User's Manual
Table 35. Security (continued)
Option Description
• Clear
• TPM State—This option is enabled by default.
Intel Software Guard
Extensions
Provides a secure environment for running code or storing sensitive information in the context of the
main operating system and sets enclave reserve memory size.
Intel SGX
The options are:
• Disabled
• Enabled
• Software Control—This option is enabled by default.
SMM Security Mitigation
Allows you to enable or disable additional UEFI SMM Security Mitigation protection.
SMM Security Mitigation - By default, this option is enabled.
Data Wipe on Next Boot
Allows BIOS to queue up data wipe cycle for storage devices connected to the motherboard on the next
reboot.
Start Data Wipe - By default, this option is disabled.
NOTE: Secure Wipe operation deletes information in a way that it cannot be
reconstructed.
Absolute This field allows you to Enable, Disable, or Permanently Disable the BIOS module interface of the optional
Absolute Persistence Module service from Absolute® Software.
The options are:
• Enable Absolute—This option is enabled by default.
• Disable Absolute
• Permanently Disable Absolute
UEFI Boot Path Security
Controls whether the system prompts the user to enter the admin password (if set) when booting to a
UEFI boot path device from the F12 boot menu.
The options are:
• Never
• Always
• Always Except Internal HDD—This option is enabled by default.
• Always Except Internal HDD&PXE
Password
Table 36. Security
Option Description
Admin Password
Allows you to set, change, or delete the administrator (admin) password.
The entries to set password are:
• Enter the old password:
• Enter the new password:
Press Enter once you enter the new password and again press Enter to confirm the new password.
NOTE: Deleting the admin password deletes the system password (if set). The admin
password can also be used to delete hard drive password. For this reason, you cannot set
an admin password if a system password or hard drive password is set. Hence, an admin
36 System setup