Use the Security Policy to Manage Service Protection

After changing protection settings using Cytool, you can restore the default security policy at any time using the cytool protect policy <feature> command.
  1. Open a command prompt as an administrator and navigate to the Traps folder (see Access Cytool).
  2. To use the rules in the security policy to manage service protection, use the following command:
    C:\Program Files\Palo Alto Networks\Traps>cytool protect policy <feature>
    where <feature> is either process, registry, file, or service.
    The following example displays output for managing the protection on Traps files using the local security policy. The Mode column displays the revised protection status as Policy.
    C:\Program Files\Palo Alto Networks\Traps> cytool protect policy <feature>
    Enter supervisor password:
    Protection Mode State
    Process Enabled Enabled
    Registry Enabled Enabled
    File Policy Disabled
    Service Enabled Enabled

Related Documentation