Hello,
In your case, what you could try is activating the Rule "Protect client files and registry keys" under Test / Production.
A Rule Set is a set of controls that allow administrators to allow or block an action. In the example below, you will note that there are currently four rule sets defined. You will also notice that Administrators can choose to create as many rule sets as they would like in a policy. Even though multiple rule sets can be in a given policy, administrators can choose which rule sets are active by toggling the Enabled option. In this example, you will note that none of the rule sets are enabled.
To the right of the rule set name there is an option to configure Test/Production. This feature allows administrators to test rules before actually enabling them. In the Test (log only) configuration, no actions will be applied in the rule, but the action is logged. This allows administrators to see what would have happened if this rule would have been active. All new rule sets are created with the default option configured to test. This reduces potential accidents an administrator may make by not considering all possibilities of the rule.
Hope that helps!!