3.4 BIOS/UEFI

Question 1

Aside from starting the computer system, what else is the BIOS used for?

Answer 1

Configuring the motherboard using a text-based interface

Question 2

What is firmware?

Answer 2

Software that provides basic machine instructions that allow the hardware to function and communicate with other software running on a device

Question 3

What does the UEFI do that the BIOS doesn’t?

Answer 3

Supports 64-bit processors and provides a GUI

Question 4

Where is the BIOS program code stored?

Answer 4

In the flash memory of the motherboard (the CMOS)

Question 5

List three boot options

Answer 5

• Power-on self test
• Hardware configuration
• Boot order setup

Question 6

What is ROM (Read-only memory)

Answer 6

A chip embedded in the motherboard that can be upgraded through flashing

Question 7

What sort of battery does the new CMOS use and how long can it last for?

Answer 7

An internal lithium-ion battery that can last up to 10 years

Question 8

Why would you use a POST?

Answer 8

To perform a testing sequence to check the computer’s BIOS

Question 9

How does the computer communicate what is wrong with the system during a POST?

Answer 9

Through variable beeps

Question 10

What are some improvements UEFI made to BIOS?

Answer 10

Supports large harddrives and more memory
Graphical, mouse-supporter user interface
Can access network connection to download updates
Faster boot-up system
Supports 64-bit systems
Supports new GUID Partition Table (GPT) format

Question 11

What are some settings you can change in the UEFI?

Answer 11

• Disable booting from an optical or USB drive
• Configure system to boot from installed harddrive using installed OS
• Boot OS using PXE (preboot execution environment) as the primary option

Question 12

When would you perform flashing?

Answer 12

During upgrades, security fixes, or feature improvements

Question 13

List the steps you would take during flashing

Answer 13

• Backup configuration and information
• Use USB flashdrive to flash the firmware
• The BIOS or UEFI will copy the firmware to the system and overwrite the old code

Question 14

Where is the boot information held for computers relying on BIOS and UEFI, respectively?

Answer 14

BIOS - MBR (Master Boot Record)
UEFI - GPT (Globally Unique ID Partition Table)

Question 15

What does a supervisor/admin/setup password do?

Answer 15

Protects the BIOS/UEFI configuration program from access by unauthorised users

Question 16

What does the user/system password restrict access to?

Answer 16

The computer

Question 17

What doees the storage/harddrive password do?

Answer 17

Locks access to a harddrive connected to the system

Question 18

What is secure boot?

Answer 18

A standard ensuring the computer only boots with trusted software; only available for UEFI

Question 19

What is a rootkit?

Answer 19

A special type of malware designed to enable access to a computer or area of its software that is not otherwise allowed

Question 20

List some precautions you might take to protect against rootkits being downloaded onto a computer

Answer 20

Set passwords
Enable secure boot
Restrict/disable USB ports

Question 21

What is the Hardware Root of Trust (RoT)?

Answer 21

A cryptographic module embedded in a computer system that endorses trusted execution and attests to boot settings and metrics

Question 22

What does a hardware RoT do?

Answer 22

Scans boot metrics in OS files to verify signatures and then uses them to sign the report

Question 23

What is TPM (Trusted Platform Module)?
(not counting the chip)

Answer 23

Specification for hardware-based storage of digital certificates, keys, hashed passwords, and other user and platform identification information

Question 24

How can you manage a TPM?

Answer 24

In Windows via tpm.msc console, or through group policy

Question 25

List some features of TPM

Answer 25

• Hardware RoT
• Secure boot-up
• Provides encryption

Question 26

What is a HSM (Hardware Security Module)?

Answer 26

An appliance for generating and storing cryptographic keys that is less susceptible to tampering and inside threats

Question 27

What is the difference between a TPM and HSM?

Answer 27

TPM is a chip on the computer’s motherboard whereas HSM is an external device

Question 28

What would generate excess heat?

Answer 28

Overclocking the processor

Question 29

What physical part of a computer do the BIOS and UEFI have the ability to configure?

Answer 29

Fans - Quiet, balanced or cool mode.

Question 30

When would you use quiet mode, and when would you use cool mode for the fan?

Answer 30

Quiet - To allow higher temperatures to occur
Cool - To create more air flow

Question 31

What is a heatsink?

Answer 31

Any device used to cool system components (notably CPU, GPU and power supply)

Question 32

Give some examples of heatsinks

Answer 32

• Aluminium alloy radiator for chips
• Liquid-based (water, reservoir and pump)
• Passive heat sink

Question 33

Name some ways apart from heatsinks to keep computers cool

Answer 33

• Thermal paste (produces better conduction between components)
• Standard aircon