Question on Access Rights & Exclusion Rules

Hey there – Can you please explain how Access Rights & Protection Settings are determined in the Custom Policies? All of my ‘Protection Settings’ are marked 'Inactive." I don’t recall defining these and this seems a bit weird, no? Further, how are the ‘Modifications’ under the Exclusion Section of Custom Policies determined (can these be changed by programs under automatic rule creation)? I thought these Exclusions were user defined, and I’m showing a lot of exclusions which would mean rk activity is at hand? Pls let me know! Thanks.

In general, access rights are defined by the user for custom policies. When you create a Computer Security Policy for an arbitrary app via the ‘add’, ‘select’ dialog, the default policy is ‘custom’. The default access right for all access names associated with any arbitrary process access rights Computer Security Policy will be ‘ask’ I believe that if ‘create rules for safe apps’ is ticked, then the access right will be ‘allow all’ for all associated access names.

Protection settings are disabled by default. These settings define what access name is allowed to act on the process by another process. The processes that may affect whatever process for which Computer Security Rule is established is listed in the protected exclude listing (if the particular access name is ticked ‘active’).

The exclusion list for access rights establishes, by access name, what processes HIPS should not ask permission for (allow) if ask is ticked, will not block (if block is ticked), or will not allow (if allow is ticked).

Maintenance of access name exclusion lists is maintained on an on-going basis for those access rights defined as ‘ask’. As applications attempt to access various resources - categorized by access name - the user is prompted by access attempt, if ‘allow’, ‘remember this’ is ticked, then the resource the app is accessing will be added to the excluision list automatically. For ‘block’ and ‘allow’ the exclusion lists must be maintained manually; any resource not listed in the exclusion listing is automatically allowed if the access name access right is ‘block’, and vice versa if ‘allow’.