Quick sanity check required - We are currently migrating away from another AV vendor, and this AV vendor had the concept of trusted processes, ie these processes could do what they liked. To keep the config as like-for-like as possible, we want to configure these processes as low-risk processes, and configure the exclusions so nothing is scanned, if accessed by these low-risk processes.
From KB50998, I would gather if I configure the exclusion as:
would this achieve what I am looking for? Alternatively I can disable the 'scan files when reading' and 'scan files when writing' options in the low-risk process policy (similar to solution 2 in KB58727)?
thanks in advance!