The correct answer is B. Secure Boot .
According to CompTIA A+ Core 1 220-1201 objectives under Security:
Secure Boot is a UEFI firmware feature that ensures a computer boots only with software that is trusted and digitally signed by the manufacturer.
This prevents malicious or unauthorized bootloaders and operating systems from loading, protecting the system from rootkits and other boot-time attacks.
Secure Boot does not require disabling USB devices; it simply checks that any bootable device contains a signed operating system.
Why the other options are incorrect:
A. BIOS password: Protects access to BIOS/UEFI settings but does not verify trusted software during boot.
C. USB settings: Can control USB access but cannot enforce boot validation for signed OS or prevent unauthorized boot devices.
D. Single sign-on: Provides authentication convenience for users, unrelated to boot security.
[References:, CompTIA A+ Core 1 (220-1201) Exam Objectives – Security: “Given a scenario, configure security settings including Secure Boot to protect against unauthorized boot and malware attacks.” , Mike Meyers’ CompTIA A+ Certification Guide, 13th Edition, Chapter on Security and UEFI/BIOS Protection., , ]
Submit