@Shaheena_Sheikh
Keep "Enable For All Resource Paths" checked which is by default checked for security feature against XSS attacks.
If any specific one or two files for which you want to prevent/exclude adding header "Content-Disposition : attachment" then include that resource path(complete path of original rendition as mentioned below) in "Excluded Resource Paths", for these excluded resource paths "Content-Disposition : attachment" won't be set & which can be viewed in browser without download.
/content/dam/v-foundation.jpg/jcr:content/renditions/original

Hope this helps!