Endpoint Protection

Is it possible to check whether the specific registry key value is existing in the client machine through Host Integriry policy or through any other policy in SEP

You can check for reg values / DWORD with a custom requirement

Creating a test Host Integrity policy with a custom requirement script

which reg values

Whichever ones you specify sir

Both the functions are not providing solution for my scenario. The function "Registry: Set Registry Value" says that it to "set a registry value to the specific value. create the value if does not exist" and anothee one is to increment the Dword value in the registry. However, My scenarion is only identify the machines with the specific registry value. Is this possible.

About registry conditions
For a custom Host Integrity requirement, you can specify Windows registry
settings to check as part of your IF-THEN condition statement.You can also specify
ways to change registry values. Only HKEY_LOCAL_MACHINE,
HKEY_CLASSES_ROOT, and HKEY_CURRENT_CONFIG are supported registry
settings.
The following selections are available for checking registry settings:
Specify a registry key name to check whether it
exists.
Registry: Registry key exists
Specify a registry key name and a value name and
specify what data to compare the value against.
Registry: Registry value equals
Specify a registry key name to check if it has the
specified value name.
Registry: Registry value exists
Specify a value to assign for the specified key; if
the key does not exist, it creates the key. This
selection replaces an existing value, whether or
not it is of the same type. If the existing value is
a DWORD value but you specify a string value, it
replaces the DWORD with the string value.
 

You can check the page 75 of SNAC Implimentation Guide.

Select the Custom Requirement

Do the IF...THEN

Under Select a Condition, select the one for Registry vlaue exists

Put in the Registry key and Value

Edit the rest as you see fit and click OK to save and apply the policy