deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-05-12 05:17:22 +00:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

dataprotection datausage defender deliveryoptimization

Browse Source
This commit is contained in:
Liz Long 2022-12-29 10:22:17 -05:00
parent ecee0331f2
commit 2447a37757
3 changed files with 1732 additions and 1472 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

180
windows/client-management/mdm/policy-csp-datausage.md
View File

@ -1,112 +1,168 @@
---
title: Policy CSP - DataUsage
description: Learn how to use the Policy CSP - DataUsage setting to configure the cost of 4G connections on the local machine.
title: DataUsage Policy CSP
description: Learn more about the DataUsage Area in Policy CSP
author: vinaypamnani-msft
manager: aaroncz
ms.author: vinpa
ms.topic: article
ms.date: 12/27/2022
ms.localizationpriority: medium
ms.prod: windows-client
ms.technology: itpro-manage
author: vinaypamnani-msft
ms.localizationpriority: medium
ms.date: 09/27/2019
ms.reviewer:
manager: aaroncz
ms.topic: reference
---
<!-- Auto-Generated CSP Document -->
<!-- DataUsage-Begin -->
# Policy CSP - DataUsage
> [!TIP]
> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](../understanding-admx-backed-policies.md).
> Some of these are ADMX-backed policies and require a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
>
> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](../understanding-admx-backed-policies.md#enabling-a-policy).
> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
>
> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
<hr/>
<!-- DataUsage-Editable-Begin -->
<!-- Add any additional information about this policy here. Anything outside this section will get overwritten. -->
<!-- DataUsage-Editable-End -->
<!--Policies-->
## DataUsage policies
<!-- SetCost3G-Begin -->
## SetCost3G
<dl>
<dd>
<a href="#datausage-setcost3g">DataUsage/SetCost3G</a>
</dd>
<dd>
<a href="#datausage-setcost4g">DataUsage/SetCost4G</a>
</dd>
</dl>
<!-- SetCost3G-Applicability-Begin -->
| Scope | Editions | Applicable OS |
|:--|:--|:--|
| :heavy_check_mark: Device <br> :x: User | :x: Home <br> :heavy_check_mark: Pro <br> :heavy_check_mark: Enterprise <br> :heavy_check_mark: Education <br> :heavy_check_mark: Windows SE | :heavy_check_mark: Windows 10, version 1703 [10.0.15063] and later |
<!-- SetCost3G-Applicability-End -->
<!-- SetCost3G-OmaUri-Begin -->
```Device
./Device/Vendor/MSFT/Policy/Config/DataUsage/SetCost3G
```
<!-- SetCost3G-OmaUri-End -->
<hr/>
<!-- SetCost3G-Description-Begin -->
<!-- Description-Source-ADMX -->
This policy setting configures the cost of 3G connections on the local machine.
<!--Policy-->
<a href="" id="datausage-setcost3g"></a>**DataUsage/SetCost3G**
If this policy setting is enabled, a drop-down list box presenting possible cost values will be active. Selecting one of the following values from the list will set the cost of all 3G connections on the local machine:
<hr/>
- Unrestricted: Use of this connection is unlimited and not restricted by usage charges and capacity constraints.
<!--Description-->
This policy is deprecated in Windows 10, version 1809.
- Fixed: Use of this connection is not restricted by usage charges and capacity constraints up to a certain data limit.
<!--/Description-->
<!--/Policy-->
- Variable: This connection is costed on a per byte basis.
<hr/>
If this policy setting is disabled or is not configured, the cost of 3G connections is Fixed by default.
<!-- SetCost3G-Description-End -->
<!--Policy-->
<a href="" id="datausage-setcost4g"></a>**DataUsage/SetCost4G**
<!-- SetCost3G-Editable-Begin -->
<!-- Add any additional information about this policy here. Anything outside this section will get overwritten. -->
<!-- SetCost3G-Editable-End -->
<!--SupportedSKUs-->
<!-- SetCost3G-DFProperties-Begin -->
**Description framework properties**:
|Edition|Windows 10|Windows 11|
|--- |--- |--- |
|Home|No|No|
|Pro|Yes|Yes|
|Windows SE|No|Yes|
|Business|Yes|Yes|
|Enterprise|Yes|Yes|
|Education|Yes|Yes|
| Property name | Property value |
|:--|:--|
| Format | chr (string) |
| Access Type | Add, Delete, Get, Replace |
<!-- SetCost3G-DFProperties-End -->
<!-- SetCost3G-AdmxBacked-Begin -->
> [!TIP]
> This is an ADMX-backed policy and requires SyncML format for configuration. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
<!--/SupportedSKUs-->
<hr/>
**ADMX mapping**:
<!--Scope-->
[Scope](./policy-configuration-service-provider.md#policy-scope):
| Name | Value |
|:--|:--|
| Name | SetCost3G |
| Friendly Name | Set 3G Cost |
| Location | Computer Configuration |
| Path | Network > WWAN Service > WWAN Media Cost |
| Registry Key Name | Software\Policies\Microsoft\Windows\WwanSvc\NetCost |
| ADMX File Name | wwansvc.admx |
<!-- SetCost3G-AdmxBacked-End -->
> [!div class = "checklist"]
> * Device
<!-- SetCost3G-Examples-Begin -->
<!-- Add any examples for this policy here. Examples outside this section will get overwritten. -->
<!-- SetCost3G-Examples-End -->
<hr/>
<!-- SetCost3G-End -->
<!--/Scope-->
<!--Description-->
<!-- SetCost4G-Begin -->
## SetCost4G
<!-- SetCost4G-Applicability-Begin -->
| Scope | Editions | Applicable OS |
|:--|:--|:--|
| :heavy_check_mark: Device <br> :x: User | :x: Home <br> :heavy_check_mark: Pro <br> :heavy_check_mark: Enterprise <br> :heavy_check_mark: Education <br> :heavy_check_mark: Windows SE | :heavy_check_mark: Windows 10, version 1703 [10.0.15063] and later |
<!-- SetCost4G-Applicability-End -->
<!-- SetCost4G-OmaUri-Begin -->
```Device
./Device/Vendor/MSFT/Policy/Config/DataUsage/SetCost4G
```
<!-- SetCost4G-OmaUri-End -->
<!-- SetCost4G-Description-Begin -->
<!-- Description-Source-ADMX -->
This policy setting configures the cost of 4G connections on the local machine.
