A DLP administrator is testing Network Prevent for Web functionality. When the administrator posts a small test file to a cloud storage website, no new incidents are reported.
What should the administrator do to allow incidents to be generated against this file?
A. Change the "Ignore requests Smaller Than" value to 1
B. Add the filename to the Inspect Content Type field
C. Change the "PacketCapture.DISCARD_HTTP_GET" value to "false"
D. Uncheck trial mode under the ICAP tab
The Correct Answer is A,
The key word is “Small Test File “. Changing the “Ignore requests Smaller Than” value to 1 will work because The default minimum body size of HTTP requests to inspect is 4096 bytes. For example, search strings typed in to search engines such as Yahoo or Google are usually short. By adjusting this value, you can include or exclude the search.
D corect answer
https://techdocs.broadcom.com/us/en/symantec-security-software/information-security/data-loss-prevention/15-8/implementing-id-sf0b0139227-d318e2911/configuring-server-id-SF0B0161467-d1116e493.html