After the successful deployment and initial configuration of McAfee MVISION EDR, you will want to test the product is functioning correctly. To test, you trigger a dummy endpoint detection, and verify whether the alert is accurately shown in the MVISION EDR workspace.

You can verify that MVISION EDR client is correctly generating Trace detections. Use PowerShell to execute an encoded command which creates and then deletes a dummy registry value in:
HKCU\​Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options

1. Press Windows+R, type cmd, and press Enter.
2. Download and unzip the EDR_Test_Command.zip file attached to this article.
3. Copy the command in the unzipped file and past it into the command prompt window.
   Then press Enter and wait for the command prompt window to exit
4. Navigate to the Monitoring tab of the MVISION EDR workspace (https://ui.soc.mcafee.com/).
5. Wait for the trace detection to process and display in the EDR workspace.
   The result looks similar to the following image. Note the section highlighted in red.