Adjusting Process Security allows a process to be protected from most tampering by users. For example, adjusting process security can restrict who can stop a process from the task manager. We recommend that you adjust process security in a test environment before you deploy it to the production environment.
To make a Process Security Descriptor Action available to include in an Application Control policy, you must create a security descriptor and a process security action.
Create a Security Descriptor
...
| Warning | ||
|---|---|---|
| ||
We strongly recommended that you always set System has Full Control in the security descriptor settings. |
...
For detailed instructions about how to create a security descriptor, go to Security Descriptors.
Create a Process Security Action
The Process Security Action is what applies the restrictions to the process when it is created.
...
| Info | ||
|---|---|---|
| ||
After creating of the new "Set Process Security Descriptor Action" rename the action and choose the newly created Security Descriptor and select Save. The new action appears in the list of actions available under Process Security. |
Create a new Application Control Policy
...