If this policy setting is enabled, a drop-down list box presenting possible cost values will be active. Selecting one of the following values from the list will set the cost of all 4G connections on the local machine:
- Unrestricted: Use of this connection is unlimited and not restricted by usage charges and capacity constraints.
- Fixed: Use of this connection is not restricted by usage charges and capacity constraints up to a certain data limit.
- Variable: This connection is costed on a per byte basis.
If this policy setting is disabled or is not configured, the cost of 4G connections is Fixed by default.
<!-- SetCost4G-Description-End -->
<!--/Description-->
<!-- SetCost4G-Editable-Begin -->
<!-- Add any additional information about this policy here. Anything outside this section will get overwritten. -->
<!-- SetCost4G-Editable-End -->
<!-- SetCost4G-DFProperties-Begin -->
**Description framework properties**:
<!--ADMXBacked-->
ADMX Info:
- GP Friendly name: *Set 4G Cost*
- GP name: *SetCost4G*
- GP path: *Network/WWAN Service/WWAN Media Cost*
- GP ADMX file name: *wwansvc.admx*
| Property name | Property value |
|:--|:--|
| Format | chr (string) |
| Access Type | Add, Delete, Get, Replace |
<!-- SetCost4G-DFProperties-End -->
<!--/ADMXBacked-->
<!--/Policy-->
<hr/>
<!-- SetCost4G-AdmxBacked-Begin -->
> [!TIP]
> This is an ADMX-backed policy and requires SyncML format for configuration. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
**ADMX mapping**:
| Name | Value |
|:--|:--|
| Name | SetCost4G |
| Friendly Name | Set 4G Cost |
| Location | Computer Configuration |
| Path | Network > WWAN Service > WWAN Media Cost |
| Registry Key Name | Software\Policies\Microsoft\Windows\WwanSvc\NetCost |
| ADMX File Name | wwansvc.admx |
<!-- SetCost4G-AdmxBacked-End -->
<!--/Policies-->
<!-- SetCost4G-Examples-Begin -->
<!-- Add any examples for this policy here. Examples outside this section will get overwritten. -->
<!-- SetCost4G-Examples-End -->
## Related topics
<!-- SetCost4G-End -->
<!-- DataUsage-CspMoreInfo-Begin -->
<!-- Add any additional information about this CSP here. Anything outside this section will get overwritten. -->
<!-- DataUsage-CspMoreInfo-End -->
<!-- DataUsage-End -->
## Related articles
[Policy configuration service provider](policy-configuration-service-provider.md)

115
windows/client-management/mdm/policy-csp-defender.md
View File

@ -4,7 +4,7 @@ description: Learn more about the Defender Area in Policy CSP
author: vinaypamnani-msft
manager: aaroncz
ms.author: vinpa
ms.date: 11/02/2022
ms.date: 12/27/2022
ms.localizationpriority: medium
ms.prod: windows-client
ms.technology: itpro-manage
@ -36,6 +36,7 @@ ms.topic: reference
<!-- AllowArchiveScanning-OmaUri-End -->
<!-- AllowArchiveScanning-Description-Begin -->
<!-- Description-Source-ADMX -->
This policy setting allows you to configure scans for malicious software and unwanted software in archive files such as .ZIP or .CAB files.
If you enable or do not configure this setting, archive files will be scanned.
@ -102,6 +103,7 @@ If you disable this setting, archive files will not be scanned. However, archive
<!-- AllowBehaviorMonitoring-OmaUri-End -->
<!-- AllowBehaviorMonitoring-Description-Begin -->
<!-- Description-Source-ADMX -->
This policy setting allows you to configure behavior monitoring.
If you enable or do not configure this setting, behavior monitoring will be enabled.
@ -168,6 +170,7 @@ If you disable this setting, behavior monitoring will be disabled.
<!-- AllowCloudProtection-OmaUri-End -->
<!-- AllowCloudProtection-Description-Begin -->
<!-- Description-Source-ADMX -->
This policy setting allows you to join Microsoft MAPS. Microsoft MAPS is the online community that helps you choose how to respond to potential threats. The community also helps stop the spread of new malicious software infections.
You can choose to send basic or additional information about detected software. Additional information helps Microsoft create new security intelligence and help it to protect your computer. This information can include things like location of detected items on your computer if harmful software was removed. The information will be automatically collected and sent. In some instances, personal information might unintentionally be sent to Microsoft. However, Microsoft will not use this information to identify you or contact you.
@ -222,7 +225,6 @@ In Windows 10, Basic membership is no longer available, so setting the value to
| Location | Computer Configuration |
| Path | Windows Components > Microsoft Defender Antivirus > MAPS |
| Registry Key Name | Software\Policies\Microsoft\Windows Defender\Spynet |
| Registry Value Name | SpynetReporting |
| ADMX File Name | WindowsDefender.admx |
<!-- AllowCloudProtection-GpMapping-End -->
@ -248,6 +250,7 @@ In Windows 10, Basic membership is no longer available, so setting the value to
<!-- AllowEmailScanning-OmaUri-End -->
<!-- AllowEmailScanning-Description-Begin -->
<!-- Description-Source-ADMX -->
This policy setting allows you to configure e-mail scanning. When e-mail scanning is enabled, the engine will parse the mailbox and mail files, according to their specific format, in order to analyze the mail bodies and attachments. Several e-mail formats are currently supported, for example: pst (Outlook), dbx, mbx, mime (Outlook Express), binhex (Mac). Email scanning is not supported on modern email clients.
If you enable this setting, e-mail scanning will be enabled.
@ -314,6 +317,7 @@ If you disable or do not configure this setting, e-mail scanning will be disable
<!-- AllowFullScanOnMappedNetworkDrives-OmaUri-End -->
<!-- AllowFullScanOnMappedNetworkDrives-Description-Begin -->
<!-- Description-Source-ADMX -->
This policy setting allows you to configure scanning mapped network drives.
If you enable this setting, mapped network drives will be scanned.
