This content has been marked as final. Show 2 replies
Default Policy applies to everything not included in High or Low risk policies. So simply removing all Processes from the High Risk policy and adding your exclusions to the Low Risk policy should achieve what you want. I wouldn't change the read/write settings on the high risk, as someone might forget that it was done, add a high risk exe to the policy, and wonder why it didn't do any good.