White Papers
Table Of Contents
- Dell Trusted Device Installation and Administrator Guide v3.2
- Contents
- Introduction
- Requirements
- Download the Software
- Verify the Installation Package
- Installation
- Uninstall Trusted Device
- BIOS Verification
- Image Capture
- BIOS Events & Indicators of Attack
- Security Risk Protection Score
- Integration
- Run the BIOS Verification Agent
- Results, Troubleshooting, and Remediation
DWORD=0 - Image was not present on last run.
● Image store path in which the last image was copied. This value will not exist if no images are captured.
"LastImagePath"=string
● Timestamp of the last copied image.
"LastCopyTimeStamp"=string
● This private key verifies the images in the store.
"PrivateKeyBlob"=string
NOTE: End users should not modify this entry as it will prevent the product from functioning properly.
● A public key used to verify the images in the store.
"PublicKeyBlob"=string
NOTE: End users should not modify this entry as it will prevent the product from functioning properly.
BIOS Attributes Polling Interval
● This entry configures the time period in seconds between BIOS attribute sweeps.
HKLM\SOFTWARE\Dell\TrustedDevice\
DWORD=SecondsBetweenAttributeSweeps
Minimum value in seconds = 3600 (1 hour)
Maximum value = 172800 (48 hours)
Default = every 12 hours
Value (in decimal) = 3600 - sweeps occur every hour
Value (in decimal) = 172800 - sweeps occur every 48 hours
● This entry changes the delay in milliseconds between each individual BIOS attribute retrieval.
HKLM\SOFTWARE\Dell\TrustedDevice\
DWORD=MSBetweenAttributeReads
Minimum value in milliseconds = 500
Maximum value in milliseconds = 2000
Default = every 500 milliseconds
Value (in decimal) = 500 - reads a different BIOS attribute every 500 milliseconds
Value (in decimal) = 2000 - reads a different BIOS attribute every 2000 milliseconds
Security Risk Protection Score
● This entry disables Security Risk Protection Score.
HKLM\SOFTWARE\Dell\TrustedDevice\
DWORD=SecurityScore
Default = 1 (enabled)
Value = 1 - enabled
Value = 0 - disabled
NOTE:
If Security Risk Protection Score is disabled in the Registry, component assessments are not run and no score is
generated.
Troubleshooting
If BIOS results are unavailable, browser-based results do not display. See the following table for error codes.
Results, Troubleshooting, and Remediation
31