Solution
The security level associated with the security policy for the user defines the actions to take in response to any detected security violations. When the user PC fails the check for a PC software control group, EAD takes the action configured for the group in the check PC software control group setting of the security level.
The Default Action for Check Failure setting in a PC software control group does not take effect on security violations, but is used in the following situations:
When a new security level is created, all existing PC software groups are automatically added to the security level. The Default Action for Check Failure setting of each group serves as the default security mode of the group in the security level.
After a new PC software control group is created, it is automatically added to all existing security levels for which PC software check is disabled with Global Security Mode. The Default Action for Check Failure Setting is the default security mode for the group in the security levels.