Lenovo ThinkSystem SD530 Manual page 43

Secure Boot Setting
Secure Boot Policy
View Secure Boot Keys
Secure Boot Custom Policy
Enable/Disable secure boot. This setting is modifiable
• Enable
when "Physical Presence" is asserted and cannot be
• Disable
loaded to default in Setup Utility. User Mode is the
default setting.
Notes:
• When you attempt to enable secure boot while CSM is
• Legacy BIOS will be disabled when secure boot is
• When you fail to change secure boot settings, verify
This setting is modifiable when "Physical Presence" is
• Factory Policy
asserted and cannot be loaded to default in Setup Utility.
• Custom Policy
[Factory Policy]: Factory default keys will be used after
• Delete All Keys
reboot. Factory Policy is the default setting.
• Delete PK
[Custom Policy]: Customized keys will be used after
• Reset All Keys to
reboot.
Default
[Delete All Keys]: PK, KEK, DB and DBX will be deleted
after reboot.
[Delete PK]: PK will be deleted after reboot.
"Secure Boot Mode" is [Setup Mode] and "Secure Boot
Policy" is [Custom Policy] after PK is deleted.
[Reset All Keys to Default]: All the keys will be set to
factory defaults and "Secure Boot Policy" is [Factory
Policy] after reboot.
N/A View the details of PK(Platform Key) , KEK (Key Exchange
Key) , DB (Authorized Signature Database) and DBX
(Forbidden Signature Database).
N/A Customize PK (Platform Key), KEK (Key Exchange Key),
DB (Authorized Signature Database) and DBX (Forbidden
Signature Database).
User could enter this page when "Secure Boot Policy" is
[Custom Policy].
enabled, there is a prompt to tell you.
enabled.
physical presence and retry.
.
Chapter 3 System configuration and boot management
39