Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
DoD Microsoft Defender Antivirus STIG Computer v2r4
Data collected on: 3/29/2022 4:56:54 PM
General
Details
Domainsecurity.local
OwnerSECURITY\Domain Admins
Created3/29/2022 2:25:50 PM
Modified3/29/2022 2:26:14 PM
User Revisions1 (AD), 1 (SYSVOL)
Computer Revisions1 (AD), 1 (SYSVOL)
Unique ID{C544D154-033D-4F9D-9271-0DC17D5F821A}
GPO StatusUser settings disabled
Links
LocationEnforcedLink StatusPath
None

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
NT AUTHORITY\Authenticated Users
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
NT AUTHORITY\Authenticated UsersRead (from Security Filtering)No
NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERSReadNo
NT AUTHORITY\SYSTEMEdit settings, delete, modify securityNo
SECURITY\Domain AdminsEdit settings, delete, modify securityNo
SECURITY\Enterprise AdminsEdit settings, delete, modify securityNo
Computer Configuration (Enabled)
Policies
Administrative Templates
Policy definitions (ADMX files) retrieved from the local computer.
Windows Components/Microsoft Defender Antivirus
PolicySettingComment
Configure detection for potentially unwanted applicationsEnabled
 
Windows Components/Microsoft Defender Antivirus/Exclusions
PolicySettingComment
Turn off Auto ExclusionsDisabled
Windows Components/Microsoft Defender Antivirus/MAPS
PolicySettingComment
Configure the 'Block at First Sight' featureEnabled
Join Microsoft MAPSEnabled
Join Microsoft MAPSAdvanced MAPS
PolicySettingComment
Send file samples when further analysis is requiredEnabled
Send file samples when further analysis is required 
Windows Components/Microsoft Defender Antivirus/Microsoft Defender Exploit Guard/Attack Surface Reduction
PolicySettingComment
Configure Attack Surface Reduction rulesEnabled
Set the state for each ASR rule: 
BE9BA2D9-53EA-4CDC-84E5-9B1EEEE465501
D4F940AB-401B-4EFC-AADC-AD5F3C50688A1
3B576869-A4EC-4529-8536-B80A7769E8991
75668C1F-73B5-4CF0-BB93-3ECF5CB7CC841
D3E037E1-3EB8-44C8-A917-57927947596D1
5BEB7EFE-FD9A-4556-801D-275E5FFC04CC1
92E97FA1-2EDF-4476-BDD6-9DD0B4DDDC7B1
Windows Components/Microsoft Defender Antivirus/Microsoft Defender Exploit Guard/Network Protection
PolicySettingComment
Prevent users and apps from accessing dangerous websitesEnabled
 
Windows Components/Microsoft Defender Antivirus/Scan
PolicySettingComment
Scan removable drivesEnabled
Specify the day of the week to run a scheduled scanEnabled
Specify the day of the week to run a scheduled scanEvery Day
PolicySettingComment
Turn on e-mail scanningEnabled
Windows Components/Microsoft Defender Antivirus/Security Intelligence Updates
PolicySettingComment
Define the number of days before spyware security intelligence is considered out of dateEnabled
Define the number of days before spyware security intelligence is considered out of date7
PolicySettingComment
Define the number of days before virus security intelligence is considered out of dateEnabled
Define the number of days before virus security intelligence is considered out of date7
PolicySettingComment
Specify the day of the week to check for security intelligence updatesEnabled
Specify the day of the week to check for security intelligence updatesEvery Day
Windows Components/Microsoft Defender Antivirus/Threats
PolicySettingComment
Specify threat alert levels at which default action should not be taken when detectedEnabled
Specify threat alert levels at which default action should not be taken when detected 
52
42
22
12
User Configuration (Disabled)
No settings defined.