Selecting the action to take on detection of external encryption of shared folders
Selecting the action to take on detection of external encryption of shared folders
To select the action to take on detection of external encryption of shared folders:
- In the main application window, click the
button. - In the application settings window, select Advanced Threat Protection → Behavior Detection.
- Select the relevant action in the Protection of shared folders against external encryption block:
- Block connection for N min. (from 1 to 43800). If this option is selected and Kaspersky Endpoint Security detects an attempt to modify files in shared folders, it takes the following actions:
- Blocks access to file modification for the session that initiated the malicious activity (the file will be read-only).
- Creates backup copies of files that are being modified.
- Adds an entry to local application interface reports.
- Sends information about the detected malicious activity to Kaspersky Security Center.
Also, if the Remediation Engine component is enabled, the modified files are restored from backup copies.
- Notify. If this option is selected and Kaspersky Endpoint Security detects an attempt to modify files in shared folders, it takes the following actions:
- Adds an entry to local application interface reports.
- Adds an entry to the list of active threats.
- Sends information about the detected malicious activity to Kaspersky Security Center.
- Block connection for N min. (from 1 to 43800). If this option is selected and Kaspersky Endpoint Security detects an attempt to modify files in shared folders, it takes the following actions:
- Save your changes.
Did you find this article helpful?
What can we do better?
Thank you for your feedback! You're helping us improve.
Thank you for your feedback! You're helping us improve.
