I have to create a Poison Pill where CSA can essentially disable a system to the point that it is unusable and not recoverable.
I know there are several rules that can possibly do this by themselves, but I was wondering what would be the most effective where the system would have to be re-imaged in order to make it useable again.
I am running V184.108.40.206 agent on XP images.
I was thinking of not allowing services.exe to run anything.
What would you recommend?