Menu Item DescriptionIntel TXT Allows you to enable or disable Intel Trusted Execution Technology(TXT). To enable Intel TXT, Virtualization Technology must be enabledand TPM Security must be Enabled with Pre-boot measurements. Bydefault, the Intel TXT option is set to Off.Power Button Allows you to enable or disable the power button on the front of thesystem. By default, the Power Button option is set to Enabled.AC Power Recovery Allows you to set how the system reacts after AC power is restored to thesystem. By default, the AC Power Recovery option is set to Last.UEFI Variable Access Provides varying degrees of securing UEFI variables. When set toStandard (the default) UEFI variables are accessible in the OperatingSystem per the UEFI specification. When set to Controlled, selected UEFIvariables are protected in the environment and new UEFI boot entries areforced to be at the end of the current boot order.Secure Boot Allows you to enable Secure Boot, where the BIOS authenticates eachpre-boot image using the certificates in the Secure Boot Policy. SecureBoot is disabled by default.Secure Boot Policy When Secure Boot policy is Standard, the BIOS uses the systemmanufacturer’s key and certificates to authenticate pre-boot images.When Secure Boot policy is Custom, the BIOS uses the user-defined keyand certificates. Secure Boot policy is Standard by default.Secure Boot PolicySummaryAllows you to view the list of certificates and hashes that secure bootuses to authenticated images.Secure Boot Custom Policy Settings screenSecure Boot Custom Policy Settings is displayed only when Secure Boot Policy is set to Custom.In the System Setup Main Menu, click System BIOS → System Security → Secure Boot Custom PolicySettings.Menu Item DescriptionPlatform Key Allows you to import, export, delete, or restore the platform key (PK).Key Exchange Key Database Allows you to import, export, delete, or restore entries in the KeyExchange Key (KEK) DatabaseAuthorized SignatureDatabaseAllows you to import, export, delete, or restore entries in the AuthorizedSignature Database (db).Forbidden SignatureDatabaseAllows you to import, export, delete, or restore entries in the ForbiddenSignature Database (dbx).Miscellaneous Settings screenYou can use the Miscellaneous Settings screen to perform specific functions such as updating the assettag, and changing the system date and time.You can view the Miscellaneous Settings screen by clicking System Setup Main Menu → System BIOS →Miscellaneous Settings.29