Reference Guide
--SecureBoot
Table 369. --SecureBoot
Attribute Details Description
Valid Argument Enabled
Enables secure boot authentication. If enabled, BIOS should only perform Secure Boot authentication
and boot in UEFI mode without loading Compatibility Support Module (CSM). BIOS refers to this
setting to decide on the POST behavior.
NOTE: You cannot disable secure boot using the Dell Command | Configure user
interface. One of the methods of disabling secureboot is from the BIOS setup screen.
Table 370. Secure Boot with UEFI mode and Legacy Option ROM
Secureboot
UEFI mode — enable
legacyOrom — enable
UEFI mode — enable
legacyOrom — disable
UEFI mode — disable
legacyOrom — enable
When secureboot is enabled NOT Allowed Allowed NOT Allowed
When secureboot is disabled NOT Allowed Allowed NOT Allowed
--SecureBootMode
Table 371. --SecureBootMode
Attribute Details Description
Valid Argument DeployedMode, AuditMode
Allows the modification of secure boot operational mode.
Deployed mode is the normal mode of operation for measuring the UEFI executable images.
Audit Mode enables the evaluation of changes to the Secure Boot key database.
NOTE: Attempting the transition to Audit Mode by writing '1' to the DA Token may fail if
the system is not in OSMM.
--SoftGuardEn
Table 372. --SoftGuardEn
Attribute Details Description
Valid Argument Enabled, Disabled, SoftControlled
Configures Secure Guard Extensions (SGX) feature. You can select Enabled or SoftControlled if this
option is disabled.
--SedBlockSidAuthentication
Table 373. --SedBlockSidAuthentication
Attribute Details Description
Valid Argument Enabled, Disabled
When there is no drive ownership and the blocksid is enabled, the BIOS sends the
SedBlockSidAuthentication authentication command to SED drives. When disabled, the BIOS does not
send the Block SID command.
102 Options for Dell Command | Configure 4.3