CCE-33860-8Platform: cpe:/o:microsoft:windows_8.1 | Date: (C)2015-10-14 (M)2023-07-04 |
Process Exclusions for outbound traffic
This policy setting defines processes from which outbound network traffic will not be inspected. Process names should be added under the Options for this setting. Each entry must be listed as a name value pair, where the name should be a string representation of a process path and name. As an example, a process might be defined as: 'C:\Windows\System32\App.exe' . The value is not used and it is recommended that this be set to 0.
If you enable this setting, inspection of outbound network for the specified processes will not be performed.
If you disable or do not configure this setting, inspection of outbound traffic will be performed for all processes.
Parameter:
[]
Technical Mechanism:
(1) GPO: Computer Configuration\Administrative Templates\Windows Components\Windows Defender\Network Inspection System Exclusions!Process Exclusions for outbound traffic
(2) REG: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows Defender\NIS\Consumers\IPS\Exclusions\Processes!Nis_Consumers_IPS_Exclusions_Processes_executable_Path_and_Name
CCSS Severity: | CCSS Metrics: |
CCSS Score : 4.6 | Attack Vector: LOCAL |
Exploit Score: 0.3 | Attack Complexity: HIGH |
Impact Score: 4.2 | Privileges Required: HIGH |
Severity: MEDIUM | User Interaction: REQUIRED |
Vector: AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:N/A:L | Scope: UNCHANGED |
| Confidentiality: HIGH |
| Integrity: NONE |
| Availability: LOW |
| |
References: Resource Id | Reference |
---|
SCAP Repo OVAL Definition | oval:org.secpod.oval:def:29098 |