A User Cancel response rule is applied to Endpoint Prevent.
This is by design. The DLP Endpoint agent takes the Allow action in the first copy attempt as a default action and allows the user to copy other files without popping up the alert window.
Basically, there are three scenarios for pop-up alert for User Cancel response rule.
Closing the current Windows Explorer window and opening a new one causes all default actions on the target to be reset.