In --usermode mode, we should implement this https://www.riskinsight-wavestone.com/en/2023/10/a-universal-edr-bypass-built-in-windows-10/ for both auditing the state of these flags for a target process (or all processes) and also for disabling it for the target process of the dump operation