Which statement is true about the relationship between IDC and BAD files in the incident folder?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $9.99Unlock all

Prepare for the Symantec Data Loss Prevention (DLP) Exam with targeted quizzes and detailed explanations. Boost your knowledge and confidence with our engaging study tools!

Multiple Choice

Which statement is true about the relationship between IDC and BAD files in the incident folder?

Explanation:
In DLP, incident data is written into IDC files as they’re collected. There’s a size guard on these IDC files: if an IDC file grows beyond 1 MB, it is converted to a BAD file rather than continuing as a normal IDC. This isolates oversized or problematic incidents so administrators can review or reprocess them without slowing the automatic pipeline. The BAD file isn’t automatically turned back into an IDC, and IDC files aren’t limited to failed detections only; nor are BAD files simply archived after processing in the standard flow.

In DLP, incident data is written into IDC files as they’re collected. There’s a size guard on these IDC files: if an IDC file grows beyond 1 MB, it is converted to a BAD file rather than continuing as a normal IDC. This isolates oversized or problematic incidents so administrators can review or reprocess them without slowing the automatic pipeline. The BAD file isn’t automatically turned back into an IDC, and IDC files aren’t limited to failed detections only; nor are BAD files simply archived after processing in the standard flow.

More Multiple Choice Questions
Subscribe

Get the latest from Examzify

You can unsubscribe at any time. Read our privacy policy