@ -380,6 +384,7 @@ If you disable or do not configure this setting, mapped network drives will not
<!-- AllowFullScanRemovableDriveScanning-OmaUri-End -->
<!-- AllowFullScanRemovableDriveScanning-Description-Begin -->
<!-- Description-Source-ADMX -->
This policy setting allows you to manage whether or not to scan for malicious software and unwanted software in the contents of removable drives, such as USB flash drives, when running a full scan.
If you enable this setting, removable drives will be scanned during any type of scan.
@ -446,6 +451,7 @@ If you disable or do not configure this setting, removable drives will not be sc
<!-- AllowIntrusionPreventionSystem-OmaUri-End -->
<!-- AllowIntrusionPreventionSystem-Description-Begin -->
<!-- Description-Source-DDF -->
Allows or disallows Windows Defender Intrusion Prevention functionality.
<!-- AllowIntrusionPreventionSystem-Description-End -->
@ -494,6 +500,7 @@ Allows or disallows Windows Defender Intrusion Prevention functionality.
<!-- AllowIOAVProtection-OmaUri-End -->
<!-- AllowIOAVProtection-Description-Begin -->
<!-- Description-Source-ADMX -->
This policy setting allows you to configure scanning for all downloaded files and attachments.
If you enable or do not configure this setting, scanning for all downloaded files and attachments will be enabled.
@ -560,6 +567,7 @@ If you disable this setting, scanning for all downloaded files and attachments w
<!-- AllowOnAccessProtection-OmaUri-End -->
<!-- AllowOnAccessProtection-Description-Begin -->
<!-- Description-Source-ADMX -->
This policy setting allows you to configure monitoring for file and program activity.
If you enable or do not configure this setting, monitoring for file and program activity will be enabled.
@ -626,13 +634,8 @@ If you disable this setting, monitoring for file and program activity will be di
<!-- AllowRealtimeMonitoring-OmaUri-End -->
<!-- AllowRealtimeMonitoring-Description-Begin -->
This policy turns off real-time protection in Microsoft Defender Antivirus.
Real-time protection consists of always-on scanning with file and process behavior monitoring and heuristics. When real-time protection is on, Microsoft Defender Antivirus detects malware and potentially unwanted software that attempts to install itself or run on your device, and prompts you to take action on malware detections.
If you enable this policy setting, real-time protection is turned off.
If you either disable or do not configure this policy setting, real-time protection is turned on.
<!-- Description-Source-DDF -->
Allows or disallows Windows Defender Realtime Monitoring functionality.
<!-- AllowRealtimeMonitoring-Description-End -->
<!-- AllowRealtimeMonitoring-Editable-Begin -->
@ -694,6 +697,7 @@ If you either disable or do not configure this policy setting, real-time protect
<!-- AllowScanningNetworkFiles-OmaUri-End -->
<!-- AllowScanningNetworkFiles-Description-Begin -->
<!-- Description-Source-ADMX -->
This policy setting allows you to configure scanning for network files. It is recommended that you do not enable this setting.
If you enable this setting, network files will be scanned.
@ -760,6 +764,7 @@ If you disable or do not configure this setting, network files will not be scann
<!-- AllowScriptScanning-OmaUri-End -->
<!-- AllowScriptScanning-Description-Begin -->
<!-- Description-Source-DDF -->
Allows or disallows Windows Defender Script Scanning functionality.
<!-- AllowScriptScanning-Description-End -->
@ -808,6 +813,7 @@ Allows or disallows Windows Defender Script Scanning functionality.
<!-- AllowUserUIAccess-OmaUri-End -->
<!-- AllowUserUIAccess-Description-Begin -->
<!-- Description-Source-ADMX -->
This policy setting allows you to configure whether or not to display AM UI to the users.
If you enable this setting AM UI won't be available to users.
<!-- AllowUserUIAccess-Description-End -->
@ -871,6 +877,7 @@ If you enable this setting AM UI won't be available to users.
<!-- AttackSurfaceReductionOnlyExclusions-OmaUri-End -->
<!-- AttackSurfaceReductionOnlyExclusions-Description-Begin -->
<!-- Description-Source-ADMX -->
Exclude files and paths from Attack Surface Reduction (ASR) rules.
Enabled:
@ -913,7 +920,6 @@ You can configure ASR rules in the Configure Attack Surface Reduction rules GP s
| Location | Computer Configuration |
| Path | Windows Components > Microsoft Defender Antivirus > Microsoft Defender Exploit Guard > Attack Surface Reduction |
| Registry Key Name | Software\Policies\Microsoft\Windows Defender\Windows Defender Exploit Guard\ASR |
| Registry Value Name | ExploitGuard_ASR_ASROnlyExclusions |
| ADMX File Name | WindowsDefender.admx |
<!-- AttackSurfaceReductionOnlyExclusions-GpMapping-End -->
@ -939,6 +945,7 @@ You can configure ASR rules in the Configure Attack Surface Reduction rules GP s
<!-- AttackSurfaceReductionRules-OmaUri-End -->
<!-- AttackSurfaceReductionRules-Description-Begin -->
<!-- Description-Source-ADMX -->
Set the state for each Attack Surface Reduction (ASR) rule.
After enabling this setting, you can set each rule to the following in the Options section:
@ -965,9 +972,9 @@ The following status IDs are permitted under the value column:
Example:
xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx 0
xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx 1
xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx 2
xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx 0
xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx 1
xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx 2
Disabled:
No ASR rules will be configured.
@ -1002,7 +1009,6 @@ You can exclude folders or files in the ""Exclude files and paths from Attack Su
| Location | Computer Configuration |
| Path | Windows Components > Microsoft Defender Antivirus > Microsoft Defender Exploit Guard > Attack Surface Reduction |
| Registry Key Name | Software\Policies\Microsoft\Windows Defender\Windows Defender Exploit Guard\ASR |
| Registry Value Name | ExploitGuard_ASR_Rules |
| ADMX File Name | WindowsDefender.admx |
<!-- AttackSurfaceReductionRules-GpMapping-End -->
@ -1028,6 +1034,7 @@ You can exclude folders or files in the ""Exclude files and paths from Attack Su
<!-- AvgCPULoadFactor-OmaUri-End -->
<!-- AvgCPULoadFactor-Description-Begin -->
<!-- Description-Source-ADMX -->
This policy setting allows you to configure the maximum percentage CPU utilization permitted during a scan. Valid values for this setting are a percentage represented by the integers 5 to 100. A value of 0 indicates that there should be no throttling of CPU utilization. The default value is 50.
