UEFI¶

3 questions

L1 (2 questions)¶

1. Why is firmware management critical in a datacenter?

Show answer

Outdated firmware causes security vulns, hardware instability, and missed bug fixes. Update BIOS, BMC/iDRAC, RAID controller, NIC, and disk firmware. Always read release notes — some updates require reboot or specific order.

2. Why is firmware patching critical and what is the risk of skipping it?

Show answer

Firmware (BIOS/UEFI, BMC/iDRAC, disk controller, NIC) has security vulnerabilities just like OS software. Unpatched BMC firmware can allow remote takeover. Unpatched disk controller firmware can cause data loss during rebuild. Risks of patching: requires maintenance window, some updates need reboot, failed flash can brick hardware. Mitigate: stage updates, test on non-prod first, keep recovery media available.

L2 (1 questions)¶

1. How do you plan and execute a firmware update campaign across a fleet of servers?

Show answer

1. Inventory current versions: query BMC/iDRAC via redfish API or vendor tools.
2. Identify targets: compare against vendor-recommended versions and CVE lists.
3. Stage updates: download and validate checksums.
4. Test on non-prod: update 1-2 servers, verify functionality.
5. Rolling update in batches: drain workload, update, reboot, verify, proceed.
6. Rollback plan: know if firmware is reversible (some BMC updates are not).
7. Document: log all versions before/after.