Get windows10EndpointProtectionConfiguration
Namespace: microsoft.graph
Important: Microsoft Graph APIs under the /beta version are subject to change; production use is not supported.
Note: The Microsoft Graph API for Intune requires an active Intune license for the tenant.
Read properties and relationships of the windows10EndpointProtectionConfiguration object.
This API is available in the following national cloud deployments.
Global service | US Government L4 | US Government L5 (DOD) | China operated by 21Vianet |
---|---|---|---|
✅ | ✅ | ✅ | ✅ |
Permissions
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see Permissions.
Permission type | Permissions (from least to most privileged) |
---|---|
Delegated (work or school account) | DeviceManagementConfiguration.Read.All, DeviceManagementConfiguration.ReadWrite.All |
Delegated (personal Microsoft account) | Not supported. |
Application | DeviceManagementConfiguration.Read.All, DeviceManagementConfiguration.ReadWrite.All |
HTTP Request
GET /deviceManagement/deviceConfigurations/{deviceConfigurationId}
GET /deviceManagement/deviceConfigurations/{deviceConfigurationId}/groupAssignments/{deviceConfigurationGroupAssignmentId}/deviceConfiguration
GET /deviceManagement/deviceConfigurations/{deviceConfigurationId}/microsoft.graph.windowsDomainJoinConfiguration/networkAccessConfigurations/{deviceConfigurationId}
Optional query parameters
This method supports the OData Query Parameters to help customize the response.
Request headers
Header | Value |
---|---|
Authorization | Bearer {token}. Required. Learn more about authentication and authorization. |
Accept | application/json |
Request body
Do not supply a request body for this method.
Response
If successful, this method returns a 200 OK
response code and windows10EndpointProtectionConfiguration object in the response body.
Example
Request
Here is an example of the request.
GET https://graph.microsoft.com/beta/deviceManagement/deviceConfigurations/{deviceConfigurationId}
Response
Here is an example of the response. Note: The response object shown here may be truncated for brevity. All of the properties will be returned from an actual call.
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 32950
{
"value": {
"@odata.type": "#microsoft.graph.windows10EndpointProtectionConfiguration",
"id": "09709403-9403-0970-0394-700903947009",
"lastModifiedDateTime": "2017-01-01T00:00:35.1329464-08:00",
"roleScopeTagIds": [
"Role Scope Tag Ids value"
],
"supportsScopeTags": true,
"deviceManagementApplicabilityRuleOsEdition": {
"@odata.type": "microsoft.graph.deviceManagementApplicabilityRuleOsEdition",
"osEditionTypes": [
"windows10EnterpriseN"
],
"name": "Name value",
"ruleType": "exclude"
},
"deviceManagementApplicabilityRuleOsVersion": {
"@odata.type": "microsoft.graph.deviceManagementApplicabilityRuleOsVersion",
"minOSVersion": "Min OSVersion value",
"maxOSVersion": "Max OSVersion value",
"name": "Name value",
"ruleType": "exclude"
},
"deviceManagementApplicabilityRuleDeviceMode": {
"@odata.type": "microsoft.graph.deviceManagementApplicabilityRuleDeviceMode",
"deviceMode": "sModeConfiguration",
"name": "Name value",
"ruleType": "exclude"
},
"createdDateTime": "2017-01-01T00:02:43.5775965-08:00",
"description": "Description value",
"displayName": "Display Name value",
"version": 7,
"dmaGuardDeviceEnumerationPolicy": "blockAll",
"firewallRules": [
{
"@odata.type": "microsoft.graph.windowsFirewallRule",
"displayName": "Display Name value",
"description": "Description value",
"packageFamilyName": "Package Family Name value",
"filePath": "File Path value",
"serviceName": "Service Name value",
"protocol": 8,
"localPortRanges": [
"Local Port Ranges value"
],
"remotePortRanges": [
"Remote Port Ranges value"
