Windows OS: Secure Boot must be enabled | EventSentry

PingSentry | Blog | System32 | GitHub | Free tools

Windows OS: Secure Boot must be enabled

e8bb4b60-e081-427e-924e-e99a1aacf387

When a PC starts, it first finds the operating system boot loader. PCs without Secure Boot simply run whatever boot loader is on the PC’s hard drive and there is no way for the PC to tell whether it’s a trusted operating system or a rootkit.

https://docs.microsoft.com/en-us/windows/security/information-protection/secure-the-windows-10-boot-process

Remediation

https://docs.microsoft.com/en-us/windows-hardware/manufacture/desktop/secure-boot-isnt-configured-correctly-troubleshooting

Stig Server: https://www.stigviewer.com/stig/windows_server_2016/2019-01-16/finding/V-90355
Stig Desktop: https://www.stigviewer.com/stig/windows_10/2019-01-04/finding/V-77085

Tags

stig-low-server stig-low-desktop compliance-desktop compliance-server security-server security-desktop desktop server