If you enable this setting, CPU utilization will not exceed the percentage specified.
@ -1061,7 +1068,6 @@ If you disable or do not configure this setting, CPU utilization will not exceed
| Location | Computer Configuration |
| Path | Windows Components > Microsoft Defender Antivirus > Scan |
| Registry Key Name | Software\Policies\Microsoft\Windows Defender\Scan |
| Registry Value Name | AvgCPULoadFactor |
| ADMX File Name | WindowsDefender.admx |
<!-- AvgCPULoadFactor-GpMapping-End -->
@ -1087,6 +1093,7 @@ If you disable or do not configure this setting, CPU utilization will not exceed
<!-- CheckForSignaturesBeforeRunningScan-OmaUri-End -->
<!-- CheckForSignaturesBeforeRunningScan-Description-Begin -->
<!-- Description-Source-ADMX -->
This policy setting allows you to manage whether a check for new virus and spyware security intelligence will occur before running a scan.
This setting applies to scheduled scans, but it has no effect on scans initiated manually from the user interface or to the ones started from the command line using "mpcmdrun -Scan".
@ -1129,7 +1136,6 @@ If you disable this setting or do not configure this setting, the scan will star
| Location | Computer Configuration |
| Path | Windows Components > Microsoft Defender Antivirus > Scan |
| Registry Key Name | Software\Policies\Microsoft\Windows Defender\Scan |
| Registry Value Name | CheckForSignaturesBeforeRunningScan |
| ADMX File Name | WindowsDefender.admx |
<!-- CheckForSignaturesBeforeRunningScan-GpMapping-End -->
@ -1155,7 +1161,10 @@ If you disable this setting or do not configure this setting, the scan will star
<!-- CloudBlockLevel-OmaUri-End -->
<!-- CloudBlockLevel-Description-Begin -->
This policy setting determines how aggressive Windows Defender Antivirus will be in blocking and scanning suspicious files. Value type is integer. If this setting is on, Windows Defender Antivirus will be more aggressive when identifying suspicious files to block and scan; otherwise, it will be less aggressive and therefore block and scan with less frequency. For more information about specific values that are supported, see the Windows Defender Antivirus documentation site. NoteThis feature requires the Join Microsoft MAPS setting enabled in order to function.
<!-- Description-Source-DDF -->
This policy setting determines how aggressive Windows Defender Antivirus will be in blocking and scanning suspicious files. Value type is integer. If this setting is on, Windows Defender Antivirus will be more aggressive when identifying suspicious files to block and scan; otherwise, it will be less aggressive and therefore block and scan with less frequency. For more information about specific values that are supported, see the Windows Defender Antivirus documentation site.
**Note**: This feature requires the Join Microsoft MAPS setting enabled in order to function.
<!-- CloudBlockLevel-Description-End -->
<!-- CloudBlockLevel-Editable-Begin -->
@ -1188,13 +1197,12 @@ This policy setting determines how aggressive Windows Defender Antivirus will be
| Name | Value |
|:--|:--|
| Name | MpCloudBlockLevel |
| Name | MpEngine_MpCloudBlockLevel |
| Friendly Name | Select cloud protection level |
| Element Name | Select cloud blocking level |
| Location | Computer Configuration |
| Path | Windows Components > Microsoft Defender Antivirus > MpEngine |
| Registry Key Name | Software\Policies\Microsoft\Windows Defender\MpEngine |
| Registry Value Name | MpCloudBlockLevel |
| ADMX File Name | WindowsDefender.admx |
<!-- CloudBlockLevel-GpMapping-End -->
@ -1220,7 +1228,10 @@ This policy setting determines how aggressive Windows Defender Antivirus will be
<!-- CloudExtendedTimeout-OmaUri-End -->
<!-- CloudExtendedTimeout-Description-Begin -->
This feature allows Windows Defender Antivirus to block a suspicious file for up to 60 seconds, and scan it in the cloud to make sure it's safe. Value type is integer, range is 0 - 50. The typical cloud check timeout is 10 seconds. To enable the extended cloud check feature, specify the extended time in seconds, up to an additional 50 seconds. For example, if the desired timeout is 60 seconds, specify 50 seconds in this setting, which will enable the extended cloud check feature, and will raise the total time to 60 seconds. NoteThis feature depends on three other MAPS settings the must all be enabled- Configure the 'Block at First Sight' feature; Join Microsoft MAPS; Send file samples when further analysis is required.
<!-- Description-Source-DDF -->
This feature allows Windows Defender Antivirus to block a suspicious file for up to 60 seconds, and scan it in the cloud to make sure it's safe. Value type is integer, range is 0 - 50. The typical cloud check timeout is 10 seconds. To enable the extended cloud check feature, specify the extended time in seconds, up to an additional 50 seconds. For example, if the desired timeout is 60 seconds, specify 50 seconds in this setting, which will enable the extended cloud check feature, and will raise the total time to 60 seconds.
**Note**: This feature depends on three other MAPS settings the must all be enabled- Configure the 'Block at First Sight' feature; Join Microsoft MAPS; Send file samples when further analysis is required.
<!-- CloudExtendedTimeout-Description-End -->
<!-- CloudExtendedTimeout-Editable-Begin -->
@ -1243,13 +1254,12 @@ This feature allows Windows Defender Antivirus to block a suspicious file for up
| Name | Value |
|:--|:--|
| Name | MpBafsExtendedTimeout |
| Name | MpEngine_MpBafsExtendedTimeout |
| Friendly Name | Configure extended cloud check |
| Element Name | Specify the extended cloud check time in seconds |
| Location | Computer Configuration |
| Path | Windows Components > Microsoft Defender Antivirus > MpEngine |
| Registry Key Name | Software\Policies\Microsoft\Windows Defender\MpEngine |
| Registry Value Name | MpBafsExtendedTimeout |
| ADMX File Name | WindowsDefender.admx |
<!-- CloudExtendedTimeout-GpMapping-End -->
@ -1275,6 +1285,7 @@ This feature allows Windows Defender Antivirus to block a suspicious file for up
<!-- ControlledFolderAccessAllowedApplications-OmaUri-End -->
<!-- ControlledFolderAccessAllowedApplications-Description-Begin -->
<!-- Description-Source-ADMX -->
Add additional applications that should be considered "trusted" by controlled folder access.
