Endpoint | Anti-Virus
So once I got my Windows 10 systems registered correctly in Azure AD they were automatically enrolled in the MEM. I have been able to create a Anti-Virus policy and apply to my devices.
One of the tasks was to remove the current Ant-Virus on my systems. I was running a freeware version of Avast. Once I uninstalled this I was able to see the effects from my policy take place. I am not sure if there is a way to force removal of old AV software.
Step 1) Create Policy
Step 2) Complete Wizard
These options allow for control of the multitude of options in the setup and behavior of the anti-virus scanning and remediations.
From reviewing the options it seems one can create groups or labels to select only specific systems. You could create a profile for accounting and apply it to only accounting users or account groups or accounting devices. I selected all devices for my lab.