Employee workstations are configured to only boot from the internal disk. You are tasked with verifying that this security configuration cannot be changed. What option will help ensure the default boot device cannot be changed?
Setting up a BIOS/UEFI password is the only option that would mitigate the threat from a user booting from another device (though it can often be reset by removing the CMOS battery). Data encryption, disabling admin accounts and only allowing trusted sources are all operating system level configurations and would not apply prior to booting to an OS.
The BIOS (/ˈbaɪ.ɒs/, an acronym for Basic Input/Output System and also known as the System BIOS, ROM BIOS or PC BIOS) is a type of firmware used to perform hardware initialization during the booting process (power-on startup) on IBM PC compatible computers, and to provide runtime services for operating systems and programs. The BIOS firmware is built into personal computers (PCs), and it is the first software they run when powered on. The name itself …