---
title: "BIOS — AP Cybersecurity Definition & Exam Guide"
description: "BIOS is the firmware that boots your computer before the OS loads, and an unprotected BIOS is a device vulnerability adversaries can exploit in AP Cybersecurity Unit 4."
canonical: "https://fiveable.me/ap-cybersecurity/key-terms/bios"
type: "key-term"
subject: "AP Cybersecurity"
unit: "Unit 4"
---

# BIOS — AP Cybersecurity Definition & Exam Guide

## Definition

BIOS (Basic Input/Output System) is the low-level firmware that starts a computer's hardware and loads the operating system at boot. In AP Cybersecurity, an unprotected BIOS is a device vulnerability adversaries can exploit for deep, persistent control (Topic 4.1).

## What It Is

BIOS stands for Basic Input/Output System. It's the firmware baked into a chip on the motherboard that runs first when you power on a computer, before the [operating system](/ap-cybersecurity/unit-4/protecting-devices/study-guide/n86HF5aR65a2DLQwNHDn "fv-autolink") even exists in memory. Think of it as the device's wake-up routine: it checks the hardware, then hands control to the OS so Windows, macOS, or Linux can load.

Why does [AP Cybersecurity](/ap-cybersecurity "fv-autolink") care about a boot program? Because BIOS sits *below* the operating system. If an [adversary](/ap-cybersecurity/key-terms/adversary "fv-autolink") tampers with it or it has no password protection, they can plant malware that loads before any anti-malware software wakes up. That makes it a textbook example of the device vulnerabilities described in Topic 4.1: weaknesses an attacker exploits to crash a system, control a device, or steal data.

## Why It Matters

BIOS lives in **[Unit 4](/ap-cybersecurity/unit-4 "fv-autolink"): Securing Devices**, specifically [Topic 4.1](/ap-cybersecurity/unit-4/device-vulnerabilities-and-attacks/study-guide/HACz1L7MBGLXO5AANWlK "fv-autolink") (Device Vulnerabilities and Attacks). It directly supports **AP Cybersecurity 4.1.C**, which is about how adversaries exploit common device vulnerabilities to cause loss, damage, disruption, or destruction. An unprotected BIOS is exactly the kind of weak point EK 4.1.C describes, where an adversary can take deep control of a device.

It also feeds into **AP Cybersecurity 4.1.D** (assessing and documenting [risk](/ap-cybersecurity/key-terms/risk "fv-autolink")). Because BIOS controls the boot process for any computing device identified in 4.1.A (servers, personal computers, handhelds), a compromised BIOS scores high on risk. The attacker gets a foothold that survives reboots and even OS reinstalls.

## Connections

### [UEFI (Unit 4)](/ap-cybersecurity/key-terms/uefi)

[UEFI](/ap-cybersecurity/key-terms/uefi "fv-autolink") is the modern replacement for traditional BIOS. It does the same job (start hardware, load the OS) but adds security features like Secure Boot that check whether boot code has been tampered with. If you understand why an unprotected BIOS is risky, UEFI is basically the patched-up answer to that risk.

### [Malware (Unit 4)](/ap-cybersecurity/key-terms/malware)

[Malware](/ap-cybersecurity/key-terms/malware "fv-autolink") that infects the BIOS loads before the operating system, which means it runs before your anti-malware ever gets a chance. That's what makes BIOS-level infection so dangerous compared to a regular file-based virus.

### [Anti-malware (Unit 4)](/ap-cybersecurity/key-terms/anti-malware)

Anti-malware scans inside the running operating system, but BIOS firmware sits below that layer. This is the key insight: an unprotected BIOS is a blind spot your antivirus can't reach, which is why a BIOS password is a separate control.

## On the AP Exam

On the multiple-choice section, BIOS shows up as one item in a list of device weaknesses. A real practice stem describes a computer with no firewall, no anti-malware, and an unprotected BIOS, then asks which term describes these weaknesses. The answer is *vulnerabilities*. So you need to recognize an unprotected BIOS as a vulnerability, not as a type of malware or an attack. Expect BIOS to appear inside broader questions on exploiting device vulnerabilities (aligned to 4.1.C) rather than as a standalone topic. No released FRQ has used the term verbatim, but it supports the kind of risk-assessment reasoning 4.1.D rewards: explaining why a deep, pre-OS weakness raises the criticality of the risk.

## BIOS vs UEFI

BIOS is the older, traditional boot firmware. UEFI is its modern successor and includes built-in security features like Secure Boot that BIOS lacks. They both boot the computer, but UEFI is the upgraded, more secure version, so don't treat them as interchangeable on the exam.

## Key Takeaways

- BIOS (Basic Input/Output System) is the firmware that starts a computer's hardware and loads the operating system at boot.
- An unprotected BIOS is a device vulnerability, not a piece of malware, and the AP exam tests that distinction directly.
- Because BIOS runs before the operating system, malware that infects it loads before anti-malware can stop it.
- BIOS maps to Topic 4.1 and supports learning objective AP Cybersecurity 4.1.C on exploiting device vulnerabilities.
- UEFI is the modern, more secure replacement for BIOS and adds protections like Secure Boot.

## FAQs

### What is BIOS in AP Cybersecurity?

BIOS is the Basic Input/Output System, the firmware that runs first when you turn on a computer to start the hardware and load the operating system. In Topic 4.1, an unprotected BIOS counts as a device vulnerability an adversary can exploit.

### Is BIOS a type of malware?

No. BIOS is legitimate firmware that every computer needs to boot. The security concern is an *unprotected* BIOS, which is a vulnerability that malware could exploit, not malware itself.

