Managing the set of Execution prevention rules
November 17, 2023
ID 200421
To configure the list of Execution prevention rules:
- Do one of the following:
- Select the Execution Prevention section.
- You can do the following actions in the Prevention rules group of settings:
- Add a prevention rule to the list.
- Change a prevention rule's settings.
- Remove a prevention rule from the list.
- In the Prevention rules group of settings, select the Do not perform actions on critical system files check box if you want to exclude critical system files from the scope of prevention rules.
- If you configure the policy settings, in the upper right corner of the group of settings, change the switch from Undefined to Enforce.
- Click OK.
- In the policy properties window, click Save.
When Kaspersky Endpoint Agent 3.9 is used, the prevention rules do not apply to files located on CDs or in ISO images. Execution or opening of such files is not blocked by the application.
When using Kaspersky Endpoint Agent 3.10 or later to create a prevention rule based on the path to a file located on a CD or in an ISO image, specify the path in the following format: \?\GLOBALROOT\Device\<device name>\<file path>, where <device name> is the name of the CD-ROM drive or mounted ISO image in your system. For example, the path might look like this: \?\GLOBALROOT\Device\CdRom1\some_file.exe.
When specifying objects by the file path criterion, you can use file masks (using the ? and * characters).
