The concept is very close to SRP. So close that it actually replaces it. In Ultimate and Entreprise versions of Win 7, SRP, even if set up, is simply bypassed if AppLocker is set up as well. SRP is still there for means of back compatibility. AppLocker is located in the Local Security Policy (administration tools) at the same place you can find SRP. How to set it up. First the meaning of AppLocker is to implement a further layer of security when running in a limited user account called standard user in Win 7 and by denying the execution of executable files, script and batch files, Windows installer files, and DLL (and Activex) files that do not meet the rules configured. I propose to show how to create a default set of rule for AppLocker and to activate it. Sorry for the pictures, my win 7 is in French and Russian only. Under your admin account, run as admin the Local Security Policy: In the left pane, right-click on AppLocker and select Properties. For every rule, tick Configured and from the drop down menu select apply rules. Once done, go to the Advanced tab, and tick to activate the DLL Rules. You should get this : Just press Ok. In the next message we will create the default rules.