| Defender |
| Allow Archive Scanning | Allowed. Scans the archive files. |
| Allow Behavior Monitoring | Allowed. Turns on real-time behavior monitoring. |
| Allow Cloud Protection | Allowed. Turns on Cloud Protection. |
| Allow Email Scanning | Allowed. Turns on email scanning. |
| Allow Full Scan Removable Drive Scanning | Allowed. Scans removable drives. |
| Allow scanning of all downloaded files and attachments | Allowed. |
| Allow Realtime Monitoring | Allowed. Turns on and runs the real-time monitoring service. |
| Allow Scanning Network Files | Allowed. Scans network files. |
| Allow Script Scanning | Allowed. |
| Allow User UI Access | Allowed. Lets users access UI. |
| Avg CPU Load Factor | 50 |
| Check For Signatures Before Running Scan | Enabled |
| Cloud Block Level | High |
| Cloud Extended Timeout | 50 |
| Disable Catchup Full Scan | Disabled |
| Disable Catchup Quick Scan | Disabled |
| Enable Low CPU Priority | Enabled |
| Enable Network Protection | Enabled (block mode) |
| PUA Protection | PUA Protection on. Detected items are blocked. They will show in history along with other threats. |
| Real Time Scan Direction | Monitor all files (bi-directional). |
| Schedule Quick Scan Time | 660 |
| Signature Update Interval | 1 |
| Submit Samples Consent | Send safe samples automatically. |
| Disable Local Admin Merge | Disable Local Admin Merge |
| Allow On Access Protection | Allowed. |
| Threat Severity Default Action | Not configured |
| Remediation action for High severity threats | Remove. Removes files from system. |
| Remediation action for Severe threats | Remove. Removes files from system. |
| Remediation action for Low severity threats | Block. Blocks file execution. |
| Remediation action for Moderate severity threats | Remove. Removes files from system. |
| Metered Connection Updates | Allowed |