1fc3446e-9d66-4c41-b2d1-cf562e07f2a9
Exploit protection automatically applies a number of exploit mitigation techniques on both the operating system processes and on individual apps. It's good practice that these settings are forced via GPO/registry and users are disallowed to make changes.
https://www.stigviewer.com/stig/windows_10/2018-04-06/finding/V-77025
There are several ways to disallow users to change settings in Exploit Protection: https://www.ghacks.net/2017/10/25/configure-windows-defender-exploit-guard-in-windows-10/