All Products: What are PSScriptPolicyTest Powershell Files?
search cancel

All Products: What are PSScriptPolicyTest Powershell Files?


Article ID: 285634


Updated On:


Carbon Black App Control (formerly Cb Protection) Carbon Black Cloud Endpoint Standard (formerly Cb Defense) Carbon Black Cloud Enterprise EDR (formerly Cb Threathunter) Carbon Black EDR (formerly Cb Response)


What are PSScriptPolicyTest powershell files used for within Windows?


  • Microsoft Windows: All Versions
  • Microsoft Powershell: All Supported Versions


These files are randomly generated by Microsoft and execution is attempted to determine which Language Mode PowerShell will run in when using AppLocker.
  • Allowing┬áthem to execute enables Full Language Mode in PowerShell.
  • Blocking┬áthem from execution enables Constrained Language Mode in PowerShell.

Additional Information

  • Constrained Language Mode helps to reduce the attack surface of PowerShell.
  • Full Language Mode grants access to any language element and therefore to any Windows API.
  • If using App Control, it is highly recommended to create this Custom Rule to block their execution without a Notifier, and this ABExclusion to prevent the information from being returned to the Server.