BIOS (Basic Input/Output System) is firmware stored on a small chip on the motherboard. It is the first software that runs when a computer is powered on. BIOS performs the POST (Power-On Self-Test), initialises hardware components, and then hands off to the bootloader to load the operating system. Traditional BIOS uses a 16-bit processor mode, has a text-based interface, and supports only MBR-partitioned drives up to 2 TB.

What is UEFI and how is it different from BIOS?

UEFI (Unified Extensible Firmware Interface) is the modern replacement for BIOS. UEFI supports drives larger than 2 TB (using GPT partitioning instead of MBR), has a graphical mouse-enabled interface, boots faster, supports Secure Boot (which prevents unsigned bootloaders from running), and uses 32-bit or 64-bit processor mode. All modern computers ship with UEFI rather than traditional BIOS.

Secure Boot is a UEFI feature that prevents the computer from booting unsigned or unrecognised bootloaders and operating systems. When enabled, the firmware checks the digital signature of every boot component against a database of trusted keys. If the signature doesn't match, the system refuses to boot that component. This prevents bootkits and rootkits from loading before the OS. Secure Boot is required for Windows 11.

What does POST stand for and what does it do?

POST stands for Power-On Self-Test. It is the diagnostic process the BIOS/UEFI runs every time the computer starts. POST checks that essential hardware components — CPU, RAM, storage, and keyboard — are present and functional. If POST succeeds, the system beeps once and proceeds to boot. If POST fails, the system issues a series of beep codes or displays an error on screen to identify the failing component.

BIOS vs UEFI Explained — POST, Boot Order & Secure Boot

⚡ Quick Answer

BIOS (Basic Input/Output System) is the legacy firmware that initialises hardware and boots the OS. UEFI (Unified Extensible Firmware Interface) is its modern replacement — it supports drives over 2 TB, has a graphical interface, boots faster, and adds Secure Boot to prevent unauthorised bootloaders. Every time a PC starts, POST (Power-On Self-Test) runs first to verify hardware is functional. You access BIOS/UEFI settings by pressing a key (Del, F2, F10) during POST. Windows 11 requires UEFI with Secure Boot and TPM 2.0.

BIOS vs UEFI — Key Differences

Property	Legacy BIOS	UEFI
Full name	Basic Input/Output System	Unified Extensible Firmware Interface
Age / status	1970s–2000s; now legacy	Current standard on all modern PCs
Processor mode	16-bit real mode	32-bit or 64-bit protected mode
Interface	Text-only, keyboard navigation	Graphical, mouse support available
Partition table	MBR (Master Boot Record)	GPT (GUID Partition Table) — also supports MBR
Max drive size	2 TB (MBR limit)	9.4 ZB (GPT limit — effectively unlimited)
Max primary partitions	4 (MBR)	128 (GPT)
Secure Boot	Not supported	Supported (required for Windows 11)
Boot speed	Slower initialisation	Faster — can use fast boot to skip POST
Network boot	PXE boot support	HTTP boot + PXE boot
Storage location	ROM / Flash chip on motherboard	Flash chip on motherboard (NVRAM)

Why UEFI replaced BIOS

The 2 TB hard drive limit was the primary driver. MBR (Master Boot Record) uses 32-bit sector addressing, which caps out at 2 TB. When consumer hard drives exceeded 2 TB, a new standard was needed. GPT (GUID Partition Table), used by UEFI, uses 64-bit addressing and supports drives up to 9.4 ZB. UEFI also added Secure Boot and faster initialisation as significant improvements over BIOS.

POST — Power-On Self-Test

Every time a computer is powered on, the BIOS/UEFI runs POST before anything else. POST is a diagnostic sequence that checks that essential hardware is present and functioning. If POST passes, the system beeps once (on systems with a speaker) and proceeds to load the bootloader. If POST fails, the system halts and signals the error via beep codes or on-screen error messages.

CPU check

The CPU is verified first — if the CPU is faulty, no further testing is possible. A CPU failure usually means the system doesn't start at all (no power light, no beeps, no display).