These applications are allowed to modify or delete files in controlled folder access folders.
@ -1320,7 +1331,6 @@ Default system folders are automatically guarded, but you can add folders in the
| Location | Computer Configuration |
| Path | Windows Components > Microsoft Defender Antivirus > Microsoft Defender Exploit Guard > Controlled Folder Access |
| Registry Key Name | Software\Policies\Microsoft\Windows Defender\Windows Defender Exploit Guard\Controlled Folder Access |
| Registry Value Name | ExploitGuard_ControlledFolderAccess_AllowedApplications |
| ADMX File Name | WindowsDefender.admx |
<!-- ControlledFolderAccessAllowedApplications-GpMapping-End -->
@ -1346,6 +1356,7 @@ Default system folders are automatically guarded, but you can add folders in the
<!-- ControlledFolderAccessProtectedFolders-OmaUri-End -->
<!-- ControlledFolderAccessProtectedFolders-Description-Begin -->
<!-- Description-Source-ADMX -->
Specify additional folders that should be guarded by the Controlled folder access feature.
Files in these folders cannot be modified or deleted by untrusted applications.
@ -1392,7 +1403,6 @@ Microsoft Defender Antivirus automatically determines which applications can be
| Location | Computer Configuration |
| Path | Windows Components > Microsoft Defender Antivirus > Microsoft Defender Exploit Guard > Controlled Folder Access |
| Registry Key Name | Software\Policies\Microsoft\Windows Defender\Windows Defender Exploit Guard\Controlled Folder Access |
| Registry Value Name | ExploitGuard_ControlledFolderAccess_ProtectedFolders |
| ADMX File Name | WindowsDefender.admx |
<!-- ControlledFolderAccessProtectedFolders-GpMapping-End -->
@ -1418,6 +1428,7 @@ Microsoft Defender Antivirus automatically determines which applications can be
<!-- DaysToRetainCleanedMalware-OmaUri-End -->
<!-- DaysToRetainCleanedMalware-Description-Begin -->
<!-- Description-Source-ADMX -->
This policy setting defines the number of days items should be kept in the Quarantine folder before being removed.
If you enable this setting, items will be removed from the Quarantine folder after the number of days specified.
@ -1451,7 +1462,6 @@ If you disable or do not configure this setting, items will be kept in the quara
| Location | Computer Configuration |
| Path | Windows Components > Microsoft Defender Antivirus > Quarantine |
| Registry Key Name | Software\Policies\Microsoft\Windows Defender\Quarantine |
| Registry Value Name | PurgeItemsAfterDelay |
| ADMX File Name | WindowsDefender.admx |
<!-- DaysToRetainCleanedMalware-GpMapping-End -->
@ -1477,9 +1487,10 @@ If you disable or do not configure this setting, items will be kept in the quara
<!-- DisableCatchupFullScan-OmaUri-End -->
<!-- DisableCatchupFullScan-Description-Begin -->
This policy setting allows you to configure catch-up scans for scheduled full scans. A catch-up scan is a scan that is initiated because a regularly scheduled scan was missed. Usually these scheduled scans are missed because the computer was turned off at the scheduled time.
<!-- Description-Source-ADMX -->
This policy setting allows you to configure catch-up scans for scheduled full scans. A catch-up scan is a scan that is initiated because a regularly scheduled scan was missed. Usually these scheduled scans are missed because the computer was turned off at the scheduled time.
If you enable this setting, catch-up scans for scheduled full scans will be turned on. If a computer is offline for two consecutive scheduled scans, a catch-up scan is started the next time someone logs on to the computer. If there is no scheduled scan configured, there will be no catch-up scan run.
If you enable this setting, catch-up scans for scheduled full scans will be turned on. If a computer is offline for two consecutive scheduled scans, a catch-up scan is started the next time someone logs on to the computer. If there is no scheduled scan configured, there will be no catch-up scan run.
If you disable or do not configure this setting, catch-up scans for scheduled full scans will be turned off.
<!-- DisableCatchupFullScan-Description-End -->
@ -1517,7 +1528,6 @@ If you disable or do not configure this setting, catch-up scans for scheduled fu
| Location | Computer Configuration |
| Path | Windows Components > Microsoft Defender Antivirus > Scan |
| Registry Key Name | Software\Policies\Microsoft\Windows Defender\Scan |
| Registry Value Name | DisableCatchupFullScan |
| ADMX File Name | WindowsDefender.admx |
<!-- DisableCatchupFullScan-GpMapping-End -->
@ -1543,9 +1553,10 @@ If you disable or do not configure this setting, catch-up scans for scheduled fu
<!-- DisableCatchupQuickScan-OmaUri-End -->
<!-- DisableCatchupQuickScan-Description-Begin -->
This policy setting allows you to configure catch-up scans for scheduled quick scans. A catch-up scan is a scan that is initiated because a regularly scheduled scan was missed. Usually these scheduled scans are missed because the computer was turned off at the scheduled time.
<!-- Description-Source-ADMX -->
This policy setting allows you to configure catch-up scans for scheduled quick scans. A catch-up scan is a scan that is initiated because a regularly scheduled scan was missed. Usually these scheduled scans are missed because the computer was turned off at the scheduled time.
If you enable this setting, catch-up scans for scheduled quick scans will be turned on. If a computer is offline for two consecutive scheduled scans, a catch-up scan is started the next time someone logs on to the computer. If there is no scheduled scan configured, there will be no catch-up scan run.
If you enable this setting, catch-up scans for scheduled quick scans will be turned on. If a computer is offline for two consecutive scheduled scans, a catch-up scan is started the next time someone logs on to the computer. If there is no scheduled scan configured, there will be no catch-up scan run.
If you disable or do not configure this setting, catch-up scans for scheduled quick scans will be turned off.
