Environment
- CB Protection Agent: All Supported Versions
- Microsoft Windows: All Supported Versions
Question
When a prompt notifier is displayed (in Medium Enforcement) on an endpoint but not acted upon, how can the agent be expected to act?
Answer
- While the prompt notifier is up, but not acted upon, the agent will:
- Block banned files
- Discover new unapproved files and report back to the CBP Server
- Prompt for unapproved file executions
- The agent will not:
- Receive and act upon global or local approvals sent from the CBP Server
- Essentially, the prompt notifier must be acted upon (allow or block) in order for the agent to be able to proceed with allowing or blocking the file execution.