Hardware/firmware security

We need to protect our computer systems against someone stealing the data by stealing the device, re-installing the operating system, and stealing the data. We need to be able to secure the operating systems and hardware by encrypting them by using products such as Microsoft's Bitlocker. Let's look at some encryption methods:

  • Hardware root of trust: When we use certificates for FDE, they use a hardware root of trust that verifies that the keys match before the secure boot process takes place.
  • Full Disk Encryption (FDE): FDE uses X509 certificates to encrypt the full disk, but needs a TPM chip on the motherboard to store the keys. Sometimes, these can be referred to as Self-Encrypting Devices. When you boot up from ...

Get CompTIA Security+ Certification Guide now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.