Reference Guide
Security Management Server v10.2.10 AdminHelp
197
trying to read valid magnetic stripe track data from
another process. Typically related to point
-of-sale
systems (
POS).
The Scanner Me
mory Search exploitation affects Windows
operating systems. This policy does not apply to Mac
cli
ents.
Exploitation:
Malicious
Payload
Alert
Ignore
Alert
Block
Terminate
Specify the action to take when a malicious payload is
detected.
Ignore
- No action is taken against identified memory
violations.
Alert
- Record the violation and report the incident to
the Del
l Server.
Block
- Block the process call if an application attempts
to call a memory violation process. The application that
made the call is allow
ed to continue to run.
Terminate
- Block the process call if an application
attempts to call a memory violati
on process and terminate
the application that made t
he call.
M
alicious Payload - A generic shellcode and payload
detection associated with exploita
tion has been detected.
The Malicious Payload exploitation affects Windows
operating systems. This policy doe
s not apply to Mac
clients.
Process
Injection:
Remote
Allocation of
Memory
Alert
Ignore
Alert
Block
Terminate
Specify the action to take when a remote memory allocation
threat is detected.
Ignore
- No action is taken against identified memory
violations.
Alert
- Record the violation and report the incident to
the De
ll Server.
Block
- Block the process call if an application attempts
to call a memory
violation process. The application that
made the call is allowed to continue to run.
Terminate
- Block the process call if an application
attempts to call a mem
ory violation process and terminate
the application that made the
call.
Remote Allocation of Me
mory - A process has allocated
memory in another process. Most allocations will only
occur within the same process. This generally indicates an
attempt to inject
code or d
ata into another process, which
may be a first step in reinforcing a malicious presence on
a sy
stem.
The Remote Allocation of Memory process injection affects
Windows and macOS operating systems.