Reference Guide

ManualsBrandsDell ManualsConverged InfrastructureData Guardian

101

102

103

104

105

106

107

108

109

110

Security Management Server Virtual v10.2.7 AdminHelp

Drag a column header, such as Status, to the area directly above the column headers to group the data by

Status. When you drag a column header, it turns green, indicating that the table can be grouped by that data.

You can drag additional headers over the table to group the data even further.

For each group, a number displays in parentheses to indicate the total number of threats that share that

group's attribute.

Commands:

Select the check box next to a file name to perform an action on the file. To select all files, select the

check box in the column heading row.

Export

Export lets you export selected data to a .CSV file so that you can view the data in Excel or a similar

application which has powerful sorting/organizing features.

After selecting the data to export, click Export to save the data in a .CSV file.

Quarantine

Click Quarantine to add the file to the Quarantine list.

Quarantining a file will prevent the file from being executed on this device.

Note: Quarantining a file will move the file from its original location to the Quarantine directory

(C:\ProgramData\Cylance\Desktop\q).

Waive

Click Waive to allow the file to run on this device.

Note: Occasionally, a “good” file could be quarantined or reported. This could happen if the features of

that file strongly resemble those of malicious files. Waiving or globally safe listing the file can be useful

in these instances.

Exploit Attempts

This section lists the detection of attempts to exploit running processes, or malware that executes from

within memory space.

A number displays the total number of events, followed by the number in each subcategory.

Check box - Select all events by selecting the check box in the column heading row, or select individual

events. When you select a check box, Quarantine and Waive are activated.

Added - Date and time when the exploit attempt was added.

Process Name - Name of the process identified as an exploit attempt.

Process ID - Unique number associated with the exploit attempt.

Type - Type of memory exploit: Exploitation, Process Injection, Escalation.

Action - Action taken to protect the system from the exploit attempt:

 Ignore - The agent does not take any action against identified memory violations.

 Alert - The agent will record the violation and list the incident on this page.

 Block - If an application attempts to call a memory violation process, the agent will block the

process call. The application that made the call is allowed to continue to run.

 Terminate - If an application attempts to call a memory violation process, the agent will block the

process call and will also terminate the application that made the call.