logo

Knowledge Base

Access official resources from Carbon Black experts

IMPORTANT ANNOUNCEMENT: On May 6, 2024, Carbon Black User eXchange (UeX) and Case Management will move to a new platform!
The Community will be in read-only mode starting April 19th, 7:00 AM PDT. Check out the blog post!
You will still be able to use the case portal to create and interact with your support cases until the transition, view more information here!

CB Protection: How are executions affected when prompt notifiers are idle?

CB Protection: How are executions affected when prompt notifiers are idle?

Environment

  • CB Protection Agent: All Supported Versions
  • Microsoft Windows: All Supported Versions

Question

When a prompt notifier is displayed (in Medium Enforcement) on an endpoint but not acted upon, how can the agent be expected to act?

Answer

  • While the prompt notifier is up, but not acted upon, the agent will:
    • Block banned files
    • Discover new unapproved files and report back to the CBP Server
    • Prompt for unapproved file executions
  • The agent will not:
    • Receive and act upon global or local approvals sent from the CBP Server
  • Essentially, the prompt notifier must be acted upon (allow or block) in order for the agent to be able to proceed with allowing or blocking the file execution.

Labels (1)
Labels:
Tags (2)
Was this article helpful? Yes No
No ratings
Article Information
Author:
CB_Support
Creation Date:
‎04-18-2019
Views:
231
Contributors
logo

Copyright © 2005-2023 Broadcom. All Rights Reserved. The term “Broadcom” refers to Broadcom Inc. and/or its subsidiaries.