[Feature] - Minor tweak of ASR rule defaults to match MS docs

[msellar-inst]

Is your feature request related to a problem? Please describe.
No

Describe the solution you'd like
MS recommend 3 rules to start with block mode whilst you audit the other ones, should the OIB do the same?

_Standard protection rules: Are the minimum set of rules which Microsoft recommends you always enable, while you're evaluating the effect and configuration needs of the other ASR rules. These rules typically have minimal-to-no noticeable effect on the end user.

From https://learn.microsoft.com/en-nz/defender-endpoint/attack-surface-reduction-rules-reference?wt.mc_id=MVP_310915#asr-rule-to-guid-matrix_

Describe alternatives you've considered
N/A

Additional context
N/A