Thank you for the response. Please allow me to expand on the question a bit--if I export the VirusScan Enterprise policy of the root directory, I do appear to get a list of default policies; however, is there an easy way (other than stepping through one-by-one) to query, grab, export, and/or otherwise generate a list of clients, and their respective exceptions, which do not inherit the default policy and, instead, have custom on-access scan exceptions of their own? Or am I still missing something? Thanks again!