Table of Contents
Advertisement
Table 36. BIOS Setup options—Security menu (continued)
Security
SMM Security Mitigation
Data Wipe on Next Boot
Start Data Wipe
Absolute
UEFI Boot Path Security
Firmware Device Tamper Detection
94
BIOS Setup
When set to On-Silent, the event is logged in the BIOS Events log, but no
notification is displayed.
When set to Disabled, no notification is displayed and no event is logged in the
BIOS Events log.
By default, the Chassis Intrusion Detection option is enabled.
For additional security, Dell Technologies recommends keeping the Chassis
Intrusion Detection option enabled.
Enables or disables additional UEFI SMM Security Mitigation protections. This
option uses the Windows SMM Security Mitigations Table (WSMT) to confirm to
the operating system that security best practices have been implemented by the
UEFI firmware.
By default, the SMM Security Mitigation option is enabled.
For additional security, Dell Technologies recommends keeping the SMM
Security Mitigation option enabled unless you have a specific application which
is not compatible.
NOTE:
This feature may cause compatibility issues or loss of functionality
with some legacy tools and applications.
Data Wipe is a secure wipe operation that deletes information from a storage
device.
CAUTION:
The secure Data Wipe operation deletes information in a
way that it cannot be reconstructed.
Commands such as delete and format in the operating system may remove files
from showing up in the file system. However, they can be reconstructed through
forensic means as they are still represented on the physical media. Data Wipe
prevents this reconstruction and is not recoverable.
When enabled, the data wipe option will prompt to wipe any storage devices that
are connected to the computer on the next boot.
By default, the Start Data Wipe option is disabled.
Absolute Software provides various cyber security solutions, some requiring
software preloaded on Dell computers and integrated into the BIOS. To use these
features, you must enable the Absolute BIOS setting and contact Absolute for
configuration and activation.
By default, the Absolute option is enabled.
For additional security, Dell Technologies recommends keeping the Absolute
option enabled.
NOTE:
When the Absolute features are activated, the Absolute integration
cannot be disabled from the BIOS setup screen.
Enables or disables the computer to prompt the user to enter the Administrator
password (if set) when booting to a UEFI boot path device from the F12 boot
menu.
By default, the Always Except Internal HDD option is enabled.
Allows you to control the firmware device tamper detection feature. This feature
notifies the user when the firmware device is tampered. When enabled, a screen
warning messages are displayed on the computer and a tamper detection event
is logged in the BIOS Events log. The computer fails to reboot until the event is
cleared.
Advertisement
Table of Contents
