Security Controls

Rule Collection Add File Hash

A file may be added along with a digital hash of the file. This ensures that only that particular file may be executed but from any location.

The Add a File Hash dialog is used to define a file hash rule item. This item will be added to the Rule Collection node.

1.Select a Rule Collection node for either Executable Control or Privilege Management Rule Collections.

2.Right-click and select File Hash.

The Add a File Hash dialog displays.

3.In the Properties tab, enter the file name or click the ellipsis (...) in the text box to browse to select the file.

In the Open dialog, navigate to the file hash that you want to add and click OK.

4.Enter optional command line arguments in the Arguments text box. Enter all arguments as they appear in Process Explorer.

Command line arguments extend the matching criteria beyond what is entered in the File field. If an argument is added, both file and argument must be satisfied for a match to occur. Any argument that appears on the command line for a process, such as flags, switches, files, and Guids, can be added.

5.If required, enter an optional description of the file hash for your future reference.

6.The file hash value is displayed, select Rescan to update the file hash.

7.Click Add to add the file hash to the Rule Collection.


Was this article useful?