],
"localAddressRanges": [
"Local Address Ranges value"
],
"remoteAddressRanges": [
"Remote Address Ranges value"
],
"profileTypes": "domain",
"action": "blocked",
"trafficDirection": "out",
"interfaceTypes": "remoteAccess",
"edgeTraversal": "blocked",
"localUserAuthorizations": "Local User Authorizations value"
}
],
"userRightsAccessCredentialManagerAsTrustedCaller": {
"@odata.type": "microsoft.graph.deviceManagementUserRightsSetting",
"state": "blocked",
"localUsersOrGroups": [
{
"@odata.type": "microsoft.graph.deviceManagementUserRightsLocalUserOrGroup",
"name": "Name value",
"description": "Description value",
"securityIdentifier": "Security Identifier value"
}
]
},
"userRightsAllowAccessFromNetwork": {
"@odata.type": "microsoft.graph.deviceManagementUserRightsSetting",
"state": "blocked",
"localUsersOrGroups": [
{
"@odata.type": "microsoft.graph.deviceManagementUserRightsLocalUserOrGroup",
"name": "Name value",
"description": "Description value",
"securityIdentifier": "Security Identifier value"
}
]
},
"userRightsBlockAccessFromNetwork": {
"@odata.type": "microsoft.graph.deviceManagementUserRightsSetting",
"state": "blocked",
"localUsersOrGroups": [
{
"@odata.type": "microsoft.graph.deviceManagementUserRightsLocalUserOrGroup",
"name": "Name value",
"description": "Description value",
"securityIdentifier": "Security Identifier value"
}
]
},
"userRightsActAsPartOfTheOperatingSystem": {
"@odata.type": "microsoft.graph.deviceManagementUserRightsSetting",
"state": "blocked",
"localUsersOrGroups": [
{
"@odata.type": "microsoft.graph.deviceManagementUserRightsLocalUserOrGroup",
"name": "Name value",
"description": "Description value",
"securityIdentifier": "Security Identifier value"
}
]
},
"userRightsLocalLogOn": {
"@odata.type": "microsoft.graph.deviceManagementUserRightsSetting",
"state": "blocked",
"localUsersOrGroups": [
{
"@odata.type": "microsoft.graph.deviceManagementUserRightsLocalUserOrGroup",
"name": "Name value",
"description": "Description value",
"securityIdentifier": "Security Identifier value"
}
]
},
"userRightsDenyLocalLogOn": {
"@odata.type": "microsoft.graph.deviceManagementUserRightsSetting",
"state": "blocked",
"localUsersOrGroups": [
{
"@odata.type": "microsoft.graph.deviceManagementUserRightsLocalUserOrGroup",
"name": "Name value",
"description": "Description value",
"securityIdentifier": "Security Identifier value"
}
]
},
"userRightsBackupData": {
"@odata.type": "microsoft.graph.deviceManagementUserRightsSetting",
"state": "blocked",
"localUsersOrGroups": [
{
"@odata.type": "microsoft.graph.deviceManagementUserRightsLocalUserOrGroup",
"name": "Name value",
"description": "Description value",
"securityIdentifier": "Security Identifier value"
}
]
},
"userRightsChangeSystemTime": {
"@odata.type": "microsoft.graph.deviceManagementUserRightsSetting",
"state": "blocked",
"localUsersOrGroups": [
{
"@odata.type": "microsoft.graph.deviceManagementUserRightsLocalUserOrGroup",
"name": "Name value",
"description": "Description value",
"securityIdentifier": "Security Identifier value"
}
]
},
"userRightsCreateGlobalObjects": {
"@odata.type": "microsoft.graph.deviceManagementUserRightsSetting",
"state": "blocked",
"localUsersOrGroups": [
{
"@odata.type": "microsoft.graph.deviceManagementUserRightsLocalUserOrGroup",
"name": "Name value",
"description": "Description value",
"securityIdentifier": "Security Identifier value"
}
]
},
"userRightsCreatePageFile": {
"@odata.type": "microsoft.graph.deviceManagementUserRightsSetting",
"state": "blocked",
"localUsersOrGroups": [
{
"@odata.type": "microsoft.graph.deviceManagementUserRightsLocalUserOrGroup",
"name": "Name value",
"description": "Description value",
"securityIdentifier": "Security Identifier value"
}
]
},
