...
Copy and rename cmd.exe: "C:\Virus\malicious application.exe".
Scenario Resolution
- On the managed computer, create the Microsoft Word document C:\document\important document.doc.
- In the
...
- Symantec Management Console,
...
- on the Home menu, click Arellia > Application Control
- In the left pane,
...
- select Policies > Application Control > Application Control
...
- Policies
- Right-click Application Control Policies and select New > Quarantine Application
- Click the Include link and in the Items Selector dialog
...
- ,
...
- select Dynamically Evaluated Filters > Win32 Executable File Filter and click OK.
- In the Win32 Executable File Filter dialog, enter the following in the appropriate fields:
- Name - Quarantine Malicious Applications
- File Name - Malicious application.exe
...
- Click OK and close the dialog.
- In the Items Selector dialog
...
- , select
...
- New Win32 Executable Filter, and click
...
- OK.
...
- Configure the policy
...
- as follows
...
- :
- Enable the policy using the On/Off toggle.
- Name - Quarantine Malicious Applications.
- Description - This is a sample policy for demonstrating the quarantine capabilities of Application Control Solution.
- Save changes to the policy.
- Run malicious application.exe on the managed computer.
- A message appears and the file is moved to C:\quarantined files.