the function of the control of reading files

I hope the Defense+ of Comodo has the function:

When a process wants to read (NOT modify) some files, the Defense+ can pop up a window to notify me and let me decide whether to allow the action.

Does the Defense+ have the function? 88)

If I understand you correctly, I believe that the settings you are looking for can be found under Defense+> Advanced > Predefined Security Policies. You can create your own policy and assign applications to it.

You also could add the files that you are wanting to monitor to Defense+ > Common Tasks > My protected Files.

Hope this helps

CHeers

Do you mean CIS should alert you for when a program tries to access another program in memory?Or do you mean you want files on a hard drive, for example. to be protected? CIS can do both.

Thank you for your reply.

My meaning is about “reading files”, namely “get the content of files”

For example, when I use the application program of Microsoft Word to open the file of “abc.doc”, then the process of “WINWORD.EXE” will “read” the file of “abc.doc” and get the content of “abc.doc”.

At this time, I hope the Defense+ can pop up a window to notify me and let me decide whether to allow
“WINWORD.EXE” to access “abc.doc”

Defense+> Advanced > Predefined Security Policies, the function is the control over application programs, not files.

Defense+ > Common Tasks > My protected Files, the function is just to forbid any application programs accessing destination files, not to pop up windows to notify me and let me decide.

So, I still have not found the appropriate function.

Thank you for your reply.

“Files to be protected”, the function is only for “modification to files”. If I use an application program to open a file and don’t do any modification, Defense+ won’t notify me.

You can achieve this goal using PCTools ThreatFile, which runs happily in alongside CIS.

Under Advanced Tools->Advanced Rule Settings->Custom Rule Settings it is possible to add rules that limit read, write, create, and execute to particular files or directories for all files except explicitly listed ones
e.g. rule settings:
When any process
tries to write or delete or create or execute a file
in C:\Users\xxxx\my keys[\u]

The only problem is that when you are prompted when a non-approved program attempts to access the file, you only have the choice to ‘allow’ or ‘terminate the application’