"userRightsCreatePermanentSharedObjects": {
"@odata.type": "microsoft.graph.deviceManagementUserRightsSetting",
"state": "blocked",
"localUsersOrGroups": [
{
"@odata.type": "microsoft.graph.deviceManagementUserRightsLocalUserOrGroup",
"name": "Name value",
"description": "Description value",
"securityIdentifier": "Security Identifier value"
}
]
},
"userRightsCreateSymbolicLinks": {
"@odata.type": "microsoft.graph.deviceManagementUserRightsSetting",
"state": "blocked",
"localUsersOrGroups": [
{
"@odata.type": "microsoft.graph.deviceManagementUserRightsLocalUserOrGroup",
"name": "Name value",
"description": "Description value",
"securityIdentifier": "Security Identifier value"
}
]
},
"userRightsCreateToken": {
"@odata.type": "microsoft.graph.deviceManagementUserRightsSetting",
"state": "blocked",
"localUsersOrGroups": [
{
"@odata.type": "microsoft.graph.deviceManagementUserRightsLocalUserOrGroup",
"name": "Name value",
"description": "Description value",
"securityIdentifier": "Security Identifier value"
}
]
},
"userRightsDebugPrograms": {
"@odata.type": "microsoft.graph.deviceManagementUserRightsSetting",
"state": "blocked",
"localUsersOrGroups": [
{
"@odata.type": "microsoft.graph.deviceManagementUserRightsLocalUserOrGroup",
"name": "Name value",
"description": "Description value",
"securityIdentifier": "Security Identifier value"
}
]
},
"userRightsRemoteDesktopServicesLogOn": {
"@odata.type": "microsoft.graph.deviceManagementUserRightsSetting",
"state": "blocked",
"localUsersOrGroups": [
{
"@odata.type": "microsoft.graph.deviceManagementUserRightsLocalUserOrGroup",
"name": "Name value",
"description": "Description value",
"securityIdentifier": "Security Identifier value"
}
]
},
"userRightsDelegation": {
"@odata.type": "microsoft.graph.deviceManagementUserRightsSetting",
"state": "blocked",
"localUsersOrGroups": [
{
"@odata.type": "microsoft.graph.deviceManagementUserRightsLocalUserOrGroup",
"name": "Name value",
"description": "Description value",
"securityIdentifier": "Security Identifier value"
}
]
},
"userRightsGenerateSecurityAudits": {
"@odata.type": "microsoft.graph.deviceManagementUserRightsSetting",
"state": "blocked",
"localUsersOrGroups": [
{
"@odata.type": "microsoft.graph.deviceManagementUserRightsLocalUserOrGroup",
"name": "Name value",
"description": "Description value",
"securityIdentifier": "Security Identifier value"
}
]
},
"userRightsImpersonateClient": {
"@odata.type": "microsoft.graph.deviceManagementUserRightsSetting",
"state": "blocked",
"localUsersOrGroups": [
{
"@odata.type": "microsoft.graph.deviceManagementUserRightsLocalUserOrGroup",
"name": "Name value",
"description": "Description value",
"securityIdentifier": "Security Identifier value"
}
]
},
"userRightsIncreaseSchedulingPriority": {
"@odata.type": "microsoft.graph.deviceManagementUserRightsSetting",
"state": "blocked",
"localUsersOrGroups": [
{
"@odata.type": "microsoft.graph.deviceManagementUserRightsLocalUserOrGroup",
"name": "Name value",
"description": "Description value",
"securityIdentifier": "Security Identifier value"
}
]
},
"userRightsLoadUnloadDrivers": {
"@odata.type": "microsoft.graph.deviceManagementUserRightsSetting",
"state": "blocked",
"localUsersOrGroups": [
{
"@odata.type": "microsoft.graph.deviceManagementUserRightsLocalUserOrGroup",
"name": "Name value",
"description": "Description value",
"securityIdentifier": "Security Identifier value"
}
]
},
"userRightsLockMemory": {
"@odata.type": "microsoft.graph.deviceManagementUserRightsSetting",
"state": "blocked",
"localUsersOrGroups": [
{
"@odata.type": "microsoft.graph.deviceManagementUserRightsLocalUserOrGroup",
"name": "Name value",
"description": "Description value",
"securityIdentifier": "Security Identifier value"
}
]
},
"userRightsManageAuditingAndSecurityLogs": {
