When it detects an attempt to modify files in shared folders, Kaspersky Endpoint Security logs an entry containing information about the detected attempt to modify files in shared folders.
To select the action to take on detection of external encryption of shared folders:
In the right part of the window, the settings of the Behavior Detection component are displayed.
If this option is selected, on detecting an attempt to modify files in shared folders, Kaspersky Endpoint Security blocks network activity originating from the computer attempting to modify files, creates backup copies of modified files, adds a record to local application interface reports and sends to Kaspersky Security Center information about detection of malicious activity. Also, if the Remediation Engine component is enabled, the modified files are restored from backup copies.
If you selected Block connection, you can specify the duration (in minutes) that the network connection will be blocked in the Block connection for field.
If this option is selected, on detecting an attempt to modify files in shared folders, Kaspersky Endpoint Security adds a record to local application interface reports, adds a record to list of active threats and sends to Kaspersky Security Center information about detection of malicious activity.