Assume a Child Process Protection rule exists for powershell.exe in Traps v 4.0. Among the items on the blacklist is ipconfig.exe. How can an administrator permit powershell.exe to execute ipconfig.exe without altering the rest of the blacklist?
I agree with that logic. The question specifically says we can't alter the rest of the blacklist, so that rules out option D. And uninstalling and reinstalling the agent seems like overkill just to run ipconfig.exe.
Hmm, this is an interesting one. I think the answer has to be C - creating a second Child Process Protection rule to whitelist ipconfig.exe. That way, we can maintain the existing blacklist without having to modify it directly.
upvoted 0 times
...
Log in to Pass4Success
Sign in:
Report Comment
Is the comment made by USERNAME spam or abusive?
Commenting
In order to participate in the comments you need to be logged-in.
You can sign-up or
login
Joanna
8 months agoSherill
8 months agoKeneth
8 months agoAaron
8 months agoMammie
8 months agoAnastacia
8 months agoAlana
8 months agoAlecia
8 months agoRebecka
8 months ago