diff --git a/Include/Library/OcConfigurationLib.h b/Include/Library/OcConfigurationLib.h
index d9ee5621..45d78db5 100644
--- a/Include/Library/OcConfigurationLib.h
+++ b/Include/Library/OcConfigurationLib.h
@@ -214,14 +214,17 @@
   _(BOOLEAN                     , DisableWatchDog             ,     , FALSE        , ()) \
   _(UINT32                      , DisplayDelay                ,     , 0            , ()) \
   _(UINT64                      , DisplayLevel                ,     , 0            , ()) \
-  _(BOOLEAN                     , ExposeBootPath              ,     , FALSE        , ()) \
   _(UINT32                      , Target                      ,     , 0            , ())
   OC_DECLARE (OC_MISC_DEBUG)
 
+#define OCS_EXPOSE_BOOT_PATH 1U
+#define OCS_EXPOSE_VERSION   2U
+
 #define OC_MISC_SECURITY_FIELDS(_, __) \
-  _(BOOLEAN                     , RequireVault                ,     , TRUE         , ()) \
-  _(BOOLEAN                     , RequireSignature            ,     , TRUE         , ()) \
-  _(UINT64                      , HaltLevel                   ,     , 0x80000000   , ())
+  _(BOOLEAN                     , ExposeSensitiveData         ,     , OCS_EXPOSE_VERSION, ()) \
+  _(BOOLEAN                     , RequireVault                ,     , TRUE              , ()) \
+  _(BOOLEAN                     , RequireSignature            ,     , TRUE              , ()) \
+  _(UINT64                      , HaltLevel                   ,     , 0x80000000        , ())
   OC_DECLARE (OC_MISC_SECURITY)
 
 #define OC_MISC_CONFIG_FIELDS(_, __) \
diff --git a/Library/OcConfigurationLib/OcConfigurationLib.c b/Library/OcConfigurationLib/OcConfigurationLib.c
index fb778de7..365c311d 100644
--- a/Library/OcConfigurationLib/OcConfigurationLib.c
+++ b/Library/OcConfigurationLib/OcConfigurationLib.c
@@ -255,16 +255,16 @@ mMiscConfigurationDebugSchema[] = {
   OC_SCHEMA_BOOLEAN_IN ("DisableWatchDog",  OC_GLOBAL_CONFIG, Misc.Debug.DisableWatchDog),
   OC_SCHEMA_INTEGER_IN ("DisplayDelay",     OC_GLOBAL_CONFIG, Misc.Debug.DisplayDelay),
   OC_SCHEMA_INTEGER_IN ("DisplayLevel",     OC_GLOBAL_CONFIG, Misc.Debug.DisplayLevel),
-  OC_SCHEMA_BOOLEAN_IN ("ExposeBootPath",   OC_GLOBAL_CONFIG, Misc.Debug.ExposeBootPath),
   OC_SCHEMA_INTEGER_IN ("Target",           OC_GLOBAL_CONFIG, Misc.Debug.Target)
 };
 
 STATIC
 OC_SCHEMA
 mMiscConfigurationSecuritySchema[] = {
-  OC_SCHEMA_INTEGER_IN ("HaltLevel",        OC_GLOBAL_CONFIG, Misc.Security.HaltLevel),
-  OC_SCHEMA_BOOLEAN_IN ("RequireSignature", OC_GLOBAL_CONFIG, Misc.Security.RequireSignature),
-  OC_SCHEMA_BOOLEAN_IN ("RequireVault",     OC_GLOBAL_CONFIG, Misc.Security.RequireVault)
+  OC_SCHEMA_INTEGER_IN ("ExposeSensitiveData",  OC_GLOBAL_CONFIG, Misc.Security.ExposeSensitiveData),
+  OC_SCHEMA_INTEGER_IN ("HaltLevel",            OC_GLOBAL_CONFIG, Misc.Security.HaltLevel),
+  OC_SCHEMA_BOOLEAN_IN ("RequireSignature",     OC_GLOBAL_CONFIG, Misc.Security.RequireSignature),
+  OC_SCHEMA_BOOLEAN_IN ("RequireVault",         OC_GLOBAL_CONFIG, Misc.Security.RequireVault),
 };
 
 STATIC