Prevent malicious applications from running

This scenario shows you how to prevent the end user from running cmd.exe.

Scenario description

In this scenario:

• The end user has run C:\windows\system32\cmd.exe at least once since the
  Application Control Agent was installed.
• File Inventory Agent has returned file inventory to the Notification Server.

Scenario resolution

To automatically encrypt Microsoft Excel spreadsheets, perform the following steps:

• In the Symantec Management Console, on the Home menu, click Arellia > Application Control
• In the left pane, select Policies > Application Control >Manage Applications

• In the right pane, enter "cmd" in the Win32 Executable field and click Refresh.
• Select all rows of the grid and click the Blacklist button.
• Run Collection Delta Update Schedule. For instructions, see Notification Server Help.
• Enable the Deny Blacklist execution policy. See Manage applications.
• On a managed computer, start cmd.exe. The cmd.exe will not start and you receive a system tray message.