Device Security comes with Gnome 43. Thats an awesome feature.
It would very helpful if it was a guide helping you secure the system.
Is there any out there?Post them here and let create a guide.
- Level 1
-
Intel Managemenent Engine Version
-
UEFI Platform Key
-
TPM v2.0
You can enable it on your BIOS on Boot settings. -
Firmware BIOS Region
-
Firmware Writ Protection Lock
-
Platform Debugging
-
Intel Management Engine Manufacturing Mode
-
UEFI Secure Boot
-
Firmware Write Protection
-
Intel Management Engine Override
-
TPM Platform Configuration
- Level 2
- Intel BootGuard Fuse
- Intel BootGuard Verified Boot
- Intel BootGuard Protected
- Intel BootGuard
- TPM Reconstruction
- IOMMU Protection
- Platform Debugging
- Level 3
- Suspend To RAM
- Intel BootGuard Error Policy
- Pre-boot DMA Protection
- Intel CET Enabled
- Suspend To Idle
- Encrypted RAM
- Intel SMAP