"@odata.type": "microsoft.graph.deviceManagementUserRightsSetting",
"state": "blocked",
"localUsersOrGroups": [
{
"@odata.type": "microsoft.graph.deviceManagementUserRightsLocalUserOrGroup",
"name": "Name value",
"description": "Description value",
"securityIdentifier": "Security Identifier value"
}
]
},
"userRightsManageVolumes": {
"@odata.type": "microsoft.graph.deviceManagementUserRightsSetting",
"state": "blocked",
"localUsersOrGroups": [
{
"@odata.type": "microsoft.graph.deviceManagementUserRightsLocalUserOrGroup",
"name": "Name value",
"description": "Description value",
"securityIdentifier": "Security Identifier value"
}
]
},
"userRightsModifyFirmwareEnvironment": {
"@odata.type": "microsoft.graph.deviceManagementUserRightsSetting",
"state": "blocked",
"localUsersOrGroups": [
{
"@odata.type": "microsoft.graph.deviceManagementUserRightsLocalUserOrGroup",
"name": "Name value",
"description": "Description value",
"securityIdentifier": "Security Identifier value"
}
]
},
"userRightsModifyObjectLabels": {
"@odata.type": "microsoft.graph.deviceManagementUserRightsSetting",
"state": "blocked",
"localUsersOrGroups": [
{
"@odata.type": "microsoft.graph.deviceManagementUserRightsLocalUserOrGroup",
"name": "Name value",
"description": "Description value",
"securityIdentifier": "Security Identifier value"
}
]
},
"userRightsProfileSingleProcess": {
"@odata.type": "microsoft.graph.deviceManagementUserRightsSetting",
"state": "blocked",
"localUsersOrGroups": [
{
"@odata.type": "microsoft.graph.deviceManagementUserRightsLocalUserOrGroup",
"name": "Name value",
"description": "Description value",
"securityIdentifier": "Security Identifier value"
}
]
},
"userRightsRemoteShutdown": {
"@odata.type": "microsoft.graph.deviceManagementUserRightsSetting",
"state": "blocked",
"localUsersOrGroups": [
{
"@odata.type": "microsoft.graph.deviceManagementUserRightsLocalUserOrGroup",
"name": "Name value",
"description": "Description value",
"securityIdentifier": "Security Identifier value"
}
]
},
"userRightsRestoreData": {
"@odata.type": "microsoft.graph.deviceManagementUserRightsSetting",
"state": "blocked",
"localUsersOrGroups": [
{
"@odata.type": "microsoft.graph.deviceManagementUserRightsLocalUserOrGroup",
"name": "Name value",
"description": "Description value",
"securityIdentifier": "Security Identifier value"
}
]
},
"userRightsTakeOwnership": {
"@odata.type": "microsoft.graph.deviceManagementUserRightsSetting",
"state": "blocked",
"localUsersOrGroups": [
{
"@odata.type": "microsoft.graph.deviceManagementUserRightsLocalUserOrGroup",
"name": "Name value",
"description": "Description value",
"securityIdentifier": "Security Identifier value"
}
]
},
"xboxServicesEnableXboxGameSaveTask": true,
"xboxServicesAccessoryManagementServiceStartupMode": "automatic",
"xboxServicesLiveAuthManagerServiceStartupMode": "automatic",
"xboxServicesLiveGameSaveServiceStartupMode": "automatic",
"xboxServicesLiveNetworkingServiceStartupMode": "automatic",
"localSecurityOptionsBlockMicrosoftAccounts": true,
"localSecurityOptionsBlockRemoteLogonWithBlankPassword": true,
"localSecurityOptionsDisableAdministratorAccount": true,
"localSecurityOptionsAdministratorAccountName": "Local Security Options Administrator Account Name value",
"localSecurityOptionsDisableGuestAccount": true,
"localSecurityOptionsGuestAccountName": "Local Security Options Guest Account Name value",
"localSecurityOptionsAllowUndockWithoutHavingToLogon": true,
"localSecurityOptionsBlockUsersInstallingPrinterDrivers": true,
"localSecurityOptionsBlockRemoteOpticalDriveAccess": true,
"localSecurityOptionsFormatAndEjectOfRemovableMediaAllowedUser": "administrators",
"localSecurityOptionsMachineInactivityLimit": 10,
"localSecurityOptionsMachineInactivityLimitInMinutes": 3,
