Option
Computrace
TPM Security
UEFI Capsule Firmware Updates
CPU XD Support
OROM Keyboard Access
Table 6. Boot
Option
Boot List Option
Secure Boot
Load Legacy Option ROM
Expert Key Management
Intel Software Guard Extensions
32
System Setup Options
Description
Allows you to activate or disable the optional Computrace software The options are:
•
Deactivate (Default Setting)
•
Activate
NOTE:
The Activate and Disable options will permanently activate or disable the
feature and no further changes will be allowed.
This option lets you control whether the Trusted Platform Module (TPM) in the system is
enabled and visible to the operating system. When disabled the BIOS will not turn On the TPM
During POST. The TPM will be non-functional and invisible to the operating system. When
enabled, the BIOS will turn On the TPM during POST so that it can be used by the operating
system. This option is Enable by default.
NOTE:
Disabling this option does not change any settings you may have made to the
TPM, nor does it delete or change any information or keys you may have stored
there. It simply turns Off the TPM so that it cannot be used. When you re-enable
this option, the TPM will function exactly as it did before it was disabled.
NOTE:
Changes to this option take effect immediately.
This option controls whether this system allows BIOS updates via UEFI capsule update
packages. Enabled (Default Setting)
This option enables or disables the Execute Disable mode for the processor. Enabled (Default
Setting)
This option determines whether users are able to enter Option ROM configuration screens via
hotkeys during boot.
Description
Default Setting: Legacy
This option enables or disables the Secure Boot
feature.
•
Disabled (Default Setting) - Windows 7 (Intel
Core Xeon E3–1505M v5 and Intel Core i7–
6820HQ processors)
•
Enabled - Windows 8.1 and Windows 10 (Intel
Core Xeon E3–1505M; Intel Core i7–7820HQ;
Intel Core i7–7700HQ; Intel Core i5–7440HQ; and
Intel Core i5–7300HQ processors)
This option enables or disables the Load Legacy
Option ROM feature.
•
Enabled (Default Setting) - Windows 7
•
Disabled - Windows 8.1 and Windows 10
Expert Key Management allows the PK, KEK, db, and
dbx security key databases to be manipulated.
Disabled (Default Setting)
Intel SGX Enabled: Enables Intel Software Guard
Extensions (SGX) to provide a secured environment
for running code/storing sensitive information in the
context of the main OS. Software Controlled
(Default Setting)