mirror of
https://github.com/MicrosoftDocs/windows-itpro-docs.git
synced 2025-05-12 05:17:22 +00:00
Update policy-csp-defender.md
This commit is contained in:
Alekhya Jupudi
GitHub
parent
28127cd691
commit
c89925a8ca
@ -290,7 +290,6 @@ The following list shows the supported values:
|
||||
> [!NOTE]
|
||||
> This policy is only enforced in Windows 10 for desktop.
|
||||
|
||||
|
||||
To best protect your PC, Windows Defender will send information to Microsoft about any problems it finds. Microsoft will analyze that information, learn more about problems affecting you and other customers, and offer improved solutions.
|
||||
|
||||
<!--/Description-->
|
||||
@ -345,7 +344,6 @@ The following list shows the supported values:
|
||||
> [!NOTE]
|
||||
> This policy is only enforced in Windows 10 for desktop.
|
||||
|
||||
|
||||
Allows or disallows scanning of email.
|
||||
|
||||
<!--/Description-->
|
||||
@ -399,7 +397,6 @@ The following list shows the supported values:
|
||||
> [!NOTE]
|
||||
> This policy is only enforced in Windows 10 for desktop.
|
||||
|
||||
|
||||
Allows or disallows a full scan of mapped network drives.
|
||||
|
||||
<!--/Description-->
|
||||
@ -453,7 +450,6 @@ The following list shows the supported values:
|
||||
> [!NOTE]
|
||||
> This policy is only enforced in Windows 10 for desktop.
|
||||
|
||||
|
||||
Allows or disallows a full scan of removable drives. During a quick scan, removable drives may still be scanned.
|
||||
|
||||
<!--/Description-->
|
||||
@ -506,7 +502,6 @@ The following list shows the supported values:
|
||||
<!--Description-->
|
||||
> [!NOTE]
|
||||
> This policy is only enforced in Windows 10 for desktop.
|
||||
|
||||
|
||||
Allows or disallows Windows Defender IOAVP Protection functionality.
|
||||
|
||||
@ -561,7 +556,6 @@ The following list shows the supported values:
|
||||
> [!NOTE]
|
||||
> This policy is only enforced in Windows 10 for desktop.
|
||||
|
||||
|
||||
Allows or disallows Windows Defender On Access Protection functionality.
|
||||
|
||||
<!--/Description-->
|
||||
@ -618,7 +612,6 @@ The following list shows the supported values:
|
||||
> [!NOTE]
|
||||
> This policy is only enforced in Windows 10 for desktop.
|
||||
|
||||
|
||||
Allows or disallows Windows Defender real-time Monitoring functionality.
|
||||
|
||||
<!--/Description-->
|
||||
@ -672,7 +665,6 @@ The following list shows the supported values:
|
||||
> [!NOTE]
|
||||
> This policy is only enforced in Windows 10 for desktop.
|
||||
|
||||
|
||||
Allows or disallows a scanning of network files.
|
||||
|
||||
<!--/Description-->
|
||||
@ -726,7 +718,6 @@ The following list shows the supported values:
|
||||
> [!NOTE]
|
||||
> This policy is only enforced in Windows 10 for desktop.
|
||||
|
||||
|
||||
Allows or disallows Windows Defender Script Scanning functionality.
|
||||
|
||||
<!--/Description-->
|
||||
@ -772,7 +763,6 @@ The following list shows the supported values:
|
||||
> [!NOTE]
|
||||
> This policy is only enforced in Windows 10 for desktop.
|
||||
|
||||
|
||||
Allows or disallows user access to the Windows Defender UI. I disallowed, all Windows Defender notifications will also be suppressed.
|
||||
|
||||
<!--/Description-->
|
||||
@ -826,8 +816,7 @@ The following list shows the supported values:
|
||||
> [!NOTE]
|
||||
> This policy is only enforced in Windows 10 for desktop.
|
||||
|
||||
|
||||
This policy setting allows you to prevent Attack Surface reduction rules from matching on files under the paths specified or for the fully qualified resources specified. Paths should be added under the Options for this setting. Each entry must be listed as a name value pair, where the name should be a string representation of a path or a fully qualified resource name. As an example, a path might be defined as: "c:\Windows" to exclude all files in this directory. A fully qualified resource name might be defined as: "C:\Windows\App.exe"..