"localSecurityOptionsDoNotRequireCtrlAltDel": true,
"localSecurityOptionsHideLastSignedInUser": true,
"localSecurityOptionsHideUsernameAtSignIn": true,
"localSecurityOptionsLogOnMessageTitle": "Local Security Options Log On Message Title value",
"localSecurityOptionsLogOnMessageText": "Local Security Options Log On Message Text value",
"localSecurityOptionsAllowPKU2UAuthenticationRequests": true,
"localSecurityOptionsAllowRemoteCallsToSecurityAccountsManagerHelperBool": true,
"localSecurityOptionsAllowRemoteCallsToSecurityAccountsManager": "Local Security Options Allow Remote Calls To Security Accounts Manager value",
"localSecurityOptionsMinimumSessionSecurityForNtlmSspBasedClients": "requireNtmlV2SessionSecurity",
"localSecurityOptionsMinimumSessionSecurityForNtlmSspBasedServers": "requireNtmlV2SessionSecurity",
"lanManagerAuthenticationLevel": "lmNtlmAndNtlmV2",
"lanManagerWorkstationDisableInsecureGuestLogons": true,
"localSecurityOptionsClearVirtualMemoryPageFile": true,
"localSecurityOptionsAllowSystemToBeShutDownWithoutHavingToLogOn": true,
"localSecurityOptionsAllowUIAccessApplicationElevation": true,
"localSecurityOptionsVirtualizeFileAndRegistryWriteFailuresToPerUserLocations": true,
"localSecurityOptionsOnlyElevateSignedExecutables": true,
"localSecurityOptionsAdministratorElevationPromptBehavior": "elevateWithoutPrompting",
"localSecurityOptionsStandardUserElevationPromptBehavior": "automaticallyDenyElevationRequests",
"localSecurityOptionsSwitchToSecureDesktopWhenPromptingForElevation": true,
"localSecurityOptionsDetectApplicationInstallationsAndPromptForElevation": true,
"localSecurityOptionsAllowUIAccessApplicationsForSecureLocations": true,
"localSecurityOptionsUseAdminApprovalMode": true,
"localSecurityOptionsUseAdminApprovalModeForAdministrators": true,
"localSecurityOptionsInformationShownOnLockScreen": "userDisplayNameDomainUser",
"localSecurityOptionsInformationDisplayedOnLockScreen": "administrators",
"localSecurityOptionsDisableClientDigitallySignCommunicationsIfServerAgrees": true,
"localSecurityOptionsClientDigitallySignCommunicationsAlways": true,
"localSecurityOptionsClientSendUnencryptedPasswordToThirdPartySMBServers": true,
"localSecurityOptionsDisableServerDigitallySignCommunicationsAlways": true,
"localSecurityOptionsDisableServerDigitallySignCommunicationsIfClientAgrees": true,
"localSecurityOptionsRestrictAnonymousAccessToNamedPipesAndShares": true,
"localSecurityOptionsDoNotAllowAnonymousEnumerationOfSAMAccounts": true,
"localSecurityOptionsAllowAnonymousEnumerationOfSAMAccountsAndShares": true,
"localSecurityOptionsDoNotStoreLANManagerHashValueOnNextPasswordChange": true,
"localSecurityOptionsSmartCardRemovalBehavior": "lockWorkstation",
"defenderSecurityCenterDisableAppBrowserUI": true,
"defenderSecurityCenterDisableFamilyUI": true,
"defenderSecurityCenterDisableHealthUI": true,
"defenderSecurityCenterDisableNetworkUI": true,
"defenderSecurityCenterDisableVirusUI": true,
"defenderSecurityCenterDisableAccountUI": true,
"defenderSecurityCenterDisableClearTpmUI": true,
"defenderSecurityCenterDisableHardwareUI": true,
"defenderSecurityCenterDisableNotificationAreaUI": true,
"defenderSecurityCenterDisableRansomwareUI": true,
"defenderSecurityCenterDisableSecureBootUI": true,
"defenderSecurityCenterDisableTroubleshootingUI": true,
"defenderSecurityCenterDisableVulnerableTpmFirmwareUpdateUI": true,
"defenderSecurityCenterOrganizationDisplayName": "Defender Security Center Organization Display Name value",
"defenderSecurityCenterHelpEmail": "Defender Security Center Help Email value",
"defenderSecurityCenterHelpPhone": "Defender Security Center Help Phone value",
"defenderSecurityCenterHelpURL": "Defender Security Center Help URL value",
