As you perform scanning in your environment, you will eventually want to filter out some of the false positives. This is especially true if you leverage a template to build your systems, as a multitude of commonalities might be detected. You may also want to filter out very large files that are known to be safe to optimize the scanning duration.

The Get-ChildItem cmdlet includes the -exclude parameter, which enables you to specify a string of objects that you want to exclude. The -exclude parameter also supports multiple values separated by commas and wildcards with the asterisk character. To start, you specify the Get-ChildItem cmdlet with a directory to scan as the argument. You then provide the -exclude parameter with a file ...