...
- Whitelisting Software Packages (page 48)
- Whitelisting Reference Systems (page 49)
- Restrict an Application's Process Rights (page 50)
- Automate Document Encryption (page 50)
- Prevent Malicious Applications from Running (page 51)
- Prevent Read/Write to File Types or Network Locations (page 52)
- Run an Application in an SVS Layer (page 53)
- Quarantine Files (page 53)
Prevent Malicious Applications from Running
This scenario shows you how to prevent the end user from running cmd.exe.
Scenario Description
In this scenario:
? The end user has run C:\windows\system32\cmd.exe at least once since the
Application Control Agent was installed.
? File Inventory Agent has returned file inventory to the Notification Server.
Scenario Resolution
To automatically encrypt Microsoft Excel spreadsheets, perform the following steps:
1. In the Altiris Console, select the Tasks tab.
2. In the left pane, select Tasks > Security Management > Application Control >
Windows > Application Control Tasks > Manage Applications.
3. In the right pane, enter "cmd" in the Win32 Executable field and click Refresh.
4. Select all rows of the grid and click the Blacklist button.
5. Run Collection Delta Update Schedule. For instructions, see Notification Server Help.
6. Enable the Deny Blacklist execution policy. See Manage Applications (page 28).
7. On a managed computer, start cmd.exe. The cmd.exe will not start and you receive a system tray message.
Altiris Application Control Solution Help 51
...