RAM check

RAM modules are tested. A continuous beep or 3 short beeps (depending on the BIOS manufacturer) typically indicates a RAM failure. Reseating or replacing RAM sticks is the first troubleshooting step.

Video card / display check

The video system is initialised. Without a working display, beep codes are the primary diagnostic output. 1 long + 2 short beeps (AMI BIOS) typically indicates a video card error.

Storage and peripheral check

Keyboards, storage drives, and other connected hardware are inventoried. A missing keyboard on older systems generates a POST error. Storage drives are detected and listed.

Handoff to bootloader

POST passes → BIOS/UEFI checks the configured boot order and hands execution to the first bootable device found (USB, hard drive, optical drive, network PXE). The bootloader loads the OS kernel.

🎯 A+ Exam — POST Beep Codes

The exact beep code meanings vary by BIOS manufacturer (AMI, Award, Phoenix), but the A+ exam tests the general concept rather than memorising specific codes. 1 short beep = POST passed successfully. Multiple beeps or continuous beeping = hardware failure. The number and pattern of beeps identify which component failed. If there is no beep at all and nothing displays, suspect the CPU, RAM, or power supply.

Boot Order (Boot Priority)

The boot order (also called boot priority or boot sequence) tells the BIOS/UEFI which devices to check for a bootable OS, and in what order. When POST completes, the firmware tries each device in the configured sequence and loads the OS from the first bootable one it finds.

Common boot order entries include: USB flash drive, DVD/optical drive, hard drive (HDD or SSD), network PXE boot, and SD card. A typical default boot order puts the hard drive first, so the installed OS loads normally. When you need to boot from a USB installer or recovery drive, you temporarily change the boot order to put USB first — or use a one-time boot menu (usually F11 or F12 at startup) to select the device without permanently changing the order.

Common BIOS/UEFI entry keys

The key to press during POST to enter BIOS/UEFI settings varies by manufacturer — but the A+ exam may test this. Common keys: Del or F2 (most common — Dell, ASUS, Lenovo), F10 (HP), F1 (IBM/Lenovo ThinkPad), Esc (some HP systems). The key is usually displayed briefly on screen during POST. On systems with fast boot enabled, you may need to hold the key or access UEFI settings from within Windows (Settings → Recovery → Advanced startup → UEFI Firmware Settings).

Secure Boot

Secure Boot is a UEFI security feature that prevents the computer from loading unauthorised bootloaders and early-startup drivers. When Secure Boot is enabled, the UEFI firmware checks the digital signature of each boot component — bootloader, kernel modules, UEFI drivers — against a database of trusted signatures (the db database) and a blocklist of known-bad signatures (the dbx database).

If the signature is trusted, the component loads. If the signature is missing or doesn't match a trusted key, the firmware refuses to load it and displays a Secure Boot violation error. This prevents bootkits — malware that loads before the OS and is invisible to antivirus software running inside the OS.

Windows 11 requires Secure Boot to be enabled. Most Linux distributions also support Secure Boot via Microsoft-signed shim bootloaders. When dual-booting or installing a custom OS, you may need to enrol additional trusted keys or temporarily disable Secure Boot — though disabling it reduces security.

🎯 Secure Boot vs TPM — Know the Difference

Secure Boot = verifies the bootloader and early OS components haven't been tampered with. Enforced by UEFI firmware. Prevents bootkits.

TPM (Trusted Platform Module) = a hardware chip that stores cryptographic keys, certificates, and measurements of the boot state. Used by BitLocker to seal encryption keys and detect boot tampering. Both Secure Boot and TPM 2.0 are required for Windows 11.

They work together: Secure Boot ensures only trusted boot code runs; TPM records and seals measurements of the trusted boot state. If the boot chain changes (e.g., malware modifies the bootloader), TPM detects the change and BitLocker prompts for recovery key.

CMOS and the CMOS Battery

CMOS (Complementary Metal-Oxide Semiconductor) is a small amount of memory on the motherboard that stores BIOS/UEFI settings — including the system date and time, boot order, and hardware configuration. Unlike regular RAM, CMOS is powered by a small lithium coin cell battery (usually a CR2032) so that settings are preserved when the computer is unplugged.