"defenderSecurityCenterNotificationsFromApp": "blockNoncriticalNotifications",
"defenderSecurityCenterITContactDisplay": "displayInAppAndInNotifications",
"windowsDefenderTamperProtection": "enable",
"firewallBlockStatefulFTP": true,
"firewallIdleTimeoutForSecurityAssociationInSeconds": 2,
"firewallPreSharedKeyEncodingMethod": "none",
"firewallIPSecExemptionsNone": true,
"firewallIPSecExemptionsAllowNeighborDiscovery": true,
"firewallIPSecExemptionsAllowICMP": true,
"firewallIPSecExemptionsAllowRouterDiscovery": true,
"firewallIPSecExemptionsAllowDHCP": true,
"firewallCertificateRevocationListCheckMethod": "none",
"firewallMergeKeyingModuleSettings": true,
"firewallPacketQueueingMethod": "disabled",
"firewallProfileDomain": {
"@odata.type": "microsoft.graph.windowsFirewallNetworkProfile",
"firewallEnabled": "blocked",
"stealthModeRequired": true,
"stealthModeBlocked": true,
"incomingTrafficRequired": true,
"incomingTrafficBlocked": true,
"unicastResponsesToMulticastBroadcastsRequired": true,
"unicastResponsesToMulticastBroadcastsBlocked": true,
"inboundNotificationsRequired": true,
"inboundNotificationsBlocked": true,
"authorizedApplicationRulesFromGroupPolicyMerged": true,
"authorizedApplicationRulesFromGroupPolicyNotMerged": true,
"globalPortRulesFromGroupPolicyMerged": true,
"globalPortRulesFromGroupPolicyNotMerged": true,
"connectionSecurityRulesFromGroupPolicyMerged": true,
"connectionSecurityRulesFromGroupPolicyNotMerged": true,
"outboundConnectionsRequired": true,
"outboundConnectionsBlocked": true,
"inboundConnectionsRequired": true,
"inboundConnectionsBlocked": true,
"securedPacketExemptionAllowed": true,
"securedPacketExemptionBlocked": true,
"policyRulesFromGroupPolicyMerged": true,
"policyRulesFromGroupPolicyNotMerged": true
},
"firewallProfilePublic": {
"@odata.type": "microsoft.graph.windowsFirewallNetworkProfile",
"firewallEnabled": "blocked",
"stealthModeRequired": true,
"stealthModeBlocked": true,
"incomingTrafficRequired": true,
"incomingTrafficBlocked": true,
"unicastResponsesToMulticastBroadcastsRequired": true,
"unicastResponsesToMulticastBroadcastsBlocked": true,
"inboundNotificationsRequired": true,
"inboundNotificationsBlocked": true,
"authorizedApplicationRulesFromGroupPolicyMerged": true,
"authorizedApplicationRulesFromGroupPolicyNotMerged": true,
"globalPortRulesFromGroupPolicyMerged": true,
"globalPortRulesFromGroupPolicyNotMerged": true,
"connectionSecurityRulesFromGroupPolicyMerged": true,
"connectionSecurityRulesFromGroupPolicyNotMerged": true,
"outboundConnectionsRequired": true,
"outboundConnectionsBlocked": true,
"inboundConnectionsRequired": true,
"inboundConnectionsBlocked": true,
"securedPacketExemptionAllowed": true,
"securedPacketExemptionBlocked": true,
"policyRulesFromGroupPolicyMerged": true,
"policyRulesFromGroupPolicyNotMerged": true
},
"firewallProfilePrivate": {
"@odata.type": "microsoft.graph.windowsFirewallNetworkProfile",
"firewallEnabled": "blocked",
"stealthModeRequired": true,
"stealthModeBlocked": true,
"incomingTrafficRequired": true,
"incomingTrafficBlocked": true,
"unicastResponsesToMulticastBroadcastsRequired": true,
"unicastResponsesToMulticastBroadcastsBlocked": true,
"inboundNotificationsRequired": true,
"inboundNotificationsBlocked": true,
"authorizedApplicationRulesFromGroupPolicyMerged": true,
"authorizedApplicationRulesFromGroupPolicyNotMerged": true,
"globalPortRulesFromGroupPolicyMerged": true,
"globalPortRulesFromGroupPolicyNotMerged": true,
"connectionSecurityRulesFromGroupPolicyMerged": true,
"connectionSecurityRulesFromGroupPolicyNotMerged": true,
"outboundConnectionsRequired": true,
"outboundConnectionsBlocked": true,
"inboundConnectionsRequired": true,
"inboundConnectionsBlocked": true,
