Service Manual
Security
Intel SGX Enables or disables the Intel Software Guard Extensions (SGX) to provide a secured
environment for running code/storing sensitive information.
Default: Software Control
SMM Security Mitigation Enables or disables additional UEFI SMM Security Mitigation protections.
Default: OFF.
NOTE: This feature may cause compatibility issues or loss of
functionality with some legacy tools and applications.
Enable Strong Passwords Enables or disables strong passwords.
Default: OFF.
Password Configuration Control the minimum and maximum number of characters that are allowed for Admin
and System passwords.
Admin Password Sets, Changes, or deletes the administrator (admin) password (sometimes called the
"setup" password).
System Password Sets, Changes, or deletes the system password.
Enable Master Password Lockout Enables or disables the master password support.
Default: OFF.
Table 7. System setup options—Secure Boot menu
Secure Boot
Enable Secure Boot Enables or disables the computer to boos using only validated boot software.
Default: OFF.
NOTE: For Secure Boot to be enabled, the computer needs to be in UEFI
boot mode and the Enable Legacy Option ROMs option needs to be
turned off.
Secure Boot Mode Selects the Secure Boot operation mode.
Default: Deployed Mode.
NOTE: Deployed Mode should be selected for normal operation of Secure
Boot.
Table 8. System setup options—Expert Key Management menu
Expert Key Management
Enable Custom Mode Enables or disables the keys in the PK, KEK, db, and dbx security key databases to be
modified.
Default: OFF.
Custom Mode Key Management Selects the custom values for expert key management.
Default: PK.
Table 9. System setup options—Performance menu
Performance
Intel Hyper-Threading Technology Enables or disables the Intel Hyper-Threading Technology to use processor resources
more efficiently.
Default: ON.
System setup 57