When the CMOS battery dies, the system loses its BIOS settings every time it is powered off. Common symptoms include: the system date and time resetting to a default (January 1, 2000 or similar), incorrect boot order on every startup, or a BIOS/CMOS checksum error message during POST. Replacing the CR2032 battery (a $1–2 part) resolves this.

Clearing CMOS resets BIOS settings to factory defaults. This is used to recover from a forgotten BIOS password, fix a misconfigured BIOS that prevents booting, or recover from a failed BIOS flash. Most motherboards have a dedicated CMOS reset jumper; alternatively, removing the CMOS battery for 30 seconds with the system unplugged clears the settings.

Other Key BIOS/UEFI Settings

🔒

BIOS / Supervisor Password

A password that must be entered to access BIOS settings. Prevents unauthorised users from changing boot order, disabling Secure Boot, or altering hardware configuration. A separate boot password can require a password before the OS loads.

⚡

Fast Boot / Quick Boot

Skips parts of POST (like RAM testing) to reduce boot time. Useful on modern systems where hardware is reliable. Disable fast boot when troubleshooting POST errors or when you need to access the BIOS setup utility during startup.

🖥️

Virtualization Support (VT-x / AMD-V)

Enables CPU-level hardware virtualisation. Must be enabled in BIOS before hypervisors like Hyper-V, VirtualBox, or VMware Workstation can run 64-bit guest VMs. Often disabled by default on new systems.

🌡️

Fan Speed & Thermal Settings

BIOS/UEFI displays current CPU and system temperatures and fan speeds. Fan curve profiles (Silent, Standard, Performance) can be set here. Useful for diagnosing thermal throttling or overheating issues before the OS boots.

🔄

BIOS Flashing / Firmware Update

BIOS firmware can be updated (flashed) to add features, fix bugs, or add CPU support. Never interrupt a BIOS flash — a failed flash can brick the motherboard. Most modern systems support flashing from a USB drive within the UEFI interface.

🌐

PXE Boot (Network Boot)

Allows booting from a network server rather than local storage. Used by IT departments to deploy OS images to many machines simultaneously. Must be enabled in BIOS and set in boot order. The system requests a DHCP address and downloads a boot image from a TFTP server.

Exam Scenarios

Scenario: A technician turns on a computer and hears 3 short beeps. The screen is blank. What is the most likely cause? Answer: RAM failure. Reseat or replace the RAM sticks. Multiple short beeps during POST indicate a memory error on most BIOS implementations.

Scenario: Every time a computer is unplugged from power overnight, the system clock resets to January 1, 2000 and the boot order changes. What component needs to be replaced? Answer: The CMOS battery (CR2032). A dead CMOS battery causes BIOS settings to reset when main power is removed.

Scenario: A user wants to install Windows 11 but the installer reports that the PC doesn't meet requirements. The CPU and RAM are sufficient. What two BIOS settings should the technician check first? Answer: Secure Boot (must be enabled) and TPM 2.0 (must be present and enabled). Both are mandatory Windows 11 requirements.

Scenario: A technician needs to boot a PC from a USB drive to run a diagnostic tool. The PC currently boots straight to Windows without showing POST. What are the two options? Answer: (1) Enter BIOS and change boot order to put USB first, or (2) press F11/F12 during startup for a one-time boot device selection menu. If fast boot is enabled, it may need to be disabled first.

Scenario: A technician installs VirtualBox on a Windows PC but cannot create 64-bit virtual machines. Only 32-bit is available. What is the most likely cause? Answer: Hardware virtualisation (VT-x or AMD-V) is disabled in BIOS. Enable it in BIOS/UEFI settings under CPU or Advanced settings.

Scenario: What is the difference between MBR and GPT, and when does it matter for the A+ exam? Answer: MBR (used with legacy BIOS) supports a maximum of 2 TB and 4 primary partitions. GPT (used with UEFI) supports drives over 2 TB and up to 128 partitions. When installing Windows on a drive larger than 2 TB, GPT partitioning is required.

Studying for CompTIA A+?

Check out the full A+ study guide and best resources for the 220-1101 and 220-1202 exams.

View A+ Study Guide →