Windows server 2012 Practice Test

The strategy that effectively prevents any executable from running except those that have been specifically allowed by an administrator is referred to as a disallowed strategy. This approach is implemented through software restriction policies where administrators define a list or criteria for allowable applications. Anything that is not explicitly permitted is automatically blocked from execution.

In a disallowed setting, the emphasis is on a restrictive policy that ensures only known and trusted software can run, which enhances security by reducing the risk of unauthorized software being executed. This is particularly useful in organizational environments where security is paramount and where malware or unapproved applications must be strictly controlled.

Other strategies such as allowed, trusted publishers, and hash-based methods focus on different aspects of software execution. An allowed strategy would openly permit specified applications while allowing all others to run unless explicitly restricted, which does not achieve the same level of security control. Trusted publishers rely on the credibility of the software publisher, and hash-based methods validate executables against a specific hash, both of which have different mechanisms and may allow non-compliant software to run if they don't follow the required criteria.