Boot integrity ensures that the system can be trusted and has not been altered while the operating system loads.
Firmware—software instructions about basic computer functions—is stored on a small memory chip on the motherboard. The basic input/output system (BIOS) is the first program that runs when you turn on the computer.
Unified Extensible Firmware Interface (UEFI), a newer version of BIOS, defines a standard interface between the operating system, firmware, and external devices. A system that uses UEFI is preferred over one that uses BIOS because a UEFI system can run in 64-bit mode.
Secure Boot is a security standard to ensure that a device boots using trusted software. When a computer system boots, the firmware checks the signature of each piece of boot software, including UEFI firmware drivers, UEFI applications, and the operating system. If the signatures are valid, the system boots, and the firmware gives control to the operating system.
Measured Boot provides stronger validation than Secure Boot. Measured Boot measures each component starting with the firmware through to the boot start drivers, and stores the measurements in the TMP chip to create a log. The log can be tested remotely to verify the boot state of the client. Measured Boot can identify untrusted applications trying to load, and it also allows antimalware to load earlier.
Apple System Security Features (39.3.8)
As we know, Windows and Linux distributions include security features that are designed to protect endpoints. Apple provides system hardware and macOS security features that offer robust endpoint protection as well.
Apple security features are listed in Table 39-4.
Table 39-4 Apple Security Features
Physical Protection of Devices (39.3.9)
You have learned a lot about software and hardware threats. But what about the potential physical threats to devices and facilities? The following are some physical security measures you can take to protect equipment.
Computer Equipment
To physically protect computer equipment:
- Use cable locks to secure devices.
- Keep telecommunication rooms locked.
- Use security cages (Faraday cages) around equipment to block electromagnetic fields.
Door Locks
A standard keyed entry lock is the most common type of door lock. They are often easy to force open. A deadbolt lock can be added for extra security. Any lock that requires a key is vulnerable if the keys are lost, stolen, or duplicated.
A cipher lock uses buttons that are pressed in a given sequence to open the door. It can be programmed so that a user’s code may only work during certain days or times. It can also keep a record of when the door opened, and the code used to open it.
Radio Frequency Identification (RFID) Systems
RFID uses radio waves to identify and track objects. RFID tags can be attached to any item that an organization wants to track. The tags contain an integrated circuit that connects to an antenna. RFID tags are small and require very little power, so they do not need a battery to exchange information with a reader. RFID can help automate asset tracking, or wirelessly lock, unlock, or configure electronic devices. Contactless credit cards use RFID technology.
Check Your Understanding—Defending Systems and Devices (39.3.10)
Refer to the online course to complete this activity.