Exclusions And Intrusions, Tables

grayghost2
grayghost2
edited July 2015 in Vulnerability

From my brief experience (about 4 hours so far) with BIS-2015 ...


What is the difference between Excluded Files and folders and Excluded Processes


- so far when I increased "Intrusion Detection" from the default "Permissive" to 'Medium" ... BIS intervention (and my "allow" choices) the Antivirus –> "Excluded files and Folders" table was populated by those EXE files I had allowed.


I would like to understand when should perceived threat (a file) be listed on both Excluded Files and folders and Excluded Processes


- even in my experience with 2013 I never understood what to do


- it was always a case of hit and hit !


I would appreciate some clarification, because I think I would like to increase Intrusion Detection to "Medium" ... or not ?


Thank you :)

Comments

All Time Leaders

Categories

Defenders of the month