To view the TAA (IOA) rule that was added to exclusions:
In the program web interface window, select the Program settings section, White lists subsection and go to the TAA exceptions tab.
The table of excluded TAA (IOA) rules is displayed.
Select the rule that you want to view.
This opens a window containing information about the rule.
The window contains the following information:
TAA (IOA) rule. Click this link to open a window containing a description of the MITRE technique corresponding to this rule, recommendations on responding to the event, and data on the likelihood of false alarms.
ID is the ID that the program assigns to each rule.
Name is the name of the rule that you specified when you added the rule.
Importance is an estimate of the probable impact of the event on the security of computers or the corporate LAN as assessed by Kaspersky experts.
Confidence is the level of confidence depending on the probability of false positives as estimated by Kaspersky experts.