I'm working on a documentation of an IT system and I want to describe what is happening, when McAfee finds and quarantines a suspicious file. I have read the many questions on quarantining, but all the answers given, talk about quarantine in general and do not mention the functionality of a given software. I also read through some bit of McAfee documentation and searched online, but couldn't find a proper description so far.
I'm interested in client and/or server based software. I guess the functionalities should be the same.
To be clear, I'm interested in the specific processes that are initiated when a file is quarantined. If a file is encrypted, what algorithm is used. If a file is isolated, how is that done. The whole shebang.
If there is no answer to the question in the title, it would be nice to know, if basically all AV software uses the same mechanisms when quarantining a file. (But still, which ones exactly.)