In a customer environment, where only the launch of EXE files is controlled by DriveLock, it is currently not possible to collect information about how Application Control would handle DLLs with the current policy set.
In order to collect "DLL started" and "DLL blocked" events, you have to change the "Scan- and Block-Mode" to include DLLs. This forces you to choose between Simulation Mode, which also affects the handling of EXE files, or "Active"-Mode, which would block all unknown DLLs immediately.
We would appreciate a feature that allows us to determine which DLLs would be blocked in our environment before activating the feature and without degrading our security posture by disabling the whitelisting of EXE files.