### What is the difference between BIOS and UEFI?

Both boot the computer by starting hardware and loading the OS, but UEFI is the modern replacement for the older BIOS. UEFI adds security features like Secure Boot that check for tampering, which traditional BIOS lacks.

### Why is an unprotected BIOS dangerous?

Because BIOS loads before the operating system, malware planted there runs before your anti-malware software ever starts. That gives an adversary deep, persistent control that can survive reboots and OS reinstalls.

### How is BIOS tested on the AP Cybersecurity exam?

It appears in multiple-choice questions listing device weaknesses, where an unprotected BIOS alongside no firewall or anti-malware is identified as a *vulnerability*. You should be able to name it as a vulnerability tied to learning objective 4.1.C.

## Related Study Guides

- [4.1 Device Vulnerabilities and Attacks](/ap-cybersecurity/unit-4/device-vulnerabilities-and-attacks/study-guide/HACz1L7MBGLXO5AANWlK)

## Structured Data

```json
{"@context":"https://schema.org","@graph":[{"@type":"LearningResource","@id":"https://fiveable.me/ap-cybersecurity/key-terms/bios#resource","name":"BIOS — AP Cybersecurity Definition & Exam Guide","url":"https://fiveable.me/ap-cybersecurity/key-terms/bios","learningResourceType":"Concept explainer","educationalLevel":"AP® / High School","about":{"@id":"https://fiveable.me/ap-cybersecurity/key-terms/bios#term"},"audience":{"@type":"EducationalAudience","educationalRole":"student"},"dateModified":"2026-06-15T18:59:31.577Z","isPartOf":{"@type":"Collection","name":"AP Cybersecurity Key Terms","url":"https://fiveable.me/ap-cybersecurity/key-terms"},"publisher":{"@type":"Organization","name":"Fiveable","url":"https://fiveable.me"}},{"@type":"DefinedTerm","@id":"https://fiveable.me/ap-cybersecurity/key-terms/bios#term","name":"BIOS","description":"BIOS (Basic Input/Output System) is the low-level firmware that starts a computer's hardware and loads the operating system at boot. In AP Cybersecurity, an unprotected BIOS is a device vulnerability adversaries can exploit for deep, persistent control (Topic 4.1).","url":"https://fiveable.me/ap-cybersecurity/key-terms/bios","inDefinedTermSet":{"@type":"DefinedTermSet","name":"AP Cybersecurity Key Terms","url":"https://fiveable.me/ap-cybersecurity/key-terms"},"educationalAlignment":[{"@type":"AlignmentObject","alignmentType":"educationalSubject","educationalFramework":"AP® Course and Exam Description","targetName":"AP Cybersecurity Unit 4, Topic 4.1, LO 4.1.A"},{"@type":"AlignmentObject","alignmentType":"educationalSubject","educationalFramework":"AP® Course and Exam Description","targetName":"AP Cybersecurity Unit 4, Topic 4.1, LO 4.1.B"},{"@type":"AlignmentObject","alignmentType":"educationalSubject","educationalFramework":"AP® Course and Exam Description","targetName":"AP Cybersecurity Unit 4, Topic 4.1, LO 4.1.C"},{"@type":"AlignmentObject","alignmentType":"educationalSubject","educationalFramework":"AP® Course and Exam Description","targetName":"AP Cybersecurity Unit 4, Topic 4.1, LO 4.1.D"}]},{"@type":"FAQPage","mainEntity":[{"@type":"Question","name":"What is BIOS in AP Cybersecurity?","acceptedAnswer":{"@type":"Answer","text":"BIOS is the Basic Input/Output System, the firmware that runs first when you turn on a computer to start the hardware and load the operating system. In Topic 4.1, an unprotected BIOS counts as a device vulnerability an adversary can exploit."}},{"@type":"Question","name":"Is BIOS a type of malware?","acceptedAnswer":{"@type":"Answer","text":"No. BIOS is legitimate firmware that every computer needs to boot. The security concern is an *unprotected* BIOS, which is a vulnerability that malware could exploit, not malware itself."}},{"@type":"Question","name":"What is the difference between BIOS and UEFI?","acceptedAnswer":{"@type":"Answer","text":"Both boot the computer by starting hardware and loading the OS, but UEFI is the modern replacement for the older BIOS. UEFI adds security features like Secure Boot that check for tampering, which traditional BIOS lacks."}},{"@type":"Question","name":"Why is an unprotected BIOS dangerous?","acceptedAnswer":{"@type":"Answer","text":"Because BIOS loads before the operating system, malware planted there runs before your anti-malware software ever starts. That gives an adversary deep, persistent control that can survive reboots and OS reinstalls."}},{"@type":"Question","name":"How is BIOS tested on the AP Cybersecurity exam?","acceptedAnswer":{"@type":"Answer","text":"It appears in multiple-choice questions listing device weaknesses, where an unprotected BIOS alongside no firewall or anti-malware is identified as a *vulnerability*. You should be able to name it as a vulnerability tied to learning objective 4.1.C."}}]},{"@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"AP Cybersecurity","item":"https://fiveable.me/ap-cybersecurity"},{"@type":"ListItem","position":2,"name":"Key Terms","item":"https://fiveable.me/ap-cybersecurity/key-terms"},{"@type":"ListItem","position":3,"name":"Unit 4","item":"https://fiveable.me/ap-cybersecurity/unit-4"},{"@type":"ListItem","position":4,"name":"BIOS"}]}]}
```
