I'm struggling to work out how to define a policy to allow a specific group of users (who I can identify OK with a dynamic group) to disable real-time file system protection, where it's enabled at a higher policy level.
At a high-group in the tree I assign a default "Antivirus - balanced" policy, which enables real-time file system protection, but if I create a deeper policy, then I can't seem to "set" it with a value that allows users to disable it; only that I can enforce it to be enabled or disabled.
Am I approaching this wrong?