HP PC Commercial BIOS (UEFI) Setup

ManualsBrandsHP ManualsDesktopsHP EliteBook 830 G6 Notebook PC

July 2020

919946-004

7 Security Menu (2019 and older) 66

7.4 BIOS Sure Start Menu

Settings menu for enhanced hardware-based assurance that only HP approved Embedded Controller firmware will run on

the HP Embedded Controller and that only HP approved BIOS will run on the host CPU.

Table 40 BIOS Sure Start Menu features

Feature

Type

Description

Default

Notes

 Verify Boot Block

on Every Boot

Setting

When not checked, HP Sure Start verifies the integrity of

HP firmware in the nonvolatile (flash) memory before

resume from Sleep, Hibernate, or Off.

When checked, HP Sure Start verifies the integrity of HP

firmware in the nonvolatile (flash) memory across

operating system restart (warm reset) in addition to

resume from Sleep, Hibernate Off. This setting provides

higher security assurance but could increase the time

required to restart operating system.

Unchecked

Reboot

Required

BIOS Data Recovery

Policy

Setting

The following settings are possible for HP Sure Start–

Recovery Policy:

• Automatic

• Manual

Automatic: HP Sure Start automatically repairs any HP

firmware integrity issues in the nonvolatile (flash)

memory.

Manual: HP Sure Start will not repair any HP firmware

integrity issues in the nonvolatile (flash) memory until

the Windows +Up Arrow+ Down Arrow keys are pressed.

NOTE: Manual recovery is intended for use by the

system administrator in the event forensic investigation

is desired before HP Sure Start repairs the issue. It is not

recommended for the typical user.

Automatic

Reboot

Required

Network Controller

Configuration

Restore

Action

Network Controller Configuration Restore

This action restores the network controller parameters

to the factory state saved in the HP Sure Start Private

nonvolatile (flash) memory.

NOTE: This process can take up to 30 seconds. You need

to restore this only when the Network Controller

Configuration mismatch warning is set.

Reboot

Required

 Prompt on

Network Controller

Configuration

Change

Setting

When enabled, HP Sure Start will monitor the network

controller configuration and prompt the local user if any

changes are detected compared to the factory

configuration. The local user has the option to ignore the

prompt or restore the network controller to the factory

configuration when prompted.

Checked

Intel Only

Reboot

Physical

Presence

Required

 Dynamic Runtime

Scanning of Boot

Block

Setting

When checked, allows HP Sure Start verifies the integrity

of the HP firmware in the nonvolatile (flash) memory

every 15 minutes while the system is on and the

operating system is running.

Checked

 Sure Start BIOS

Settings Protection

Setting

Protects critical BIOS Settings by saving a backup copy

and restoring them if altered.

Unchecked

Not accessible

with no Admin

password set