innovative digital forensics and e-discovery
24
Nov
Nov
BIOS
Posted by
The BIOS (or Basic Input/Output System) is the code run by computers when they are initially turned on. The BIOS is stored in flash memory (EEPROM) but can be updated with a special process from the manufacteur. The BIOS is important in computer forensics for several reasons, include:
- Contains the system time, important for later correlations with other events
- Controls which media is used to boot the computer after the BIOS load completes. One way to acquire a forensically sound image of a computer hard drive is to boot from the CD-ROM and acquire the image with the hard drive in read-only mode.
In a typical boot process, the BIOS would load and then look at the first sector of the primary hard drive to locate the boot sector for the installed operating system(s).
Category : Computer Forensic and E-Discovery Glossary
- Bookmark :
- Digg
- del.icio.us
- Stumbleupon
- Redit it
2 Responses to “BIOS”
You must be logged in to post a comment.
You must be logged in to post a comment.
I recently came across your blog and have been reading along. I thought I would leave my first comment. I don’t know what to say except that I have enjoyed reading. Nice blog. I will keep visiting this blog very often.
kaylee
http://www.thinkpadonline.info
Kaylee,
Thanks for the note. We will continue working on the glossary and computer forensic/e-discovery weblogs…I hope you find them more useful over time.
-Andrew