McAfee TEECDE-AA-AA Evaluator Guide - Page 37
Resetting the On-Access Scan policy, Verifying the On-Demand Scan task, When an Unwanted Program
View all McAfee TEECDE-AA-AA manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 37 highlights
Deploy the McAfee Agent 3 Highlight Test Group. 4 To the right of Unwanted Programs Policy, click Edit Assignment. 5 Select Break inheritance and assign the policy and settings below. 6 Click New Policy. 7 Type a name for the policy, such as PUP exclusions for IT staff, and click OK. The Policy editor opens. 8 In the Unwanted Program Exclusions area, type PortScan-SuperScan and click the plus symbol (+) on the right. 9 Type RemAdm-TightVNC, click + again, and type Reg-TightVNC. TightVNC also requires a "Reg" exclusion for the Windows Registry entries for this application. This instructs the scanner not to clean the associated Registry entries for this program. SuperScan does not require a Reg exclusion as it is just a standalone executable. 10 Click Save. It is safer to exclude only the tools you use, rather than deselecting an entire category. For example, considering remote administration tools, you might need to exclude a few tools for normal operations, but you might also want to know if the McAfee AntiSpyware module finds any non-approved, rogue tools of this nature on your network. After completing the PUP audit, it is important that you change the VirusScan setting back to Clean, and create a policy with exclusions. If you don't revert the policy to clean PUPs, you won't remove spyware. Resetting the On-Access Scan policy Previously, you created a new policy that instructed the on-access scanner to detect PUPs but not clean them. Use this task to reapply the default scanner policy, which enables cleaning. 1 Click Menu | Systems | System Tree, then click Assigned Policies on the menu bar. 2 From the Product drop-down menu, select VirusScan Enterprise 8.7.0. 3 Highlight Test Group. 4 To the right of On-Access Default Processes Policies, click Edit Assignment. 5 For Inherit from, select Break inheritance and assign the policy and settings below. 6 From the Assigned Policy drop-down menu, select My Default. 7 Click Save. Verifying the On-Demand Scan task In a previous exercise, you scheduled a recurring scan for the client system. As part of that configuration we instructed the scanner to temporarily only detect PUPs, and not to clean them. Use this task to reset the option that enables cleaning during a scheduled scan. 1 Click Menu | Systems | System Tree, then click Client Tasks on the menu bar. 2 Highlight Test Group. 3 Locate the scan task you created, then under the Action column click Edit Settings. 4 On the first page of the task wizard, click Next. 5 On the Configuration page, click Actions, then in the When an Unwanted Program is Found drop-down menu, select Clean Files. 6 Click Save. McAfee Total Protection for Endpoint Lab Evaluation Guide 37