wow how complicate you wanna it to be... i dont undertand many things
eq this override rules there are overrides action in more than 3 places, wtf? what override rule will be used?
i hope almos none of these "charette" dont get to be applied in the future
cis actually have many functions in a simple way to use and configure
what are you asking is for get it complicated without the need of it
It's obviously not worked out quite right but, dude, calm down. You want none of it? You don't want to be able to search, filter, or sort your rules? You want to have to backtrack through several windows to edit file groups? You want to have to delete your exclusions to set CIS to block all access (assuming you're not juggling predefined policies)? You don't want to be able to apply your changes without closing the window? Get a grip.
Advanced settings are complicated. Have you ever opened the access rights window? It's nearly exactly what I'm showing. Override actions are set separately for Access Rights and Protection Settings. Asking which of those will be used, as if they can't both be used, suggests you're not familiar with what Access Rights and Protection Settings are. Actually, I'm under the impression you've never actually looked at these windows in CIS. They're just as complicated as what I'm showing, save for the override action. So, if your one gripe is the override action, then how about, rather than wigging out, you suggest something constructive, or explain why the override is excessive?
And while there's value to a cold-reading, you can avail yourself of the rest of the thread, so that you can engage in at least a slightly informed fashion. Cause I get the feeling some of your questions were actually answered in this very thread, before you posted. For instance...
"Granular control is hidden. It's hidden in tabs, rather in separate windows. Which I think if far more preferable.
The Basic Switches tab is the tab that shows by default, and the tab that will probably be as far as a novice user gets. I need to work on it some, but the principle is there.
Intermediate granularity is available via the additional tabs, using those drop downs to quickly allow/block/ask specific types of accesses.
Advanced granularity is available via expanding the list to view and manage explicit rule-sets."