Prevent Malicious Applications from Running
This scenario shows you how to prevent the end user from running cmd.exe.
Scenario
...
description
In this scenario:
- The end user has run C:\windows\system32\cmd.exe at least once since the
Application Control Agent was installed. - File Inventory Agent has returned file inventory to the Notification Server.
Scenario
...
resolution
To automatically encrypt Microsoft Excel spreadsheets, perform the following steps:
- In the
...
- Symantec Management Console,
...
- on the Home menu, click Arellia > Application Control
- In the left pane,
...
- select Policies > Application
...
- Control >Manage Applications
- In the right pane, enter "cmd" in the Win32 Executable field and click Refresh.
- Select all rows of the grid and click the Blacklist button.
- Run Collection Delta Update Schedule. For instructions, see Notification Server Help.
- Enable the Deny Blacklist execution policy. See Manage
...
- applications.
- On a managed computer, start cmd.exe. The cmd.exe will not start and you receive a system tray message.