How do YOU use Defense+?

How do YOU use Defense+?

I have looked around and see many different guides on the best way to use Defense+.
The thing is many of them have different methods.
Some people use “clean PC mode” some “safe mode” and some “paranoid” with lots of personal tweaks.

What I am wondering is how do you personally use it?

(I have been trying to decide for myself how it will benefit me the most so a bit of a sneak question)

I use clean PC mode with parental control on. No pop-ups, but you have to keep turning parental control off when updating. As I use limited user account for everything except installation/updating it would be better if there was an option for parental control on CIS only for limited users.

I also set up a group of “dangerous applications”. These are applications that handle content from the web. Browsers, word processors, media players etc. For this group I ban writing to protected files in c:\windows and protected registry keys in HKLM. I also ban direct disk access and device driver installation. These are all things that normal programs should not do and does not appear to stop them working. This gives more control of applications considered safe by CIS but which might just not be so safe. Other things defence+ monitors for this group are left on ask.

My first line of defence is limited user account and software restriction policy. I have never had anything get past this but defence+ is there just in case, and for the odd occasions I must access the internet as administrator.

I think with out a doubt, 9 out of 10 people would agree Safe Mode is your best option.