Section 6 - BIOS/UEFI Flashcards
Explain Basic Input/Output System (BIOS)
Program that a CPU uses to start the computer system, supports solely 32 bit CPUs
What does the BIOS serve as
Serves as a method of configuring the motherboard using a text-based interface
What is Firmware
Software on a chip and contains BIOS program code in a the flash memory of a motherboard
User Extensible Firmware Interface (UEFI) supports what bit cpus and what interface
Supports 64-bit processors and provides a GUI
What is BIOS an example of
Firmware
What is Read-only memory (ROM)
Type of chip embedded in the motherboard and can be upgraded through flashing
What does the CMOS use
internal lithium-ion battery that can last up to 10 years model: CR2032 3V
What is Power-On Self-Test (POST)
Diagnostic testing sequence to check the computer’s basic input/output system
What do variable beeps tell us
what is wrong with the system
What do 2 short beeps and 1 long refer to
Keyboard is not detected
What is the BIOS and what does it allow for
low level OS which allows input and gives output to basic components
How do you configure the settings inside CMOS
Enter the bios config environment
What did BIOS rely on as its system of input
Text based menu system and a keyboard
What are the BIOS’ 3 jobs
Power-on Self-Test, Hardware config, Boot order setup
Where are the BIOS settings stored
in the CMOS battery
UEFI vs BIOS, system bit
BIOS only support 32 bit whereas UEFI goes up to 64
UEFI vs BIOS, storage size
BIOS up to 2.2T, UEFI up to 9.4 Zettabytes
BIOS vs EUFI, storage device partition table
BIOS uses a MBR (master boot record) however UEFI uses GPT(GUID Partition Table) which allows for larger disks
What does the Storage Device Partition Table tell us
how the things are stored on given drive
UEFI vs BIOS, boot up speed
UEFI just boots up faster
UEFI vs BIOS, ROM size
UEFI uses a larger rom size, allows for better diagnostic tools and commands
In corporate environments what is considered best practice for safety in regards to storage
Disabling booting from an optical or USB drive, instead configuring the system to boot from specific installed hard drive that contains the OS
What is an alternative to booting OS
using a PXE
What is PXE (preboot execution environment)
client-server interface that allows computers in a network to be booted from the server
What process is used to update the BIOS/UEFI
Flashing
What are the 3 things flashing is used for?
Performing during upgrades, security fixes, or feature improvements
What are the steps to flashing
Back up configuration and information (saving to separate USB), Use a USB flash drive to flash the firmware, The BIOS or UEFI will copy the firmware to the system and overwrite the old code
What are the BIOS and UEFI used for
The loading and booting up of the OS
What does BIOS use to hold the boot information, what bit
MBR, 32bit
What does UEFI use to hold boot information and what bit
GPT, 64/32bit
What’s a booting advantage of UEFI over BIOS
Provides additional security and integrity checks during boot, including secure boot
What are the Supervisor/Admin/Setup Passwords used for
Protect access to the BIOS or UEFI config program and prevents access from unauthorised users
What are the User/System password used for
Lock access to the computer
What are Storage/Hard Drive passwords used for
Locking access to a hard drive connected to the system and requires the end user’s password
where is secure boot found
enabled in the UEFI & BIOS interface and settings
What is a root kit
A special type of malware
What do we need to disable on USBs
Ability to read and write from mass storage devices + external OS booting
What can we do for security of our PC
Set passwords, Enable secure boot, Restrict or disable USB ports
What is Hardware Root of Trust (Summary)
The foundation of all secure operations of a computing system
Explain Hardware RoT (process)
Cryptographic module embedded in a computer system that endorses trusted execution and attests to boot setting and metrics
What is a Hardware RoT used for
scanning the boot metrics in the OS files to verify signatures and then use them to sign the report
What is the name of the most commonly used RoT
Trusted Platform Module (TPM)
What can TPM be used for
Encryption for our storage devices
How can TPM be managed
via console, tpm.msc
Name another RoT besides TPM
Hardware Security Module (HSM)
What is HSM
Appliance for generating and storing cryptographic keys that is less susceptible to tampering and insider threats
In terms of heat management what can BIOS and UEFI do
have the ability to configure fans
What fan modes are there for BIOS/UEFI
Quiet, balanced, cool mode
Explain Quiet mode
Reduced fans speed and allows higher temps, can be dangerous
Explain balanced mode
Normal settings on most computers by default
Explain cool mode
Able to run the fans harder and faster to create more air flow
What does fanless mode do
telling the motherboard to tuns the fans off, will be used for liquid cooling
What does custom mode do
Outside of the 3 (quiet,balanced,cool) , customisable
What does the motherboard have for temperature
Temperature sensors
