User's Manual

5-36
Chapter 5: BIOS setup
Internal FV [Always Execute]
Conguration options: [Always Execute]
Option ROM/Removable Media/Fixed Media [Deny Execute]
Conguration options: [Always Execute] [Always Deny] [Allow Execute] [Defer Execute]
[Deny Execute] [Query User]
Key Management
This item only appears when you set the Secure Boot Mode to [Custom]. This allows you to
modify Secure Boot variables and set Key Management page.
Aptio Setup Utility - Copyright (C) 2013 American Megatrends, Inc.
Main Advanced Event Logs Boot Monitor Security Tool Exit
Security
Image Execution Policy
per device path on
Security Violation.
Interval FV [Always Execute]
Option ROM [Deny Execute]
Removable Media [Deny Execute]
Fixed Media [Deny Execute]
Image Execution Policy
This item only appears when you set the Secure Boot Mode to [Custom]. This
allows you to manage the Image Policy on Security Violation.
Install Factory default
Secure Boot Keys when
System is in Setup Mode
Aptio Setup Utility - Copyright (C) 2013 American Megatrends, Inc.
Main Advanced Event Logs Boot Monitor Security Tool Exit
Security
Factory Default Key Provisioning [Disabled]
Install All Factory Default Keys
Platform Key (PK) NOT INSTALLED
Set new PK
Delete PK
Key Exchange Key Database (KEK) NOT INSTALLED
Set new KEK
Delete KEK
Append Var to KEK
Authorized Signature Database (DB) NOT INSTALLED
Set new DB
Delete DB
Append Var to DB
Forbidden Signature Database (DBX) NOT INSTALLED
Set new DBX
Delete DBX
Append Var to DBX
Factory Default Key Provisioning [Disabled]
Conguration options: [Disabled] [Enabled]
Install All Factory Default Keys
This item will ask you if you want to Install Factory Default secure variables. Select Yes if you
want to load the default secure variables, otherwise select No.
Platform Key (PK)/Key Exchange Key Database (KEK)/Authorized Signature Database
(DB)/ Forbidden Signature Database (DBX)
Conguration options: [Set New] [Delete] [Append]