Attempted to block application using the SCSP policy, In this example regedt32.exe was used. You can use any application referring the screen captures.
1) Log into SCSP console. Click on 'Policy' tab and select Prevention View tab.
2) Copy the 'sym_win_application_control_tenplate', by right click on the exist policy and selecting 'copy'
3) Once copy of the policy is created. Double click on it to open and click on 'Settings' under 'Application Control Template Policy' select 'Global policy Options' ---> Resource list ---> No Access resource List ---> Block and Log All access to these files as trivial '.
4) Enable the Block of application , check mark and click on Add to list the application that needs to be blocked.
5) In this example I'm select regedt32.exe. I have entered the path of the file and click on OK.
6) Click on Apply as highlighted
7) Click on Submit the window closes and then click on OK
8) The policy is ready. This policy needs to be applied to a machine. Right click on plicy and select Apply Policy
9) The policy will be applied to machine win2k3 which ic under Application Group
10) Once the machine is selected, below window will be seen. I have selected to take the new option settings
11) Click on Finish. once the policy is being applied check the icon highlighted (red flag).
12) once the policy is applied the red flag will be gone ( not seen). Check the screen capture
13) This shows the policy is applied and no error seen. Now browse to the application directory to execute and the below error will be seen.
