Add USB (ubuntu) to secure boot -- what is the UEFI bios looking for?

Here is link to what I see when I have booted into the BIOS.

My understanding is that newer versions of Ubuntu support Secure Boot without any modifications because they somehow got Microsoft to sign their bootloader.  I just tested a Hyper-V Gen 2 VM with Secure Boot enabled in the default configuration, and I'm able to boot a Ubuntu ISO, install it onto the virtual hard drive, and then boot that.

When you try to boot with Secure Boot, do you get an error that specifically says that the bootloader failed the security validation check and recommending that you disable Secure Boot?  If you see any other behavior, then the issue isn't Secure Boot itself, but there's another possible cause here. When you say you're disabling Secure Boot and using F12, you might be booting the flash drive in Legacy BIOS mode.  Disabling Secure Boot can enable Legacy BIOS mode as well, which you don't want.  So make sure the option you select in the F12 menu is listed under UEFI Options rather than Legacy Options.  If you've been booting in Legacy mode while Secure Boot is off (and you don't see an option for your flash drive in the UEFI section of the list), then the reason you can't boot with Secure Boot enabled is probably that your flash drive isn't set up for UEFI booting, not because of Secure Boot specifically.