https://community.cisco.com/t5/endpoint-security/script-protection-in-cisco-amp-for-endpoints/m-p/4123674#M5564 <P>I have enabled Script protection feature in our environment. Where do i verify if it is enabled or not in "Policy.XML" file. Can some one help with what is the keyword to check if this feature is enabled or not on a specific machine.</P> Wed, 22 Jul 2020 17:18:16 GMT pavankumar.kakarla 2020-07-22T17:18:16Z https://community.cisco.com/t5/endpoint-security/script-protection-in-cisco-amp-for-endpoints/m-p/4123674#M5564 <P>I have enabled Script protection feature in our environment. Where do i verify if it is enabled or not in "Policy.XML" file. Can some one help with what is the keyword to check if this feature is enabled or not on a specific machine.</P> Wed, 22 Jul 2020 17:18:16 GMT https://community.cisco.com/t5/endpoint-security/script-protection-in-cisco-amp-for-endpoints/m-p/4123674#M5564 pavankumar.kakarla 2020-07-22T17:18:16Z https://community.cisco.com/t5/endpoint-security/script-protection-in-cisco-amp-for-endpoints/m-p/4123687#M5565 <P>Hello,</P> <P>&nbsp;</P> <P>In order to check if you have Script Protection enabled on the Policy, please refer to the AMSI portion of it.</P> <P>You might have something like this</P> <P>&lt;amsi&gt;<BR />&lt;enable&gt;1&lt;/enable&gt; - Tells you if it's enabled or not<BR />&lt;mode&gt;2&lt;/mode&gt; Tells you if it's set to Quarantine or Audit<BR />&lt;/amsi&gt;</P> <P>&nbsp;</P> Wed, 22 Jul 2020 17:36:02 GMT https://community.cisco.com/t5/endpoint-security/script-protection-in-cisco-amp-for-endpoints/m-p/4123687#M5565 UMontero 2020-07-22T17:36:02Z