When it detects an attempt to modify files in shared folders, Kaspersky Endpoint Security logs an entry containing information about the detected attempt to modify files in shared folders.
To select the action to take on detection of external encryption of shared folders:
In the right part of the window, the settings of the Behavior Detection component are displayed.
If this item is selected, on detecting an attempt to modify files in shared folders, Kaspersky Endpoint Security blocks network activity originating from the computer attempting to modify files, creates backup copies of modified files, and logs an entry containing information about this attempt to modify files in shared folders. Also, if the Remediation Engine component is enabled, Kaspersky Endpoint Security restores modified files from backup copies.
If you selected Block connection, you can specify the duration (in minutes) that the network connection will be blocked in the Block connection for field.
If this item is selected, on detecting an attempt to modify files in shared folders, Kaspersky Endpoint Security adds information about this attempt to modify files in shared folders to the list of active threats.