Pages

Thursday, March 9, 2017

Configuring AppLocker in Windows Server2012 R2 - Executable Rules – File hash Condition


Model Solutions


Prerequisite.

1.        Create OU AppLocker and move Clt01 to new OU.


2.        In the GPMC, double click Forests: msita.local, expend until you get Group Policy Objects then right click and then click New. In New GPO box, type AppLocker Software Control GPO, and then click OK.


3.        On the Group Policy Management window, right click AppLocker then click Link an Existing GPO. On the Select GPO window, select AppLocker Software Control GPO then click OK


Deploy (on DCSrv2012) AppLocker using Path condition.

1.        On the Group Policy Management window, right click AppLocker Software Control GPO, and then click Edit.


2.        Once the Group Policy Management Editor open, double click Computer Configuration, expand Policies, expand Windows Settings, expand Security Settings, expand Application Control Policies, and then expand AppLocker.


3.        Right click Executable Rules then click Create New Rule.


4.        On the Before You Begin window, click Next.


5.        On the Permissions, select Deny then click Next


6.        On the Conditions window, select File hash then click Next.


7.        On the File Hash window, click Browse Files…


8.        Select firefox.exe in C:\Program Files (x86)\Mozilla Firefox then click Open.


9.        On the File Hash window, click Next.


10.        On the Name and Description window, type Block Firefox then click Create.


11.        On the Windows 8 client, run Firefox and view result as shown in figure below.


      ▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬
                                            ► Download this video, lesson for FREE
                                            ► MP4 link: updating...
                                            ► PDF link: http://fas.li/7RKos
                                            ► Youtube:  updating...
                                        ► Alternate link: http://adf.ly/1n3zja
                                            ► Alternate link: http://viid.me/qWYFef
                                            ► Alternate link: http://linkshrink.net/7dczSD
                                            ► Alternate link: http://www.linkbucks.com/BC8Qi
      ▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬

No comments:

Post a Comment