Endpoint Standard: What do the Different Options Mean for On-Access File Scan Mode?

Endpoint Standard: What do the Different Options Mean for On-Access File Scan Mode?

search cancel

Endpoint Standard: What do the Different Options Mean for On-Access File Scan Mode?

book

Article ID: 287362

calendar_today

Updated On:

Products

Carbon Black Cloud Endpoint Standard (formerly Cb Defense)

Issue/Introduction

What do the different options for On-Access File Scan Mode mean?

Environment

Endpoint Standard Console: All Versions
Endpoint Standard Sensor: All Versions

Resolution

The three options for On-Access File Scan Mode are:

Disabled - No scanning of files occurs
Normal - Scans new files (exes, dlls, scripts) on the first execute of that file (determined by hash).
Aggressive - Scans all files on execute. The assigned reputation and policy rules apply.

Feedback

thumb_up Yes

thumb_down No