To exclude a specific executable from Application File Access Control monitoring, which action is required?

• A. Add the executable to the Application Monitoring Configuration and de-select all its channel options.
• B. Remove the executable from all system directories.
• C. Block the executable with a firewall rule.
• D. Move the executable to a non-monitored path

Answer: (A)

The action relies on configuring how the Data Loss Prevention agent tracks that program, not on moving files or blocking network traffic. In Application File Access Control, you manage a list of applications in the Application Monitoring Configuration, and for each executable you can enable or disable the channels through which its file-access activity is monitored. To exclude a specific executable, add it to the Application Monitoring Configuration and deselect all its channel options so no file-access events from that program are monitored or logged. Other approaches—like moving the executable, removing directories, or using a firewall rule—don’t alter the AFAC monitoring behavior for that app in the policy.