Environment
- CB Defense PSC Console: All Versions
- CB Defense Sensor: All Versions
- Microsoft Windows: All Supported Versions
Question
Does The Initial "Background Scan" Scan Network Drives?
Answer
- At this time background scans do not scan network drives.
- The background scan searches through fixed file systems, performing a top-down search for files of interest, and tries to establish reputation for them. Files and directories that are given full bypass are skipped.
Additional Notes
To expand on the algorithm: the sensor builds a list of drives by iterating through A: though Z:. It calls GetDriveTypeW() on each, checking if the return value is DRIVE_FIXED. If not, the drive is not processed. There is no facility to look for UNC paths at this time.