Prevent users and apps from accessing dangerous websites

Information

Enable or disable Microsoft Defender Exploit Guard network protection to prevent employees from using any application to access dangerous domains that may host phishing scams exploit-hosting sites and other malicious content on the Internet. Enabled: Specify the mode in the Options section: -Block: Users and applications will not be able to access dangerous domains -Audit Mode: Users and applications can connect to dangerous domains however if this feature would have blocked access if it were set to Block then a record of the event will be in the event logs. Disabled: Users and applications will not be blocked from connecting to dangerous domains. Not configured: Same as Disabled.

Solution

Policy Path: Windows Components\Microsoft Defender Antivirus\Microsoft Defender Exploit Guard\Network Protection
Policy Setting Name: Prevent users and apps from accessing dangerous websites

See Also

https://techcommunity.microsoft.com/t5/microsoft-security-baselines/windows-11-security-baseline/ba-p/2810772

Item Details

Category: SYSTEM AND INFORMATION INTEGRITY

References: 800-53|SI-3c.2.

Plugin: Windows

Control ID: 188d8be16b42eacc5ff166abb2cf7c2de91b397144e360a99de588c9b6aff258