Cloud-delivered protection demonstration

Applies to:

Cloud-delivered protection for Microsoft Defender Antivirus, also referred to as Microsoft Advanced Protection Service (MAPS), provides you with strong, fast protection in addition to our standard real-time protection.

Scenario requirements and setup

  • Windows 11, Windows 10, Windows 8.1, and Windows 7 SP1
  • Microsoft Defender Real-time protection is enabled
  • Cloud-delivered protection is enabled by default, however you may need to re-enable it if it has been disabled as part of previous organizational policies. For more information, see Enable cloud-delivered protection in Microsoft Defender Antivirus.
  • You can also download and use the PowerShell script to enable this setting and others on Windows 10 and Windows 11.

Scenario

  1. Download and extract the zipped folder that contains the test file. The password is infected.

    Important

    The test file isn't malicious, it's just a harmless file simulating a virus.

  2. If you see file blocked by Microsoft Defender SmartScreen, select on "View downloads" button.

    SmartScreen blocks an unsafe download, and provides a button to select to view the **Downloads** list details.

  3. In Downloads menu right select on the blocked file and select on Download unsafe file.

    Lists the download as unsafe, but provides an option to proceed with the download

  4. You should see that "Microsoft Defender Antivirus" found a virus and deleted it.

    Note

    In some cases, you might also see Threat Found notification from Microsoft Defender Security Center.

    Microsoft Defender Antivirus Threats found notification provides options to get details

  5. If the file executes, or if you see that it was blocked by Microsoft Defender SmartScreen, cloud-delivered protection isn't working. For more information, see Configure and validate network connections for Microsoft Defender Antivirus.

See also

Utilize Microsoft cloud-delivered protection in Microsoft Defender Antivirus

Microsoft Defender for Endpoint - demonstration scenarios

Tip

Do you want to learn more? Engage with the Microsoft Security community in our Tech Community: Microsoft Defender for Endpoint Tech Community.