What does Kaspersky's default deny/zero trust mode do and how to set it properly?

[kK574outrider]

What does Kaspersky's default deny/zero trust mode do (in Intrusion Prevention settings)? In a few articles here it mentioned that if you set intrusion prevention to default deny (untrusted), it will basically block the execution of all applications that are not in the Kaspersky Security Network list of trusted applications. Is this true?

What I'm trying to achieve here is if someone in my family uses my computer and accidentally uses it to download and install, let's say, adware or a PUP (not necessarily malware but still untrustworthy), will Kaspersky outright block the installation because it's not in Kaspersky's list of trusted applications? I also made Kaspersky password protected so others can't modify any settings.

In short I'm trying to avoid the following scenario:

My little brother Timmy (I don't have anyone named Timmy) figured out my computer password and installed a cracked game during a day when I was not home, and I got to see a potentially harmful program installed on my computer the next day when I came home. Even if this crack were to be free of malware, I don't want this to happen.

Is this the right way to set Kaspersky Premium into default deny/zero trust mode?

Please see the image.

I'm grateful for any assistance.

 

 

[Berny]

@kK574outrider

7 minutes ago, kK574outrider said:

… adware or a PUP … if crack

In a lot of cases Kaspersky will flag and report the detection as not-a-virus

[harlan4096]

To implement Default Deny, go to Intrusion Prevention settings, also called in the past Application Control, and set it like this:

 

 

Still We could go even stronger, un ticking Trust digitally signed applications option, but this can cause that some legit apps will be blocked while installing/running, if not signed or not signed properly, but You could move them manually to Trusted group.

[AlexeyK]

35 минут назад, kK574outrider сказал:

Please see the image.

These settings are too aggressive. Untrusted is a group for malicious files with all restrictions: all actions are denied, including launching. Many safe files can be placed by the product in the Low Restricted group by default, where allowed almost all actions. Such setting will interfere more than help: can cause errors while installing, updating and launching some safe applications.

With the default produst settings, when PUP is detected, there will be a Windows Security and GUI notification, adware will be automatically removed.

It is better to try to prevent "Timmy" from figuring out your computer password. This is the best option. 🙂

[Flood and Flood's wife]

1 hour ago, kK574outrider said:

In short I'm trying to avoid the following scenario: My little brother 'Timmy' figured out my computer password  (I don't have anyone named Timmy)

 

Hello @kK574outrider,

1. Also, use Windows Hello Face ID & OR Fingerprint authentication to protect the computer.
2. Password-protect Kaspersky Premium, read: How to password-protect access to the application management functions                                                   

Thank you🙏
Flood🐳+🐋