Adding a process to the protection scope

The Exploit Prevention component protects several processes by default. You can exclude the processes from the protection scope by clearing the corresponding check boxes in the list.

To add a process to the list of protected processes:

1. Open the Exploit Prevention window.
2. On the Protected processes tab, click the Browse button.

   A Microsoft Windows Explorer window opens.

3. Select the process you want to add to the list.
4. Click the Open button.

   The process name is displayed in the line.

5. Click the Add button.

   The process will be added to the list of protected processes.

6. Select the added process.
7. Click Set exploit prevention techniques.

   The Exploit prevention techniques window opens.

8. Select one of the options for applying impact reduction techniques:
   • Apply all available exploit prevention techniques.

     If this option is selected, the list cannot be edited. By default, all available techniques are applied to a process.

   • Apply selected exploit prevention techniques.

     If this option is selected, you can edit the list of impact reduction techniques applied:

     1. Select the check boxes next to the techniques that you want to apply to protect the selected process.
     2. Select or clear the Apply Attack Surface Reduction technique check box.
9. Configure settings for the Attack Surface Reduction technique:
   • Enter the names of the modules whose launch will be blocked from the protected process in the Deny modules field.
   • In the Do not deny modules if launched in the Internet Zone field, select the check boxes next to the options for which you want to allow modules to be launched:
     • Internet
     • Local intranet
     • Trusted URL
     • Restricted URL
     • Computer

     These settings only apply to Internet Explorer®.

10. Click OK.

The process is added to the task protection scope.