Security+ Objective 1.2 Explain the security risks pertaining to system hardware and peripherals – BIOS

BIOS (Basic Input/Output System) is built onto the motherboard of a system.  It is the first code run when you power on your computer.  It finds all the hardware and typically tells your computer to boot to the operating system on your hard drive.  If a bad guy wants to bypass the security features of your operating system, they just need to alter the boot order and tell BIOS to boot to their CD or USB drive first.  They can have an operating system of their own with all their hacker tools, where they are the administrator of the system with full rights to everything.

The main way to prevent someone from changing the boot order is to password protect the BIOS.  If the bad guy doesn’t know your BIOS password, they can’t get in there to make alterations.  For the test, just remember “BIOS Password” and you should be able to answer those questions.

Real World Note: on most computers the BIOS password can be cleared or bypassed fairly easily, so physically securing your system is really the best way to keep the bad guys from altering the BIOS.

Go back to the Exam Objectives list

Be Sociable, Share!


There are no comments yet...Kick things off by filling out the form below.

Leave a Comment