Skip to main content This browser is no longer supported. Show
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
Settings for Microsoft Defender Antivirus policy in Microsoft Intune for Windows devices
In this articleView details about the endpoint security antivirus policy settings you can configure for the Microsoft Defender Antivirus profile for Windows 10 and later in Microsoft Intune. Note This article details the settings you can find in Microsoft Defender Antivirus and Microsoft Defender Antivirus Exclusions profiles created before April 5, 2022, for the Windows 10 and later platform for endpoint security Antivirus policy. On April 5, 2022, the Windows 10 and later platform was replaced by the Windows 10, Windows 11, and Windows Server platform. Profiles created after that date use a new settings format as found in the Settings Catalog. With this change you can no longer create new versions of the old profile and they are no longer being developed. Although you can no longer create new instances of the older profile, you can continue to edit and use instances of it that you previously created. For profiles that use the new settings format, Intune no longer maintains a list of each setting by name. Instead, the name of each setting, its configuration options, and its explanatory text you see in the Microsoft Endpoint Manager admin center are taken directly from the settings authoritative content. That content can provide more information about the use of the setting in its proper context. When viewing a settings information text, you can use its Learn more link to open that content. The following settings details for Windows profiles apply to those deprecated profiles. Cloud protection
Microsoft Defender Antivirus ExclusionsThe following settings are available in the Microsoft Defender Antivirus profile:
The following settings are available in the following profiles:
For each setting in this group, you can expand the setting, select Add, and then specify a value for the exclusion.
Real-time protectionThese settings are available in the following profiles:
Settings:
These settings are available in the following profiles:
Settings:
ScanThese settings are available in the following profiles:
Settings:
UpdatesThese settings are available in the following profiles:
Settings:
User experienceThese settings are available in the following profiles:
Settings:
FeedbackSubmit and view feedback for Additional resourcesWhat type of malware consists of a set of software tools used by an attacker to hide the actions or presence of other types of malicious software such as a virus?A rootkit is, as described by TechTarget, "a program or, more often, a collection of software tools that gives a threat actor remote access to and control over a computer or other system." It gets its name because it's a kit of tools that (generally illicitly) gain root access (administrator-level control, in Unix ...
Which of the following refers to the malicious insertion of scripting code to extract data or modify a website's code application or content?Cross-Site Scripting (XSS) attacks are a type of injection, in which malicious scripts are injected into otherwise benign and trusted websites. XSS attacks occur when an attacker uses a web application to send malicious code, generally in the form of a browser side script, to a different end user.
What type of malicious program Cannot stand on its own and can replicate itself through an executable program attached to an e mail?A virus is malware that attaches to another program and, when executed—usually inadvertently by the user—replicates itself by modifying other computer programs and infecting them with its own bits of code. Worms are a type of malware similar to viruses. Like viruses, worms are self-replicating.
What is malware quizlet?Malware, or malicious software, is any software designed with the purpose of corrupting or subverting the target computer.
|