VIDEO
HIGHLIGHT
Log InSign up
BIOS Settings - CompTIA A+ 220-1101 - 3.4
SummaryTranscriptChat

BIOS Settings - CompTIA A+ 220-1101 - 3.4

Accessing and Configuring BIOS

Understanding BIOS Access

  • The BIOS loads when you start your computer, requiring a specific key (often Delete or a function key) to access the configuration during startup.
  • Virtualization software like Hyper-V and VMware allows access to BIOS settings without altering the actual computer's BIOS. However, VirtualBox does not provide this option.

Bypassing Fast Startup in Windows

  • Windows 8, 10, and 11 feature fast startup by default, which can prevent accessing the BIOS as it skips the boot process.
  • To bypass fast startup, hold down the Shift key while clicking restart or adjust settings under Update & Security > Recovery > Advanced Startup.

Interrupting Boot Process

  • If unable to access desktop options, interrupting the normal boot process three times will prompt Windows to disable fast startup and allow access to BIOS.

Importance of Backing Up BIOS Settings

  • Making changes in the BIOS can lead to boot failures; thus, backing up current settings is crucial before making modifications.
  • Options include downloading configurations if supported or taking notes/pictures of current settings for reference.

Configuring Boot Options in BIOS

Control Over Hardware Access

  • The BIOS controls various hardware configurations that can be disabled to prevent operating system access.

Setting Boot Order

  • Users can configure boot order in the BIOS, specifying devices such as USB drives or SSDs for system startup.

Example of Boot Sequence Configuration

  • A Lenovo UEFI BIOS example shows primary boot sequence options starting with SATA drives followed by M.2 and other devices.

Security Considerations with USB Interfaces

Disabling USB Connections for Security

  • Disabling USB connections in secure environments prevents unauthorized data transfer via external storage devices.

Historical Context: Department of Defense Incident

Understanding BIOS Configuration and Security

Disabling USB Interfaces

  • The Department of Defense banned USB-connected storage devices due to security concerns, leading IT teams to disable all USB interfaces on their computers.
  • Users can modify USB access in the BIOS, allowing complete disabling or selective enabling of specific USB interfaces.

Fan Control and System Cooling

  • Computers generate heat, necessitating fans for cooling; many systems have dedicated fans for components like the CPU.
  • Integrated fan controllers in motherboards adjust airflow based on internal temperatures, enhancing system cooling efficiency.

Secure Boot and Malware Protection

  • Protecting the BIOS from malware is crucial; secure boot is a feature of UEFI that uses digital signatures to verify the integrity of the boot process.
  • If unauthorized changes are detected during startup, secure boot can halt the boot process to limit malware impact.

Digital Signatures and Operating Systems

  • For secure boot functionality, operating systems must have a valid digital signature checked at startup; this requires public keys stored in the BIOS.
  • The BIOS includes fail-safes to prevent unauthorized modifications to critical information related to secure boot.

Password Protection in BIOS

  • User passwords can restrict access to starting the computer; without correct credentials, unauthorized users cannot initiate the operating system.
  • A supervisor password can be set within the BIOS to prevent changes to settings, ensuring only authorized personnel can make adjustments.

Resetting BIOS Configuration

  • Forgotten passwords require resetting the BIOS configuration through methods such as using jumpers on the motherboard.

Motherboard Components and Their Functions

The Role of the Motherboard Battery

  • The motherboard contains a CR 2032 battery, a 3-volt lithium-ion battery that maintains date and time settings when the system is powered off.
  • If this battery fails, the system's date and time will reset to default upon startup. Older systems used this battery for BIOS configuration resets, but modern systems only use it for timekeeping.
  • The battery is easily accessible and replaceable if discharged.

Trusted Platform Module (TPM)

  • Modern motherboards may include a Trusted Platform Module (TPM), which provides cryptographic functions essential for full-disk encryption.
  • TPM has persistent memory allowing certain keys to be securely stored, enabling verification of existing keys or digital signatures sent to third parties.
  • The TPM is designed with security features to prevent unauthorized access, including brute force attacks.

Hardware Security Modules (HSM)

  • Organizations often utilize Hardware Security Modules (HSM) for managing multiple cryptographic keys securely; these can be standalone devices or adapter cards installed in servers.
  • HSM serves as a secure key backup solution across various servers within an organization, ensuring no direct access to sensitive keys.
Playlists: CompTIA 220-1101 A+ Training Course
Video description

A+ Training Course Index: https://professormesser.link/1101videos Professor Messer’s Course Notes: https://professormesser.link/1101notes - - - - - The BIOS configuration contains extensive customization features for your computer. In this video, you’ll learn about starting the BIOS, configuring boot options, disabling USB interfaces, managing fans, and enabling security options in the BIOS. - - - - - Subscribe to get the latest videos: https://professormesser.link/yt Calendar of live events: https://www.professormesser.com/calendar/ FOLLOW PROFESSOR MESSER: Professor Messer official website: https://www.professormesser.com/ Twitter: https://www.professormesser.com/twitter Facebook: https://www.professormesser.com/facebook Instagram: https://www.professormesser.com/instagram LinkedIn: https://www.professormesser.com/linkedin