For the Execution prevention rules to be applied on the device where the incident occurred, the active Kaspersky Endpoint Agent policy must be applied to this device. If the device on which the incident occurred is not managed by an active policy, the Execution prevention rule will not be created.
To select an action on a file from an incident card:
When Kaspersky Endpoint Agent 3.9 is used, the prevention rules do not apply to files located on CDs or in ISO images. Execution or opening of such files is not blocked by the application.
Page top