"securedPacketExemptionAllowed": true,
"securedPacketExemptionBlocked": true,
"policyRulesFromGroupPolicyMerged": true,
"policyRulesFromGroupPolicyNotMerged": true
},
"defenderAdobeReaderLaunchChildProcess": "enable",
"defenderAttackSurfaceReductionExcludedPaths": [
"Defender Attack Surface Reduction Excluded Paths value"
],
"defenderOfficeAppsOtherProcessInjectionType": "block",
"defenderOfficeAppsOtherProcessInjection": "enable",
"defenderOfficeCommunicationAppsLaunchChildProcess": "enable",
"defenderOfficeAppsExecutableContentCreationOrLaunchType": "block",
"defenderOfficeAppsExecutableContentCreationOrLaunch": "enable",
"defenderOfficeAppsLaunchChildProcessType": "block",
"defenderOfficeAppsLaunchChildProcess": "enable",
"defenderOfficeMacroCodeAllowWin32ImportsType": "block",
"defenderOfficeMacroCodeAllowWin32Imports": "enable",
"defenderScriptObfuscatedMacroCodeType": "block",
"defenderScriptObfuscatedMacroCode": "enable",
"defenderScriptDownloadedPayloadExecutionType": "block",
"defenderScriptDownloadedPayloadExecution": "enable",
"defenderPreventCredentialStealingType": "enable",
"defenderProcessCreationType": "block",
"defenderProcessCreation": "enable",
"defenderUntrustedUSBProcessType": "block",
"defenderUntrustedUSBProcess": "enable",
"defenderUntrustedExecutableType": "block",
"defenderUntrustedExecutable": "enable",
"defenderEmailContentExecutionType": "block",
"defenderEmailContentExecution": "enable",
"defenderAdvancedRansomewareProtectionType": "enable",
"defenderGuardMyFoldersType": "enable",
"defenderGuardedFoldersAllowedAppPaths": [
"Defender Guarded Folders Allowed App Paths value"
],
"defenderAdditionalGuardedFolders": [
"Defender Additional Guarded Folders value"
],
"defenderNetworkProtectionType": "enable",
"defenderExploitProtectionXml": "ZGVmZW5kZXJFeHBsb2l0UHJvdGVjdGlvblhtbA==",
"defenderExploitProtectionXmlFileName": "Defender Exploit Protection Xml File Name value",
"defenderSecurityCenterBlockExploitProtectionOverride": true,
"defenderBlockPersistenceThroughWmiType": "block",
"appLockerApplicationControl": "enforceComponentsAndStoreApps",
"deviceGuardLocalSystemAuthorityCredentialGuardSettings": "enableWithUEFILock",
"deviceGuardEnableVirtualizationBasedSecurity": true,
"deviceGuardEnableSecureBootWithDMA": true,
"deviceGuardSecureBootWithDMA": "withoutDMA",
"deviceGuardLaunchSystemGuard": "enabled",
"smartScreenEnableInShell": true,
"smartScreenBlockOverrideForFiles": true,
"applicationGuardEnabled": true,
"applicationGuardEnabledOptions": "enabledForEdge",
"applicationGuardBlockFileTransfer": "blockImageAndTextFile",
"applicationGuardBlockNonEnterpriseContent": true,
"applicationGuardAllowPersistence": true,
"applicationGuardForceAuditing": true,
"applicationGuardBlockClipboardSharing": "blockBoth",
"applicationGuardAllowPrintToPDF": true,
"applicationGuardAllowPrintToXPS": true,
"applicationGuardAllowPrintToLocalPrinters": true,
"applicationGuardAllowPrintToNetworkPrinters": true,
"applicationGuardAllowVirtualGPU": true,
"applicationGuardAllowFileSaveOnHost": true,
"applicationGuardAllowCameraMicrophoneRedirection": true,
"applicationGuardCertificateThumbprints": [
"Application Guard Certificate Thumbprints value"
],
"bitLockerAllowStandardUserEncryption": true,
"bitLockerDisableWarningForOtherDiskEncryption": true,
"bitLockerEnableStorageCardEncryptionOnMobile": true,
"bitLockerEncryptDevice": true,
"bitLockerSystemDrivePolicy": {
"@odata.type": "microsoft.graph.bitLockerSystemDrivePolicy",
"encryptionMethod": "aesCbc256",
"startupAuthenticationRequired": true,
"startupAuthenticationBlockWithoutTpmChip": true,
"startupAuthenticationTpmUsage": "required",
"startupAuthenticationTpmPinUsage": "required",
"startupAuthenticationTpmKeyUsage": "required",
