An organization has the following requirements for allowing application.exe:
For example, on one user's machine, the path is C:\Users\Lorie\Temp\Allowed\application.exe.
Which path meets this criteria using wildcards?
An administrator needs to make sure all files are scanned locally upon execution.
Which setting is necessary to complete this task?
An administrator wants to prevent malicious code that has not been seen before from retrieving credentials from the Local Security Authority Subsystem Service, without causing otherwise good applications from being blocked.
Which rule should be used?
An administrator has configured a terminate rule to prevent an application from running. The administrator wants to confirm that the new rule would have prevented a previous execution that had been observed.
Which feature should the administrator leverage for this purpose?
A security administrator needs to review the Live Response activities and commands that have been executed while performing a remediation process to the sensors.
Where can the administrator view this information in the console?
