Assume a Child Process Protection rule exists for powershell.exe in Traps v 4.0. Among the items on the blacklist is ipconfig.exe. How can an administrator permit powershell.exe to execute ipconfig.exe without altering the rest of the blacklist?
I agree with that logic. The question specifically says we can't alter the rest of the blacklist, so that rules out option D. And uninstalling and reinstalling the agent seems like overkill just to run ipconfig.exe.
Hmm, this is an interesting one. I think the answer has to be C - creating a second Child Process Protection rule to whitelist ipconfig.exe. That way, we can maintain the existing blacklist without having to modify it directly.
upvoted 0 times
...
Log in to Pass4Success
Sign in:
Report Comment
Is the comment made by USERNAME spam or abusive?
Commenting
In order to participate in the comments you need to be logged-in.
You can sign-up or
login
Joanna
24 days agoSherill
25 days agoKeneth
8 days agoAaron
9 days agoMammie
10 days agoAnastacia
11 days agoAlana
12 days agoAlecia
26 days agoRebecka
27 days ago