"startupAuthenticationTpmPinAndKeyUsage": "required",
"minimumPinLength": 0,
"recoveryOptions": {
"@odata.type": "microsoft.graph.bitLockerRecoveryOptions",
"blockDataRecoveryAgent": true,
"recoveryPasswordUsage": "required",
"recoveryKeyUsage": "required",
"hideRecoveryOptions": true,
"enableRecoveryInformationSaveToStore": true,
"recoveryInformationToStore": "passwordOnly",
"enableBitLockerAfterRecoveryInformationToStore": true
},
"prebootRecoveryEnableMessageAndUrl": true,
"prebootRecoveryMessage": "Preboot Recovery Message value",
"prebootRecoveryUrl": "https://example.com/prebootRecoveryUrl/"
},
"bitLockerFixedDrivePolicy": {
"@odata.type": "microsoft.graph.bitLockerFixedDrivePolicy",
"encryptionMethod": "aesCbc256",
"requireEncryptionForWriteAccess": true,
"recoveryOptions": {
"@odata.type": "microsoft.graph.bitLockerRecoveryOptions",
"blockDataRecoveryAgent": true,
"recoveryPasswordUsage": "required",
"recoveryKeyUsage": "required",
"hideRecoveryOptions": true,
"enableRecoveryInformationSaveToStore": true,
"recoveryInformationToStore": "passwordOnly",
"enableBitLockerAfterRecoveryInformationToStore": true
}
},
"bitLockerRemovableDrivePolicy": {
"@odata.type": "microsoft.graph.bitLockerRemovableDrivePolicy",
"encryptionMethod": "aesCbc256",
"requireEncryptionForWriteAccess": true,
"blockCrossOrganizationWriteAccess": true
},
"bitLockerRecoveryPasswordRotation": "disabled",
"defenderDisableScanArchiveFiles": true,
"defenderAllowScanArchiveFiles": true,
"defenderDisableBehaviorMonitoring": true,
"defenderAllowBehaviorMonitoring": true,
"defenderDisableCloudProtection": true,
"defenderAllowCloudProtection": true,
"defenderEnableScanIncomingMail": true,
"defenderEnableScanMappedNetworkDrivesDuringFullScan": true,
"defenderDisableScanRemovableDrivesDuringFullScan": true,
"defenderAllowScanRemovableDrivesDuringFullScan": true,
"defenderDisableScanDownloads": true,
"defenderAllowScanDownloads": true,
"defenderDisableIntrusionPreventionSystem": true,
"defenderAllowIntrusionPreventionSystem": true,
"defenderDisableOnAccessProtection": true,
"defenderAllowOnAccessProtection": true,
"defenderDisableRealTimeMonitoring": true,
"defenderAllowRealTimeMonitoring": true,
"defenderDisableScanNetworkFiles": true,
"defenderAllowScanNetworkFiles": true,
"defenderDisableScanScriptsLoadedInInternetExplorer": true,
"defenderAllowScanScriptsLoadedInInternetExplorer": true,
"defenderBlockEndUserAccess": true,
"defenderAllowEndUserAccess": true,
"defenderScanMaxCpuPercentage": 12,
"defenderCheckForSignaturesBeforeRunningScan": true,
"defenderCloudBlockLevel": "high",
"defenderCloudExtendedTimeoutInSeconds": 5,
"defenderDaysBeforeDeletingQuarantinedMalware": 12,
"defenderDisableCatchupFullScan": true,
"defenderDisableCatchupQuickScan": true,
"defenderEnableLowCpuPriority": true,
"defenderFileExtensionsToExclude": [
"Defender File Extensions To Exclude value"
],
"defenderFilesAndFoldersToExclude": [
"Defender Files And Folders To Exclude value"
],
"defenderProcessesToExclude": [
"Defender Processes To Exclude value"
],
"defenderPotentiallyUnwantedAppAction": "enable",
"defenderScanDirection": "monitorIncomingFilesOnly",
"defenderScanType": "disabled",
"defenderScheduledQuickScanTime": "11:58:49.3840000",
"defenderScheduledScanDay": "everyday",
"defenderScheduledScanTime": "11:59:10.9990000",
"defenderSignatureUpdateIntervalInHours": 6,
"defenderSubmitSamplesConsentType": "alwaysPrompt",
"defenderDetectedMalwareActions": {
"@odata.type": "microsoft.graph.defenderDetectedMalwareActions",
"lowSeverity": "clean",
"moderateSeverity": "clean",
"highSeverity": "clean",
"severeSeverity": "clean"
}
}
}
Feedback
https://aka.ms/ContentUserFeedback.
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see:Submit and view feedback for