Customer protect by PROCESS class for some process. But it can be killed by taskkill.
i.e: editres PROCESS c:\Windows\system32\notepad.exe owner(nobody) defacc(n) audit(f)
taskkill /pid [PID]
process/application can be terminated.
Release: ACP1M005900-14.0-Privileged Identity Manager
PROCESS class is protecting from specific API in reference guide:
> selang Reference Guide
> Classes in the AC Environment
But taskkill command does not use this API.
So, it cannot protected.
When you need to protect it, you register FILE or so to protect for execution program.