App Control: How do Trusted Directories handle .zip files and their contents?
Article ID: 291574
Updated On:
Products
Carbon Black App Control (formerly Cb Protection)
Issue/Introduction
How does the Trusted Directory handle approving .zip files and the files inside of them?
Environment
- App Control Server: All Versions
- Microsoft Windows: All Supported Versions
Resolution
In a Trusted Directory, archive files are analyzed by App Control to determine what files they will write when expanded. The files that will be written by the archive file are globally approved and added to the File Catalog, even if there are no instances of them yet.
They are not, however added to the Files on Computers inventory until the archive is expanded on some computer. The top-level archive file (e.g., myfiles.ZIP) is not added to the File Catalog.
They are not, however added to the Files on Computers inventory until the archive is expanded on some computer. The top-level archive file (e.g., myfiles.ZIP) is not added to the File Catalog.
Additional Information
Cb Protection recognizes the following Windows formats as archives: 7Zip, BZip2, CAB, GZip, ISCab, ISO, MSCompress, RAR, ZIP and TAR.
Feedback
Yes
No
Powered by
