beautypg.com

Dell 23.8" OptiPlex 7410 All-in-One Desktop Computer (Gray) User Manual

Page 113

background image

Table 33. System setup options—Security menu (continued)

Security

For additional security, Dell Technologies recommends keeping the

PPI Bypass

for Clear Commands

option disabled.

Attestation Enable

The

Attestation Enable

option controls the endorsement hierarchy of TPM.

Disabling the

Attestation Enable

option prevents TPM from being used to

digitally-sign certificates.

By default, the

Attestation Enable

option is enabled.

For additional security, Dell Technologies recommends keeping the

Attestation

Enable

option enabled.

NOTE:

When disabled, this feature may cause compatibility issues or loss of

functionality in some operating systems.

Key Storage Enable

The

Key Storage Enable

option controls the storage hierarchy of TPM, which is

used to store digital keys. Disabling the

Key Storage Enable

option restricts the

ability of TPM to store owner's data.

By default, the

Key Storage Enable

option is enabled.

For additional security, Dell Technologies recommends keeping the

Key Storage

Enable

option enabled.

NOTE:

When disabled, this feature may cause compatibility issues or loss of

functionality in some operating systems.

SHA-256

Allows you control the usage of SHA-256 by TPM. When enabled, the BIOS and
TPM use the SHA-256 hash algorithm to extend measurements into the TPM
PCRs during BIOS boot. When disabled, the BIOS and TPM use the SHA-1 hash
algorithm to extend measurements into the TPM PCRs during BIOS boot.

By default, the

SHA-256

option is enabled.

For additional security, Dell Technologies recommends keeping the

SHA-256

option enabled.

Clear

When enabled, the

Clear

option clears information stored in the TPM after

exiting the system's BIOS. This option returns to disabled state when the system
restarts.

By default, the

Clear

option is disabled.

Dell Technologies recommends enabling the

Clear

option only when TPM data is

required to be cleared.

TPM State

Enables or disables the Trusted Platform Module (TPM). This is the normal
operating state for the Trusted Platform Module (TPM) when you want to use its
complete array of capabilities.

By default, the

TPM State

option is enabled.

Intel Platform Trust Technology (PTT)

Intel PTT is a firmware-based Trusted Platform Module (fTPM) device that is
part of Intel chipsets. It provides credential storage and key management that
can replace the equivalent functionality of a discrete TPM chip.

PTT On

Enables or disables the Intel PTT option.

By default, the

PTT On

option is enabled.

For additional security, Dell Technologies recommends keeping the

PTT On

option enabled.

Physical Presence Interface (PPI) Bypass
for Clear Commands

The PPI Bypass for Clear Commands option allows the operating system to
manage certain aspects of PTT. When enabled, you are not prompted to confirm
changes to the PTT configuration.

By default, the

PPI Bypass for Clear Commands

option is disabled.

BIOS setup

113

See also other documents in the category Dell Computers: