
Removable Media
[Deny Execute]
Fixed Media
[Deny Execute]
Image Execution Policy
This item only appears when you set the Secure Boot Mode to [Custom]. This allows you to
manage the Image Policy on Security Violation.
Install Factory default
Secure Boot Keys when
System is in Setup Mode
Aptio Setup Utility - Copyright (C) 2013 American Megatrends, Inc.
Security
Factory Default Key Provisioning
[Disabled]
Install All Factory Default Keys
Platform Key (PK)
NOT INSTALLED
Set new PK
Delete PK
Key Exchange Key Database (KEK) NOT INSTALLED
Set new KEK
Delete KEK
Append Var to KEK
Authorized Signature Database (DB) NOT INSTALLED
Set new DB
Delete DB
Append Var to DB
Forbidden Signature Database (DBX) NOT INSTALLED
Set new DBX
Delete DBX
Append Var to DBX
Factory Default Key Provisioning [Disabled]
Configuration options: [Disabled] [Enabled]
Install All Factory Default Keys
This item will ask you if you want to Install Factory Default secure variables. Select Yes
if you want to load the default secure variables, otherwise select No.
Platform Key (PK)/Key Exchange Key Database (KEK)/Authorized Signature Database
(DB)/ Forbidden Signature Database (DBX)
Configuration options: [Set New] [Delete] [Append]