Bios/UEFI

Question 1

What is ROM and what is its primary function?

Answer 1

ROM (Read-Only Memory) is a non-volatile memory that stores the BIOS, which is essential for the system to boot. It can be updated through a process called flashing.

Question 2

What is the role of CMOS in a system?

Answer 2

CMOS stores BIOS/UEFI settings such as date, time, and boot order. It provides persistent storage for configuration data that is retained even when the system is powered off.

Question 3

What is the function of the CMOS battery?

Answer 3

The CMOS battery (e.g., CR2032) powers the CMOS chip, allowing it to retain BIOS settings when the system is turned off. The battery typically lasts 3-10 years, depending on the system’s use.

Question 4

What happens when the CMOS battery fails?

Answer 4

A failed CMOS battery results in the loss of BIOS settings, leading to issues like incorrect date and time, and the need to reconfigure BIOS settings every time the system is powered on.

Question 5

What is the Power-On Self-Test (POST) and what does it do?

Answer 5

POST is an initial hardware check that occurs when the computer is powered on. It tests essential components such as the keyboard, RAM, storage devices, and CPU to ensure they are functioning properly.

Question 6

How does the system report errors during POST?

Answer 6

Errors are reported through text messages on the display or beep codes (if there is no display). These codes vary by motherboard and BIOS manufacturer.

Question 7

What do beep codes indicate during POST?

Answer 7

Beep codes indicate hardware issues. For example, two short and one long beep might signal a keyboard issue

Question 8

What is the difference between BIOS and UEFI in terms of system bit support?

Answer 8

BIOS supports only 32-bit, while UEFI supports both 32-bit and 64-bit systems.

Question 9

What are the storage limits of BIOS and UEFI?

Answer 9

BIOS supports drives up to 2.2 TB, while UEFI supports drives up to 9.4 zettabytes.

Question 10

What partition table does BIOS use compared to UEFI?

Answer 10

BIOS uses the Master Boot Record (MBR), while UEFI uses the GUID Partition Table (GPT), which allows for more partitions and larger drives.

Question 11

How does the boot speed of BIOS compare to UEFI?

Answer 11

UEFI boots faster than BIOS due to more efficient hardware initialization.

Question 12

How do the ROM sizes of BIOS and UEFI differ?

Answer 12

UEFI typically has a larger ROM, supporting additional features and diagnostic tools compared to BIOS.

Question 13

What is the flashing process for updating BIOS/UEFI?

Answer 13

Flashing involves downloading the firmware update from the manufacturer, storing it on a USB drive, and following specific instructions (e.g., pressing keys during startup) to apply the update.

Question 14

What precautions should be taken when flashing BIOS/UEFI?

Answer 14

Always back up settings before flashing and follow the manufacturer’s instructions precisely to avoid firmware corruption.

Question 15

How does boot order management enhance system security?

Answer 15

By configuring the boot order to exclude optical or USB drives, you prevent unauthorized access through external operating systems, such as booting from Linux via USB.

Question 16

How do corporate environments use boot order restrictions for security?

Answer 16

Corporate environments often lock BIOS/UEFI settings and enforce boot order restrictions to prevent unauthorized booting from external devices.

Question 17

What is PXE (Pre-Execution Environment) and how is it used?

Answer 17

PXE allows systems to boot from a network server, commonly used in corporate environments for centralized OS loading, such as with thin clients.

Question 18

What is the role of a Supervisor/Admin password in BIOS/UEFI?

Answer 18

It restricts access to BIOS/UEFI settings, preventing unauthorized configuration changes, commonly used in corporate environments.

Question 19

What does the User/System password do in BIOS/UEFI?

Answer 19

It locks the system at startup, requiring a password to proceed with the boot process, commonly used on personal computers.

Question 20

How does a Storage/Hard Drive password protect a system?

Answer 20

It prevents unauthorized access to or booting from a specific drive, though it is less common due to modern security modules.

Question 21

What is the Hardware Root of Trust (RoT)?

Answer 21

The Root of Trust is the foundation for secure operations in a computing system, performing cryptographic functions to support secure boot. It is embedded in hardware and typically uses unique keys for digital signatures to verify system integrity.

Question 22

What is the role and function of the Trusted Platform Module (TPM)?

Answer 22

TPM is a hardware-based Root of Trust used to securely store digital certificates, encryption keys, and password hashes. It provides boot verification, supports full-disk encryption (e.g., BitLocker), stores and generates keys, and enables encryption/decryption. Key components include Platform Configuration Registers (PCRs) for integrity checks and Attestation Identity Keys (AIKs) for verifying system integrity.

Question 23

What is a Hardware Security Module (HSM) and how is it used?

Answer 23

An HSM is a physical device that provides high-security storage for cryptographic keys to protect them from tampering and insider threats. It ensures automated key management, high security for cryptographic operations, and protects keys from unauthorized access. Forms include internal cards, rack-mounted units, and portable USB devices. HSMs are used in environments where TPMs are insufficient, or for systems requiring strict cryptographic isolation.