Booting Process

a diagnostic testing sequence run by a computer's BIOS or UEFI firmware when the computer is powered on. It checks the hardware components such as the CPU, memory, disk drives, and other peripherals to ensure they are working correctly.

Purpose: To identify and report any hardware issues before the operating system starts to boot.

a UEFI BIOS feature that ensures only software with valid digital signatures can execute during the boot process. It checks the digital signature of the bootloader to prevent unauthorized or malicious code from running.

Purpose: To prevent rootkits and bootkits by ensuring that the bootloader and subsequent components have not been tampered with and are from a trusted source.

part of the Windows boot process that occurs after Secure Boot. It verifies the digital signature of the operating system kernel before loading it. Trusted Boot also initializes ELAM (Early Launch Anti-Malware) to ensure that anti-malware software starts before other drivers and applications.

Purpose: To ensure that the operating system kernel is trustworthy and to provide early malware detection and protection.

works in conjunction with the Trusted Platform Module (TPM) to record the measurements (hashes) of all boot components, from the firmware to the bootloader and the operating system. These measurements are stored in the TPM to provide a detailed log of the boot process, which can be used to verify the integrity of the system.

Purpose: To provide a verifiable record that the system's boot components have not been altered by malicious software or other processes. This helps in detecting any unauthorized changes and ensuring the integrity of the system.