<!-- DisableCatchupQuickScan-Description-End -->
@ -1583,7 +1594,6 @@ If you disable or do not configure this setting, catch-up scans for scheduled qu
| Location | Computer Configuration |
| Path | Windows Components > Microsoft Defender Antivirus > Scan |
| Registry Key Name | Software\Policies\Microsoft\Windows Defender\Scan |
| Registry Value Name | DisableCatchupQuickScan |
| ADMX File Name | WindowsDefender.admx |
<!-- DisableCatchupQuickScan-GpMapping-End -->
@ -1609,6 +1619,7 @@ If you disable or do not configure this setting, catch-up scans for scheduled qu
<!-- EnableControlledFolderAccess-OmaUri-End -->
<!-- EnableControlledFolderAccess-Description-Begin -->
<!-- Description-Source-ADMX -->
Enable or disable controlled folder access for untrusted applications. You can choose to block, audit, or allow attempts by untrusted apps to:
- Modify or delete files in protected folders, such as the Documents folder
- Write to disk sectors
@ -1695,7 +1706,6 @@ Same as Disabled.
| Location | Computer Configuration |
| Path | Windows Components > Microsoft Defender Antivirus > Microsoft Defender Exploit Guard > Controlled Folder Access |
| Registry Key Name | Software\Policies\Microsoft\Windows Defender\Windows Defender Exploit Guard\Controlled Folder Access |
| Registry Value Name | EnableControlledFolderAccess |
| ADMX File Name | WindowsDefender.admx |
<!-- EnableControlledFolderAccess-GpMapping-End -->
@ -1721,6 +1731,7 @@ Same as Disabled.
<!-- EnableLowCPUPriority-OmaUri-End -->
<!-- EnableLowCPUPriority-Description-Begin -->
<!-- Description-Source-ADMX -->
This policy setting allows you to enable or disable low CPU priority for scheduled scans.
If you enable this setting, low CPU priority will be used during scheduled scans.
@ -1761,7 +1772,6 @@ If you disable or do not configure this setting, not changes will be made to CPU
| Location | Computer Configuration |
| Path | Windows Components > Microsoft Defender Antivirus > Scan |
| Registry Key Name | Software\Policies\Microsoft\Windows Defender\Scan |
| Registry Value Name | LowCpuPriority |
| ADMX File Name | WindowsDefender.admx |
<!-- EnableLowCPUPriority-GpMapping-End -->
@ -1787,6 +1797,7 @@ If you disable or do not configure this setting, not changes will be made to CPU
<!-- EnableNetworkProtection-OmaUri-End -->
<!-- EnableNetworkProtection-Description-Begin -->
<!-- Description-Source-ADMX -->
Enable or disable Microsoft Defender Exploit Guard network protection to prevent employees from using any application to access dangerous domains that may host phishing scams, exploit-hosting sites, and other malicious content on the Internet.
Enabled:
@ -1835,7 +1846,6 @@ Same as Disabled.
| Location | Computer Configuration |
| Path | Windows Components > Microsoft Defender Antivirus > Microsoft Defender Exploit Guard > Network Protection |
| Registry Key Name | Software\Policies\Microsoft\Windows Defender\Windows Defender Exploit Guard\Network Protection |
| Registry Value Name | EnableNetworkProtection |
| ADMX File Name | WindowsDefender.admx |
<!-- EnableNetworkProtection-GpMapping-End -->
@ -1861,6 +1871,7 @@ Same as Disabled.
<!-- ExcludedExtensions-OmaUri-End -->
<!-- ExcludedExtensions-Description-Begin -->
<!-- Description-Source-DDF -->
Allows an administrator to specify a list of file type extensions to ignore during a scan. Each file type in the list must be separated by a |. For example, lib|obj.
<!-- ExcludedExtensions-Description-End -->
@ -1889,7 +1900,6 @@ Allows an administrator to specify a list of file type extensions to ignore duri
| Location | Computer Configuration |
| Path | Windows Components > Microsoft Defender Antivirus > Exclusions |
| Registry Key Name | Software\Policies\Microsoft\Windows Defender\Exclusions |
| Registry Value Name | Exclusions_Extensions |
| ADMX File Name | WindowsDefender.admx |
<!-- ExcludedExtensions-GpMapping-End -->
@ -1915,6 +1925,7 @@ Allows an administrator to specify a list of file type extensions to ignore duri
<!-- ExcludedPaths-OmaUri-End -->
<!-- ExcludedPaths-Description-Begin -->
<!-- Description-Source-DDF -->
Allows an administrator to specify a list of directory paths to ignore during a scan. Each path in the list must be separated by a |. For example, C:\Example|C:\Example1.
<!-- ExcludedPaths-Description-End -->
@ -1943,7 +1954,6 @@ Allows an administrator to specify a list of directory paths to ignore during a
| Location | Computer Configuration |
| Path | Windows Components > Microsoft Defender Antivirus > Exclusions |
| Registry Key Name | Software\Policies\Microsoft\Windows Defender\Exclusions |
| Registry Value Name | Exclusions_Paths |
| ADMX File Name | WindowsDefender.admx |
<!-- ExcludedPaths-GpMapping-End -->
@ -1969,7 +1979,10 @@ Allows an administrator to specify a list of directory paths to ignore during a
<!-- ExcludedProcesses-OmaUri-End -->
<!-- ExcludedProcesses-Description-Begin -->
Allows an administrator to specify a list of files opened by processes to ignore during a scan. ImportantThe process itself is not excluded from the scan, but can be by using the Defender/ExcludedPaths policy to exclude its path. Each file type must be separated by a |. For example, C:\Example. exe|C:\Example1.exe.
<!-- Description-Source-DDF -->
Allows an administrator to specify a list of files opened by processes to ignore during a scan.
**Important**: The process itself is not excluded from the scan, but can be by using the Defender/ExcludedPaths policy to exclude its path. Each file type must be separated by a |. For example, C:\Example. exe|C:\Example1.exe.
