Restrictions

On the Restrictions tab, you can select the categories of entities to be restricted.

•HOSTS file—neutralize HOSTS file entries redirecting to unsafe addresses.

•System tools—restore the default value of group policies launching cmd.exe and regedit.exe.

•System certificates—neutralize the entries of group software restriction policies using certificate rules.

•Fileless scripts—block launching of fileless scripts.

•Executing LoLBins—block execution of LoLBins.

•Loading vulnerable drivers—block applications loading vulnerable drivers to access the kernel.

•Blocking child processes—block launching child processes by some applications (chm, wordpad, etc.).

•Blocking child processes with elevated privileges—block loading external modules in system applications with automatic elevation of privileges.

•Blocking compromised user accounts—block user account on behalf of which malicious actions were performed during the remote desktop session.