Reference Guide

ManualsBrandsDell ManualsConverged InfrastructureEndpoint Security Suite Enterprise

201

202

203

204

205

206

207

208

209

210

Security Management Server v10.2.11 AdminHelp

trying to read valid magnetic stripe track data from

another process. Typically related to point

-of-sale

systems (POS).

The Scanner Memory Search exploitation affects Windows

operating systems. This policy does not apply to Mac

clients.

Exploitation:

Malicious

Payload

Alert

Ignore

Alert

Block

Termi

nate

Specify the action to take when a malicious payload is

detected.

Ignore

- No action is taken against identified memory

violations.

Alert

- Record the violation and report the incident to

the Dell Server.

Block

- Block the process call if an application attempts

to call a memory violation process. The application that

made the call is allowed to continue to run.

Terminate

- Block the process call if an application

attempts to call a memory violation process and terminate

the application that made the ca

ll.

Malicious Payload

- A generic shellcode and payload

detection associated with exploitation has been detected.

The Malicious Payload exploitation affects Windows

operating systems. This policy does not apply to Mac

clients.

Process

Injection:

Remote

Allocation of

Memory

Alert

Ignore

Alert

Block

Terminate

Specify the action to take when a remote memory allocation

threat is detected.

Ignore

- No action is taken against identified memory

violations.

Alert

- Record the violation and report the incident to

he Dell Server.

Block

- Block the process call if an application attempts

to call a memory violation process. The application that

made the call is allowed to continue to run.

Terminate

- Block the process call if an application

attempts to call a memory v

iolation process and terminate

the application that made the call.

Remote Allocation of Memory

- A process has allocated

memory in another process. Most allocations will only

occur within the same process. This generally indicates an

attempt to inject code

or data into another process, which

may be a first step in reinforcing a malicious presence on

a system.

The Remote Allocation of Memory process injection affects

Windows and macOS operating systems.

197