<!-- ExcludedProcesses-Description-End -->
<!-- ExcludedProcesses-Editable-Begin -->
@ -1997,7 +2010,6 @@ Allows an administrator to specify a list of files opened by processes to ignore
| Location | Computer Configuration |
| Path | Windows Components > Microsoft Defender Antivirus > Exclusions |
| Registry Key Name | Software\Policies\Microsoft\Windows Defender\Exclusions |
| Registry Value Name | Exclusions_Processes |
| ADMX File Name | WindowsDefender.admx |
<!-- ExcludedProcesses-GpMapping-End -->
@ -2023,6 +2035,7 @@ Allows an administrator to specify a list of files opened by processes to ignore
<!-- PUAProtection-OmaUri-End -->
<!-- PUAProtection-Description-Begin -->
<!-- Description-Source-ADMX -->
Enable or disable detection for potentially unwanted applications. You can choose to block, audit, or allow when potentially unwanted software is being downloaded or attempts to install itself on your computer.
Enabled:
@ -2071,7 +2084,6 @@ Same as Disabled.
| Location | Computer Configuration |
| Path | Windows Components > Microsoft Defender Antivirus |
| Registry Key Name | Software\Policies\Microsoft\Windows Defender |
| Registry Value Name | PUAProtection |
| ADMX File Name | WindowsDefender.admx |
<!-- PUAProtection-GpMapping-End -->
@ -2097,6 +2109,7 @@ Same as Disabled.
<!-- RealTimeScanDirection-OmaUri-End -->
<!-- RealTimeScanDirection-Description-Begin -->
<!-- Description-Source-ADMX -->
This policy setting allows you to configure monitoring for incoming and outgoing files, without having to turn off monitoring entirely. It is recommended for use on servers where there is a lot of incoming and outgoing file activity but for performance reasons need to have scanning disabled for a particular scan direction. The appropriate configuration should be evaluated based on the server role.
Note that this configuration is only honored for NTFS volumes. For any other file system type, full monitoring of file and program activity will be present on those volumes.
@ -2148,7 +2161,6 @@ If you disable or do not configure this setting, monitoring for incoming and out
| Location | Computer Configuration |
| Path | Windows Components > Microsoft Defender Antivirus > Real-time Protection |
| Registry Key Name | Software\Policies\Microsoft\Windows Defender\Real-Time Protection |
| Registry Value Name | RealtimeScanDirection |
| ADMX File Name | WindowsDefender.admx |
<!-- RealTimeScanDirection-GpMapping-End -->
@ -2174,6 +2186,7 @@ If you disable or do not configure this setting, monitoring for incoming and out
<!-- ScanParameter-OmaUri-End -->
<!-- ScanParameter-Description-Begin -->
<!-- Description-Source-ADMX -->
This policy setting allows you to specify the scan type to use during a scheduled scan. Scan type options are:
1 = Quick Scan (default)
2 = Full Scan
@ -2217,7 +2230,6 @@ If you disable or do not configure this setting, the default scan type will used
| Location | Computer Configuration |
| Path | Windows Components > Microsoft Defender Antivirus > Scan |
| Registry Key Name | Software\Policies\Microsoft\Windows Defender\Scan |
| Registry Value Name | ScanParameters |
| ADMX File Name | WindowsDefender.admx |
<!-- ScanParameter-GpMapping-End -->
@ -2243,7 +2255,8 @@ If you disable or do not configure this setting, the default scan type will used
<!-- ScheduleQuickScanTime-OmaUri-End -->
<!-- ScheduleQuickScanTime-Description-Begin -->
This policy setting allows you to specify the time of day at which to perform a daily quick scan. The time value is represented as the number of minutes past midnight (00:00). For example, 120 (0x78) is equivalent to 02:00 AM. By default, this setting is set to disabled. The schedule is based on local time on the computer where the scan is executing.
<!-- Description-Source-ADMX -->
This policy setting allows you to specify the time of day at which to perform a daily quick scan. The time value is represented as the number of minutes past midnight (00:00). For example, 120 (0x78) is equivalent to 02:00 AM. By default, this setting is set to disabled. The schedule is based on local time on the computer where the scan is executing.
If you enable this setting, a daily quick scan will run at the time of day specified.
@ -2276,7 +2289,6 @@ If you disable or do not configure this setting, daily quick scan controlled by
| Location | Computer Configuration |
| Path | Windows Components > Microsoft Defender Antivirus > Scan |
| Registry Key Name | Software\Policies\Microsoft\Windows Defender\Scan |
| Registry Value Name | ScheduleQuickScanTime |
| ADMX File Name | WindowsDefender.admx |
<!-- ScheduleQuickScanTime-GpMapping-End -->
@ -2302,6 +2314,7 @@ If you disable or do not configure this setting, daily quick scan controlled by
<!-- ScheduleScanDay-OmaUri-End -->
<!-- ScheduleScanDay-Description-Begin -->
<!-- Description-Source-ADMX -->
This policy setting allows you to specify the day of the week on which to perform a scheduled scan. The scan can also be configured to run every day or to never run at all.
This setting can be configured with the following ordinal number values:
@ -2361,7 +2374,6 @@ If you disable or do not configure this setting, a scheduled scan will run at a
| Location | Computer Configuration |
| Path | Windows Components > Microsoft Defender Antivirus > Scan |
| Registry Key Name | Software\Policies\Microsoft\Windows Defender\Scan |
| Registry Value Name | ScheduleDay |
| ADMX File Name | WindowsDefender.admx |
<!-- ScheduleScanDay-GpMapping-End -->
@ -2387,7 +2399,8 @@ If you disable or do not configure this setting, a scheduled scan will run at a
<!-- ScheduleScanTime-OmaUri-End -->
<!-- ScheduleScanTime-Description-Begin -->
This policy setting allows you to specify the time of day at which to perform a scheduled scan. The time value is represented as the number of minutes past midnight (00:00). For example, 120 (0x78) is equivalent to 02:00 AM. By default, this setting is set to a time value of 2:00 AM. The schedule is based on local time on the computer where the scan is executing.
<!-- Description-Source-ADMX -->
This policy setting allows you to specify the time of day at which to perform a scheduled scan. The time value is represented as the number of minutes past midnight (00:00). For example, 120 (0x78) is equivalent to 02:00 AM. By default, this setting is set to a time value of 2:00 AM. The schedule is based on local time on the computer where the scan is executing.
If you enable this setting, a scheduled scan will run at the time of day specified.
