Selecting the action to take on detection of external encryption of shared folders
To select the action to take on detection of external encryption of shared folders:
- In the main application window, click the
button. - In the application settings window, select Advanced Threat Protection → Behavior Detection.
Behavior Detection settings
- Select the relevant action in the Protection of shared folders against external encryption block:
- Block connection for N min. (from 1 to 43800). If this option is selected and Kaspersky Endpoint Security detects an attempt to modify files in shared folders, it takes the following actions:
- Blocks access to file modification for the session that initiated the malicious activity (the file will be read-only).
- Creates backup copies of files that are being modified.
- Adds an entry to local application interface reports.
- Sends information about the detected malicious activity to Kaspersky Security Center.
Also, if the Remediation Engine component is enabled, the modified files are restored from backup copies.
- Notify. If this option is selected and Kaspersky Endpoint Security detects an attempt to modify files in shared folders, it takes the following actions:
- Adds an entry to local application interface reports.
- Adds an entry to the list of active threats.
- Sends information about the detected malicious activity to Kaspersky Security Center.
- Block connection for N min. (from 1 to 43800). If this option is selected and Kaspersky Endpoint Security detects an attempt to modify files in shared folders, it takes the following actions:
- Save your changes.