Home » Microsoft » 70-687 » What should you do?
You are configuring a computer that will be used in a kiosk in a public area. You install a new internal hard drive.
You need to protect the computer from starting an unauthorized operating system.
What should you do?
A. Ensure that the computer BIOS supports Unified Extensible Firmware Interface (UEFI) and is enabled.
Install Windows 8.1 Pro 64-bit using UEFI and install it on the internal hard drive.
B. Install Windows 8.1 Pro 64-bit on the internal hard drive.
Enable BitLocker on the internal hard disk.
C. Partition the internal hard drive as MBR disk.
Install Windows 8.1 Enterprise 64-bit.
D. Partition the internal hard drive as GPT disk.
Install Windows 8.1 Pro 64-bit.
Correct Answer: A
Explanation/Reference:
http://technet.microsoft.com/en-us/windows/dn168169.aspx
Windows 8 Boot Security FAQ
What is UEFI?
UEFI (Unified Extensible Firmware Interface) is a specification that defines an interface between a PC’s firmware and an operating system. It replaces or can work in concert with the Basic Input/Output System (BIOS) firmware that PCs have traditionally used. For Windows 8, a key part of this specification is Secure Boot, which protects the PC from malware by allowing only authorized boot loaders to run when the computer starts.
How does Windows 8 prevent attackers from replacing boot components? All systems with the Windows 8 certification use Secure Boot (part of the UEFI specification) to protect hardware-related firmware and the operating-system loader from tampering. Secure Boot can prevent the system from booting if unauthorized changes have been made or possibly even refresh the some boot components, such as the UEFI firmware, to a known good state.
What is Trusted Boot?
Trusted Boot is a Windows 8 feature that secures the entire Windows boot process. It prevents malware from hiding and taking up permanent residence within the PC by ensuring none of the Windows components loaded during boot have been tampered with. Trusted Boot also ensures that antimalware software is loaded before any third-party drivers and applications using its Early Launch Anti-Malware (ELAM) capability. This prevents malware from inserting itself in front of the anti-malware engine so that it can compromise the anti-malware engine’s ability to protect the system. In the event that malware was able to successfully compromise the any of the Windows boot process, Trusted Boot will attempt to automatically remediate the issue.
What editions of Windows 8 will include Trusted Boot?
All editions of Windows 8 include Trusted Boot.