@ -2420,7 +2433,6 @@ If you disable or do not configure this setting, a scheduled scan will run at a
| Location | Computer Configuration |
| Path | Windows Components > Microsoft Defender Antivirus > Scan |
| Registry Key Name | Software\Policies\Microsoft\Windows Defender\Scan |
| Registry Value Name | ScheduleTime |
| ADMX File Name | WindowsDefender.admx |
<!-- ScheduleScanTime-GpMapping-End -->
@ -2446,6 +2458,7 @@ If you disable or do not configure this setting, a scheduled scan will run at a
<!-- SecurityIntelligenceLocation-OmaUri-End -->
<!-- SecurityIntelligenceLocation-Description-Begin -->
<!-- Description-Source-ADMX -->
This policy setting allows you to define the security intelligence location for VDI-configured computers.
If you disable or do not configure this setting, security intelligence will be referred from the default local source.
@ -2500,6 +2513,7 @@ If you disable or do not configure this setting, security intelligence will be r
<!-- SignatureUpdateFallbackOrder-OmaUri-End -->
<!-- SignatureUpdateFallbackOrder-Description-Begin -->
<!-- Description-Source-ADMX -->
This policy setting allows you to define the order in which different security intelligence update sources should be contacted. The value of this setting should be entered as a pipe-separated string enumerating the security intelligence update sources in order. Possible values are: “InternalDefinitionUpdateServer”, “MicrosoftUpdateServer”, “MMPC”, and “FileShares”
For example: { InternalDefinitionUpdateServer | MicrosoftUpdateServer | MMPC }
@ -2559,6 +2573,7 @@ If you disable or do not configure this setting, security intelligence update so
<!-- SignatureUpdateFileSharesSources-OmaUri-End -->
<!-- SignatureUpdateFileSharesSources-Description-Begin -->
<!-- Description-Source-ADMX -->
This policy setting allows you to configure UNC file share sources for downloading security intelligence updates. Sources will be contacted in the order specified. The value of this setting should be entered as a pipe-separated string enumerating the security intelligence update sources. For example: "{\\unc1 | \\unc2 }". The list is empty by default.
If you enable this setting, the specified sources will be contacted for security intelligence updates. Once security intelligence updates have been successfully downloaded from one specified source, the remaining sources in the list will not be contacted.
@ -2616,6 +2631,7 @@ If you disable or do not configure this setting, the list will remain empty by d
<!-- SignatureUpdateInterval-OmaUri-End -->
<!-- SignatureUpdateInterval-Description-Begin -->
<!-- Description-Source-ADMX -->
This policy setting allows you to specify an interval at which to check for security intelligence updates. The time value is represented as the number of hours between update checks. Valid values range from 1 (every hour) to 24 (once per day).
If you enable this setting, checks for security intelligence updates will occur at the interval specified.
@ -2649,7 +2665,6 @@ If you disable or do not configure this setting, checks for security intelligenc
| Location | Computer Configuration |
| Path | Windows Components > Microsoft Defender Antivirus > Security Intelligence Updates |
| Registry Key Name | Software\Policies\Microsoft\Windows Defender\Signature Updates |
| Registry Value Name | SignatureUpdateInterval |
| ADMX File Name | WindowsDefender.admx |
<!-- SignatureUpdateInterval-GpMapping-End -->
@ -2675,6 +2690,7 @@ If you disable or do not configure this setting, checks for security intelligenc
<!-- SubmitSamplesConsent-OmaUri-End -->
<!-- SubmitSamplesConsent-Description-Begin -->
<!-- Description-Source-ADMX -->
This policy setting configures behaviour of samples submission when opt-in for MAPS telemetry is set.
Possible options are:
@ -2720,7 +2736,6 @@ Possible options are:
| Location | Computer Configuration |
| Path | Windows Components > Microsoft Defender Antivirus > MAPS |
| Registry Key Name | Software\Policies\Microsoft\Windows Defender\Spynet |
| Registry Value Name | SubmitSamplesConsent |
| ADMX File Name | WindowsDefender.admx |
<!-- SubmitSamplesConsent-GpMapping-End -->
@ -2746,7 +2761,8 @@ Possible options are:
<!-- ThreatSeverityDefaultAction-OmaUri-End -->
<!-- ThreatSeverityDefaultAction-Description-Begin -->
Allows an administrator to specify any valid threat severity levels and the corresponding default action ID to take. This value is a list of threat severity level IDs and corresponding actions, separated by a | using the format threat level=action|threat level=action. For example, 1=6|2=2|4=10|5=3. The following list shows the supported values for threat severity levels:1 Low severity threats2 Moderate severity threats4 High severity threats5 Severe threatsThe following list shows the supported values for possible actions:1 Clean. Service tries to recover files and try to disinfect. 2 Quarantine. Moves files to quarantine. 3 Remove. Removes files from system. 6 Allow. Allows file/does none of the above actions. 8 User defined. Requires user to make a decision on which action to take. 10 Block. Blocks file execution.
<!-- Description-Source-DDF -->
Allows an administrator to specify any valid threat severity levels and the corresponding default action ID to take. This value is a list of threat severity level IDs and corresponding actions, separated by a | using the format threat level=action|threat level=action. For example, 1=6|2=2|4=10|5=3. The following list shows the supported values for threat severity levels:1 Low severity threats2 Moderate severity threats4 High severity threats5 Severe threatsThe following list shows the supported values for possible actions:2 Quarantine. Moves files to quarantine. 3 Remove. Removes files from system. 6 Allow. Allows file/does none of the above actions. 8 User defined. Requires user to make a decision on which action to take. 10 Block. Blocks file execution.
<!-- ThreatSeverityDefaultAction-Description-End -->
<!-- ThreatSeverityDefaultAction-Editable-Begin -->
@ -2773,7 +2789,6 @@ Allows an administrator to specify any valid threat severity levels and the corr
| Location | Computer Configuration |
| Path | Windows Components > Microsoft Defender Antivirus > Threats |
| Registry Key Name | Software\Policies\Microsoft\Windows Defender\Threats |
| Registry Value Name | Threats_ThreatSeverityDefaultAction |
| ADMX File Name | WindowsDefender.admx |
<!-- ThreatSeverityDefaultAction-GpMapping-End -->

2909
windows/client-management/mdm/policy-csp-deliveryoptimization.md
View File

File diff suppressed because it is too large Load Diff