CIS 10, CCAV 1.8 and Test.bat

I created a batch file (Test.bat) which simply creates a folder (test) on the desktop. With CCAV, this would have prompted me for an action. However, if I run this test under CIS, a test folder is created on the desktop (no warning, no prompt). Is this correct behaviour? Ok, this file is harmless (and maybe CIS see’s it for what it is) but what if it had been malicious and wasn’t in CIS’s database? (offline/online). Maybe *.bat files aren’t considered dangerous compared to their *.exe brothers.

At the moment, I’m torn between using CIS and CCAV. I like the additional features of CIS yet like the simplicity of CCAV. If CIS and CCAV rely on default deny, if I were to go with CIS, do I require the firewall module or does Windows firewall offer enough protection due to default deny?

Winows firewall can be set to block outgoing connections too, like that it becomes a default deny two way firewall.
you can also install a sw like tinywall to have a better control over rule making

Sorry, I didn’t explain myself clearly (the end part). What I meant by “default deny” was that I wouldn’t need to worry about anything “bad” sending data out as anything “unrecognised” wouldn’t be able to run (do it’s damage) in the first place.

That said, CIS did not prompt me when I ran the test batch file whereas CCAV did. Shouldn’t CIS have prompted me to allow/block this file?