Are you "profi" pretending that you don't understand the point?
I'm not a profi, just have thrown ~1000 malware samples against several HIPSes and never a driver became loaded into the kernel when the registry keys couldn't have been created.
So, your point is just wrong.
Once again - installing the CIS on some machine can't prevent the machine from loading unauthorized/usigned or malware drivers from loading even if these drivers are childish toys with "start on demand" then when this "demand" happens then guess what happen with CIS...
Where is the proof?
Prove it that a driver is loaded into the kernel if no registry keys are created.
This doesn't seem to be possible via this driver loading method.
And this is the point.