Configure BIOS/UEFI Flashcards
3.4 Given a scenario, install and configure motherboards, central processing units (CPUs), and add-on cards.
specialized program code stored in flash memory; very closely tied to the basic functions of a specific
hardware device type and model; provides low-level code to allow PC components installed on a particular motherboard to be initialized so that they can load the main operating system software
Firmware
Legacy firmware; only supports 32-bit operation and limited functionality.
Basic Input/Output System (BIOS)
Newer motherboards may use a this kind of firmware; provides support for 64-bit CPU operation at boot, a full GUI and mouse operation at boot, networking
functionality at boot, and better boot security; may also support booting in a legacy mode
Unified Extensible Firmware Interface (UEFI)
system setup program is accessed via a keystroke during the power-on (boot) process, typically when the PC vendor’s logo is displayed. The key combination used will vary from system to system. What are typical examples?
Esc, Del, F1, F2, F10, or F12
This defines the order in which the system firmware searches devices for a boot manager
boot options sequence or boot device priority
Feature of system setup that prevents the computer from booting until the correct user password is supplied. A supervisor password restricts access to the system setup program.
boot password
Specification for secure hardware-based storage of encryption keys,
hashed passwords, and other user- and platform-identification information.
trusted platform module (TPM)
An appliance for generating and storing cryptographic keys. This sort of solution may be less susceptible to tampering and insider threats than software based storage.
hardware security module (HSM)
What widely supported boot method is missing from the following list? HDD, Optical, USB.
Network/PXE (Pre-eXecution Environment)—obtaining boot information from a specially configured server over the network.
When you are configuring firmware-enforced security, what is the difference between a supervisor password and a user password?
The user password allows the boot sequence to continue, while a supervisor password controls access to the firmware setup program.
True or false? A TPM provides secure removable storage so that encryption keys can be used
with different computers.
False. A trusted platform module (TPM) provides secure storage for a single computer as it is an embedded function of the CPU or motherboard chipset. The term hardware security module (HSM) is sometimes used to describe a secure USB thumb drive for storing encryption keys on portable media.
