2 Replies Latest reply on Nov 1, 2017 9:55 AM by Lee.Bowman

    Application Control - Restrict Built-in Administrator until Elevated

    Lee.Bowman Rookie



      Learning and trialing Application Control, starting with a clean/new configuration and using the Rules Analyzer to understand what additional rules are needed.


      However what I have seen is that a user, who has local admin rights, is exempt from the Rules (Unrestricted is selected). Is there any way that the rules can be setup so that the Built-in administrator rules apply only when Elevated? So therefore the user, who is also an administrator receives all the other rules and could potentially avoid executing some malware because the block warning would appear unless of course they elevated