In CIS version 11, HIPs rule works differently from old version (version 7)?

I have been using CIS (version 7) for many years on Windows 7, and I understand clearly how to create HIPs rules for applications to meet my needs.
Recently I bought a new Windows 10 laptop, so I installed the latest CIS version
As always, I configure HIPs to work in safe mode, so I will be prompted when an un-trusted application tries to modify my system. However, I find the HIPs rule behavior is different from my past experience.
For example, if an application tries to access a Protected COM interface C:\windows\explorer.exe, I receive the prompt, I allow the access and ask CIS to remember my decision. If I check the new rule created, I can see an entry being added in Protected COM Interfaces section. Next time, if the same application tries to access a different Protected COM interface C:\windows\system32\svchost.exe, I will receive a new prompt and I can decide whether to allow it. This has been doing well and I’m notified whenever the application request to access something undefined.
However, in CIS version 11, the first time I allow the access, I no longer see an entry being created in Protected COM Interfaces section. Instead, the “Action” for Protected COM Interfaces become “Allow” rather than the default “Ask”. That means, the application is allowed to access any Protected COM Interfaces, apparently this is more than what I plan to grant.
How can I configure CIS to behave like the old version 7?

you can set rule in the hips settings all apps > ask for every component or process but ı tryed it doesnt work for me so only option hips in paranoid mode ı use in safe mode hips for unrecognized files hips sometime ask sometimes doesnt ask and no pop up but in paranoid it always give you alert

In hips settings all apps, the default action for every component is “ask”. In my case, CIS gives me the alert when untrusted application tries to modify the system, but it doesn’t create the hip rule correctly.

For example, when an application tries to access a Protected COM interface C:\windows\explorer.exe, and I allow the request. I expect CIS to reate the new hip rule like the following (CIS v7 behavior)

Access Name: Protected COM interfaces
Action: Ask
Exclusions: “C:\windows\explorer.exe” in “Allowed COM Interfaces” tab.

However, CIS v11 creates the hip rule like this:

Access Name: Protected COM interfaces
Action: Allow

The problem of such hips rule is, it allows the application to access any Protected COM interfaces instead of just “C:\windows\explorer.exe”.

Hope this clarifies the issue.

You need to enable set popup alerts to verbose mode under HIPS settings, which is I think only enabled by default under the proactive configuration.

Ah yes! The issue is resolved. Thank you so much!

BTW, strange enough, I double check my setting in v7, I didn’t enable this setting.

is verbose mode always give you alert ?

So far, it works fine, just like what I’m used to in v7.
Technically, it might not be easy for me to tell whether CIS have missed to show some alerts. Unless I’m a developer and intentionally add some code that should trigger the altert, how can I tell?