Your best line of defence is to firstly when you install, the username you provide should be an admin account - give a username of your choice. Then for yourself, make yourself a standard user. Whenever you then need to install apps or updates to the system you will be asked for the admin account password to elevate you to root. Other things to do are to install ClamAV to scan emails. Don't activate or rather de-activate the PUA (Potentially Unwanted Applications) as it is broken in both GNU/Linux (GNU is the OS and Linux is the kernel) and Windows versions.
You should also install both rkhunter and chkrootkit - these scan your system for potential rootkits. If adding other users apart from yourself, make sure they are also 'standard' users. This is similar to Windows where you have to use 'Run as ...
Administrator'. Don't share the root password with other Standard Users if you want to ensure that your system is secure. Also don't install 3rd Party PPA's, stick to .deb files. To prevent bloatware, remove snaps and flatpak - they cause more trouble than they are worth, as do App Images. Use Synaptic Package Manager to Install software - much better than Gnome Software Centre (Software in Zorin) - a bit like the rubbish Store in Windows 10. In terms of what you have done for booting, disabling fast boot is good. If your BIOS has the option for mixed 'Legacy/UEFI' mode, the better. In terms of other things to be taken care of, you need to go into the hidden 'Power' settings of Windows and disable the item which states against the hard drive to enable 'sleep' - turn it off to 'never' - this is another element that stops you booting into anything else other than windows. When you turn Windows off, the hard drive is never turned off for quicker boot times. You will need to use Windows Disk Management to shrink your C:\ drive to make room for Zorin. If you still have problems installing and Windows 10 install is using MBR if there are 4 primary partitions already on the drive (this is what manufacturers do, from experience of an HP Mini Netbook - A FAT32 at start of drive which contains critical driver files for the OS, the C:\ drive then 2 at the end, normally for creation of recovery media or factory reset - these are all usually marked as Primary so you may need to delete one of them if this is the case.
In terms of Virtual Box it is very clunky. I no longer use Zorin as my daily go to but for a new person migrating to GNU/Linux it is ideal. I used Feren OS during the start of lockdown and then moved to my current preferred more secure Linux, Devuan 3. Inside of that I use Virt-Manager and have Windows 8.1 Pro 32-bit - I only had it in order to access a shared mailbox that I could not configure in Evolution but had no issues configuring my personal Outlook365 account in Evolution which unlike the Web version of Outlook meant I got sound notification of new e-mails. The other item I needed Windows 8.1 was for a Braille Translation program, Braille Blaster - the Linux version worked well under Feren OS but then as they released newer Linux versions it was dependent on a package that only was present in 'mainstream' Linux. The only other item was a Whiteboard application I had to run on Windows (the Linux version was broken and I informed them about it as it was built on Ubuntu 16.04 which ended support in 2021!). I used Remmina Remote to access work's secure website to access the shared server - one login with Remmina Remote - 3 logins under Windows.
If you want a more indepth look at Zorin, I wrote the unofficial manual for Zorin 15 - there are only a slight few changes. The Manual I should add is for Core, not Lite.
Please be aware it takes time to load when viewing in a Browser as it is nearly 70 Mb in size and over 180 pages long.