diff --git a/Group Policies Objects/Computer Configuration/System/Windows Time Service.md b/Group Policies Objects/Computer Configuration/Parallels/Windows Time Service.md
similarity index 100%
rename from Group Policies Objects/Computer Configuration/System/Windows Time Service.md
rename to Group Policies Objects/Computer Configuration/Parallels/Windows Time Service.md
diff --git a/Group Policies Objects/Computer Configuration/System/Device Guard.md b/Group Policies Objects/Computer Configuration/System/Device Guard.md
deleted file mode 100644
index 0e9e8a5..0000000
--- a/Group Policies Objects/Computer Configuration/System/Device Guard.md	
+++ /dev/null
@@ -1,5 +0,0 @@
-# Device Guard
-
-`Computer Configuration\Administrative Templates\System\Device Guard`
-
-- Turn On Virtualization Based Security -> Enabled (**Only do this if you are running Windows on bare metal or with nested virtualization**)
\ No newline at end of file
diff --git a/Group Policies Objects/Computer Configuration/Windows Components/Controlled Folder Access.md b/Group Policies Objects/Computer Configuration/Windows Components/Controlled Folder Access.md
deleted file mode 100644
index 01b240f..0000000
--- a/Group Policies Objects/Computer Configuration/Windows Components/Controlled Folder Access.md	
+++ /dev/null
@@ -1,5 +0,0 @@
-# Controlled Folder Access
-
-`Computer Configuration\Administrative Templates\Windows Components\Microsoft Defender Antivirus\Microsoft Defender Exploit Guard\Controlled Folder Access`
-
-- Configure Controlled folder access -> Enabled -> Block
\ No newline at end of file
diff --git a/Group Policies Objects/Device Guard.md b/Group Policies Objects/Device Guard.md
new file mode 100644
index 0000000..a76aba2
--- /dev/null
+++ b/Group Policies Objects/Device Guard.md	
@@ -0,0 +1,11 @@
+# Device Guard
+
+`Computer Configuration\Administrative Templates\System\Device Guard`
+
+- Turn On Virtualization Based Security -> Enabled (**Only do this if you are running Windows on bare metal or with nested virtualization**)
+
+1. Select Platform Security Level: Secure Boot and DMA Protection
+2. Virtualization Based Protection of Code Integrity: Enabled with UEFI lock
+3. Credential Guard Configuration: Enabled with UEFI lock
+4. Secure Launch Configuration: Enabled
+5. Kernel-mode Hardware-enforced Stack Protection: Enabled in enforcement mode
\ No newline at end of file
diff --git a/Group Policies Objects/Computer Configuration/Windows Components/Network Protection.md b/Group Policies Objects/Microsoft Degender Antivirus
similarity index 62%
rename from Group Policies Objects/Computer Configuration/Windows Components/Network Protection.md
rename to Group Policies Objects/Microsoft Degender Antivirus
index da6c930..efb0c52 100644
--- a/Group Policies Objects/Computer Configuration/Windows Components/Network Protection.md	
+++ b/Group Policies Objects/Microsoft Degender Antivirus	
@@ -1,4 +1,9 @@
-# Network Protection
+# Microsoft Defender Antivirus
+
+`Computer Configuration\Administrative Templates\Windows Components\Microsoft Defender Antivirus`
+
+
+## Network Protection
 
 Only relevant if SmartScreen is used.
 
@@ -9,4 +14,10 @@ Documentation:
 `Computer Configuration\Administrative Templates\Windows Components\Microsoft Defender Antivirus\Microsoft Defender Exploit Guard\Network Protection`
 
 This settings controls whether Network protection is allowed to be configured into block or audit mode on Windows -> Enabled (Only relevant if running Windows Server)
-Prevent users and apps from accessing dangerous websites -> Enabled -> Block
\ No newline at end of file
+Prevent users and apps from accessing dangerous websites -> Enabled -> Block
+
+## Controlled Folder Access
+
+`Computer Configuration\Administrative Templates\Windows Components\Microsoft Defender Antivirus\Microsoft Defender Exploit Guard\Controlled Folder Access`
+
+- Configure Controlled folder access -> Enabled -> Block
\ No newline at end of file
diff --git a/Group Policies Objects/Computer Configuration/Windows Components/Widgets.md b/Group Policies Objects/Widgets.md
similarity index 100%
rename from Group Policies Objects/Computer Configuration/Windows Components/Widgets.md
rename to Group Policies Objects/Widgets.md
diff --git a/Group Policies Objects/Computer Configuration/Windows Components/Windows Messenger.md b/Group Policies Objects/Windows Messenger.md
similarity index 100%
rename from Group Policies Objects/Computer Configuration/Windows Components/Windows Messenger.md
rename to Group Policies Objects/Windows Messenger.md
diff --git a/Group Policies Objects/Computer Configuration/Windows Components/Windows Update.md b/Group Policies Objects/Windows Update.md
similarity index 100%
rename from Group Policies Objects/Computer Configuration/Windows Components/Windows Update.md
rename to Group Policies Objects/Windows Update.md