|
||||
This policy setting allows you to prevent Attack Surface reduction rules from matching on files under the paths specified or for the fully qualified resources specified. Paths should be added under the Options for this setting. Each entry must be listed as a name value pair, where the name should be a string representation of a path or a fully qualified resource name. As an example, a path might be defined as: "c:\Windows" to exclude all files in this directory. A fully qualified resource name might be defined as: "C:\Windows\App.exe".
|
||||
|
||||
Value type is string.
|
||||
|
||||
@ -876,7 +865,6 @@ ADMX Info:
|
||||
> [!NOTE]
|
||||
> This policy is only enforced in Windows 10 for desktop.
|
||||
|
||||
|
||||
This policy setting enables setting the state (Block/Audit/Off) for each attack surface reduction (ASR) rule. Each ASR rule listed can be set to one of the following states (Block/Audit/Off). The ASR rule ID and state should be added under the Options for this setting. Each entry must be listed as a name value pair. The name defines a valid ASR rule ID, while the value contains the status ID indicating the status of the rule.
|
||||
|
||||
For more information about ASR rule ID and status ID, see [Enable Attack Surface Reduction](/windows/threat-protection/windows-defender-exploit-guard/enable-attack-surface-reduction).
|
||||
@ -927,11 +915,9 @@ ADMX Info:
|
||||
<!--Description-->
|
||||
> [!NOTE]
|
||||
> This policy is only enforced in Windows 10 for desktop.
|
||||
|
||||
|
||||
Represents the average CPU load factor for the Windows Defender scan (in percent).
|
||||
|
||||
|
||||
The default value is 50.
|
||||
|
||||
<!--/Description-->
|
||||
@ -1049,7 +1035,6 @@ ADMX Info:
|
||||
> [!NOTE]
|
||||
> This policy is only enforced in Windows 10 for desktop.
|
||||
|
||||
|
||||
This policy setting determines how aggressive Microsoft Defender Antivirus will be in blocking and scanning suspicious files. Value type is integer.
|
||||
|
||||
If this setting is on, Microsoft Defender Antivirus will be more aggressive when identifying suspicious files to block and scan; otherwise, it will be less aggressive and therefore block and scan with less frequency.
|
||||
@ -1260,11 +1245,9 @@ ADMX Info:
|
||||
<!--Description-->
|
||||
> [!NOTE]
|
||||
> This policy is only enforced in Windows 10 for desktop.
|
||||
|
||||
|
||||
Time period (in days) that quarantine items will be stored on the system.
|
||||
|
||||
|
||||
The default value is 0, which keeps items in quarantine, and doesn't automatically remove them.
|
||||
|
||||
<!--/Description-->
|
||||
@ -1621,7 +1604,6 @@ The following list shows the supported values:
|
||||
<!--Description-->
|
||||
> [!NOTE]
|
||||
> This policy is only enforced in Windows 10 for desktop.
|
||||
|
||||
|
||||
Allows an administrator to specify a list of file type extensions to ignore during a scan. Each file type in the list must be separated by a **|**. For example, "lib|obj".
|
||||
|
||||
@ -1670,7 +1652,6 @@ ADMX Info:
|
||||
> [!NOTE]
|
||||
> This policy is only enforced in Windows 10 for desktop.
|
||||
|
||||
|
||||
Allows an administrator to specify a list of directory paths to ignore during a scan. Each path in the list must be separated by a **|**. For example, "C:\\Example|C:\\Example1".
|
||||
|
||||
<!--/Description-->
|
||||
@ -1718,13 +1699,11 @@ ADMX Info:
|
||||
> [!NOTE]
|
||||
> This policy is only enforced in Windows 10 for desktop.
|
||||
|
||||
|
||||
Allows an administrator to specify a list of files opened by processes to ignore during a scan.
|
||||
|
||||
> [!IMPORTANT]
|
||||
> The process itself is not excluded from the scan, but can be by using the **Defender/ExcludedPaths** policy to exclude its path.
|
||||
|
||||
|
||||
Each file type must be separated by a **|**. For example, "C:\\Example.exe|C:\\Example1.exe".
|
||||
|
||||
<!--/Description-->
|
||||
@ -1831,7 +1810,6 @@ The following list shows the supported values:
|
||||
> [!NOTE]
|
||||
> This policy is only enforced in Windows 10 for desktop.
