By default, on detection of an exploit, Kaspersky Endpoint Security blocks operations attempted by the exploit.
To choose an action to be taken when an exploit is detected:
If this item is selected, on detecting an exploit, Kaspersky Endpoint Security blocks the operations of this exploit and makes a log entry with information about this exploit.
If this item is selected, when Kaspersky Endpoint Security detects an exploit it logs an entry containing information about the exploit and adds information about this exploit to the list of active threats.