When delivering a flash storage project, Huawei engineers introduced the trusted and secure boot technology of flash storage hardware to the customer. Which of the following statements are true about this technology?
A.
This technology uses digital signatures to verify firmware integrity and prevent firmware and operating systems from being tampered with.
B.
After a device is powered on, the initial startup module starts, and verification is performed level by level. If the verification is successful, the device starts.
C.
During secure boot, the RSA engine verifies the status of the software signature certificate and then verifies the Grub signature public key.
D.
In the overall startup process, Grub needs to be verified and loaded first. After the loading is complete, the Grub signature public key is verified.
A is correct. Huawei’s secure boot description states that secure boot uses public/private key pairs and digital signatures to sign and verify boot modules, ensuring integrity and preventing unauthorized tampering of system software during startup.
B is correct. Huawei describes secure boot as a chain-of-trust startup process in which the previous module verifies the next module level by level . Only after verification succeeds does the next module run and the device continue booting.
C is incorrect. Huawei training material for storage secure boot shows the sequence as: (1) verify the Grub signature public key, (2) verify and load Grub, (3) verify software signature certificate status, (4) verify and load the OS . Therefore, this option gives the wrong order.
Contribute your Thoughts:
Chosen Answer:
This is a voting comment (?). You can switch to a simple comment. It is better to Upvote an existing comment if you don't have anything to add.
Submit