|
||||
|
||||
|
||||
Controls which sets of files should be monitored.
|
||||
|
||||
> [!NOTE]
|
||||
@ -1890,7 +1868,6 @@ The following list shows the supported values:
|
||||
> [!NOTE]
|
||||
> This policy is only enforced in Windows 10 for desktop.
|
||||
|
||||
|
||||
Selects whether to perform a quick scan or full scan.
|
||||
|
||||
<!--/Description-->
|
||||
@ -1944,7 +1921,6 @@ The following list shows the supported values:
|
||||
<!--Description-->
|
||||
> [!NOTE]
|
||||
> This policy is only enforced in Windows 10 for desktop.
|
||||
|
||||
|
||||
Selects the time of day that the Windows Defender quick scan should run.
|
||||
|
||||
@ -2006,7 +1982,6 @@ Valid values: 0–1380
|
||||
> [!NOTE]
|
||||
> This policy is only enforced in Windows 10 for desktop.
|
||||
|
||||
|
||||
Selects the day that the Windows Defender scan should run.
|
||||
|
||||
> [!NOTE]
|
||||
@ -2071,14 +2046,11 @@ The following list shows the supported values:
|
||||
> [!NOTE]
|
||||
> This policy is only enforced in Windows 10 for desktop.
|
||||
|
||||
|
||||
Selects the time of day that the Windows Defender scan should run.
|
||||
|
||||
> [!NOTE]
|
||||
> The scan type will depends on what scan type is selected in the **Defender/ScanParameter** setting.
|
||||
|
||||
|
||||
|
||||
For example, a value of 0=12:00AM, a value of 60=1:00AM, a value of 120=2:00, and so on, up to a value of 1380=11:00PM.
|
||||
|
||||
The default value is 120.
|
||||
@ -2131,7 +2103,7 @@ Valid values: 0–1380.
|
||||
<!--Description-->
|
||||
This policy setting allows you to define the security intelligence location for VDI-configured computers.
|
||||
|
||||
If you disable or don't configure this setting, security intelligence will be referred from the default local source.
|
||||
If you disable or don't configure this setting, security intelligence will be referred from the default local source.
|
||||
|
||||
<!--/Description-->
|
||||
<!--ADMXMapped-->
|
||||
@ -2315,10 +2287,8 @@ ADMX Info:
|
||||
> [!NOTE]
|
||||
> This policy is only enforced in Windows 10 for desktop.
|
||||
|
||||
|
||||
Specifies the interval (in hours) that will be used to check for signatures, so instead of using the ScheduleDay and ScheduleTime the check for new signatures will be set according to the interval.
|
||||
|
||||
|
||||
A value of 0 means no check for new signatures, a value of 1 means to check every hour, a value of 2 means to check every two hours, and so on, up to a value of 24, which means to check every day.
|
||||
|
||||
The default value is 8.
|
||||
@ -2374,8 +2344,7 @@ Valid values: 0–24.
|
||||
> [!NOTE]
|
||||
> This policy is only enforced in Windows 10 for desktop.
|
||||
|
||||
|
||||
Checks for the user consent level in Windows Defender to send data. If the required consent has already been granted, Windows Defender submits them. If not, (and if the user has specified never to ask), the UI is launched to ask for user consent (when **Defender/AllowCloudProtection** is allowed) before sending data.
|
||||
Checks for the user consent level in Windows Defender to send data. If the required consent has already been granted, Windows Defender submits them. If not (and if the user has specified never to ask), the UI is launched to ask for user consent (when **Defender/AllowCloudProtection** is allowed) before sending data.
|
||||
|
||||
<!--/Description-->
|
||||
<!--ADMXMapped-->
|
||||
@ -2430,7 +2399,6 @@ The following list shows the supported values:
|
||||
<!--Description-->
|
||||
> [!NOTE]
|
||||
> This policy is only enforced in Windows 10 for desktop.
|
||||
|
||||
|
||||
Allows an administrator to specify any valid threat severity levels and the corresponding default action ID to take.
|
||||
|
||||
@ -2468,3 +2436,7 @@ ADMX Info:
|
||||
|
||||
|
||||
<!--/Policies-->
|
||||
|
||||
## Related topics
|
||||
|
||||
[Policy configuration service provider](policy-configuration-service-provider.md)
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user