To test the default IPS policy, you must trigger an event on the client computer. Then check the Security log to see whether the client blocked the event.
To test a default IPS policy
- Rename an executable file (.exe) to a jpeg (.jpg).
- Upload the renamed .jpg file to a web server\site.
- On the client computer, open a web browser and try to open the renamed .jpg file.
Note: To open the renamed .jpg file, make sure that you type the IP address of the web server and site. For example, you would type:
http://<IP address>/<renamed executable file>.jpg
On the client, if the IPS policy works correctly, the following events occur:
- You should not be able to open the .jpg file.
- A message in the notification area icon states that the client blocked the .jpg file.
- You can open the Security log and look for a log entry that states that the client blocked the .jpg file.