The v6.0 Windows Prevention policy options are as follows:
Disable prevention - Log but do not prevent policy violations
This option disables prevention of policy violations at the global level. At the global level, the option disables prevention of policy violations for an entire system. The violations are logged as they occur, but are not denied. Set this option to gather information about how a system performs with a policy enforced, without running the risk of SDCS:SA preventing critical system operation.
Use this option with caution. A prevention policy provides no protection when prevention is disabled.
Enable logging of trivial policy violations
A policy normally logs all policy violations. Trivial policy violations are well known, expected behaviors that violate the policy and are not critical to the operation of a program. The policy denies these behaviors. Since these denials do not represent a real security threat, the policy does not log them by default. Setting up this option logs all policy violations. This policy provides the same level of protection whether or not this option is set.
Turning on this option can greatly increase the size of the log files. SDCS:SA retains the same level of protection regardless of how this option is set.