What is the purpose of the Monitored policy?

• Carbon Black Cloud Console: All Supported Versions

• As the name implies, the policy monitors all application activity on an endpoint and logs these events to the Dashboard, which allows administrators evaluate all application activity prior to any policy rule implementation.
• In terms of enforcement, the policy has very limited preventive capability, sensors assigned to this policy will allow most activity, except for malware, Potentially Unwanted Programs (PUPs) and living-off-the-land software used by adversaries to disable the sensor, as part of its tamper protection functionality.

• The Monitored policy is provided to customers that had Carbon Black Cloud deployed after July 2017
• The Monitored policy can have custom rules added to it in order to block applications but doesn't by default
• Local scan is disabled by default within the Monitored policy