e8bb4b60-e081-427e-924e-e99a1aacf387
When a PC starts, it first finds the operating system boot loader. PCs without Secure Boot simply run whatever boot loader is on the PC’s hard drive and there is no way for the PC to tell whether it’s a trusted operating system or a rootkit.
Stig Server: https://www.stigviewer.com/stig/windows_server_2016/2019-01-16/finding/V-90355
Stig Desktop: https://www.stigviewer.com/stig/windows_10/2019-01-04/finding/V-77085