Securing Physical Hardware

A.

BIOS is the firmware that governs the physical initiation and boot up of a piece of hardware.

If it is compromised, an attacker could have access to hosted systems and make configurations changes to expose or disable some security elements on the system.

Physical hardware security is critical in preventing unauthorized access to computer systems. Physical hardware includes components such as the motherboard, central processing unit (CPU), memory, hard drives, and input/output (I/O) devices.

Of the options provided, the BIOS (Basic Input/Output System) is the most important to secure on physical hardware to prevent unauthorized access to systems.

BIOS is firmware that initializes hardware components and starts the operating system when a computer is turned on. It is responsible for performing various low-level hardware initialization tasks, such as checking the system hardware, running a Power-on Self Test (POST), and configuring hardware settings.

The BIOS is often the target of attackers seeking to exploit vulnerabilities and gain unauthorized access to a system. If an attacker gains access to the BIOS, they can modify low-level hardware settings, install malware, or even overwrite the BIOS firmware, making it extremely difficult to detect and remove malicious code.

Securing the BIOS involves setting a strong password to prevent unauthorized access to BIOS settings and ensuring that the BIOS firmware is up-to-date with the latest security patches. Additionally, some systems have a feature called Secure Boot, which verifies the authenticity of the operating system and prevents booting of any unauthorized or compromised software.

SSH (Secure Shell), RDP (Remote Desktop Protocol), and ALOM (Advanced Lights Out Management) are all software protocols used for remote access to computer systems. While they are important to secure, they are not hardware components and do not provide the same level of low-level access as the BIOS. SSH and RDP are used for remote access to Linux and Windows operating systems, respectively, while ALOM is used for remote management of Oracle servers.