Dell 23.8" OptiPlex 7410 All-in-One Desktop Computer (Gray) User Manual

Table 33. System setup options—Security menu (continued)

Security

For additional security, Dell Technologies recommends keeping the

PPI Bypass

for Clear Commands

option disabled.

Clear

When enabled, the

Clear

option clears the information stored in the PTT fTPM

after exiting the system's BIOS. This option returns to disabled state when the
system restarts.

By default, the

Clear

option is disabled.

Dell Technologies recommends enabling the

Clear

option only when PTT fTPM

data needs to be cleared.

Chassis intrusion

Chassis Intrusion Detection

Allows you to control the chassis intrusion feature. This feature notifies the user
when the base cover has been removed from the computer.

When set to

Enabled

, a notification is displayed on the next boot and the event

is logged in the BIOS Events log.

When set to

On-Silent

, the event is logged in the BIOS Events log, but no

notification is displayed.

When set to

Disabled

, no notification is displayed and no event is logged in the

BIOS Events log.

By default, the

Chassis Intrusion Detection

option is enabled.

For additional security, Dell Technologies recommends keeping the

Chassis

Intrusion Detection

option enabled.

Block Boot Until Cleared

Enables or disables the Block Boot Until Cleared option.

By default, the

Block Boot Until Cleared

option is enabled.

NOTE:

When enabled, the computer does not boot until the chassis intrusion

is cleared. If the administrator password is set, Setup has to be unlocked
before the warning can be cleared.

Legacy Manageability Interface Access

Allows the administrator to control the access to BIOS configuration through the
Legacy Manageability Interface option. When enabled, this prevents the BIOS
Administrator password-based manageability tools from running, prevents some
Dell software applications from reading configuration settings, and/or prevents
changes to the BIOS configuration settings.

When enabled, this option only supports the Authenticated BIOS Manageability
Interface (ABI) for managing the BIOS configuration changes. To support this
feature, ABI must be enabled and provisioned.

When set to

Enabled

, the Legacy Manageability Interface can be used to read

and change BIOS configuration settings.

When set to

Read-Only

, BIOS configuration settings can be read, but cannot be

changed through the Legacy Manageability Interface.

When set to

Disabled

, the Legacy Manageability Interface is disabled. BIOS

configuration reads and writes are blocked.

SMM Security Mitigation

Enables or disables additional UEFI SMM Security Mitigation protections. This
option uses the Windows SMM Security Mitigations Table (WSMT) to confirm to
the operating system that security best practices have been implemented by the
UEFI firmware.

By default, the

SMM Security Mitigation

option is enabled.

For additional security, Dell Technologies recommends keeping the

SMM

Security Mitigation

option enabled unless you have a specific application which

is not compatible.

114

BIOS setup