ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.
Detection happens on a text file inside a .jar file which has been set as an exception in a policy
Article ID: 160602
Data Loss Prevention Endpoint PreventData Loss Prevention Network MonitorData Loss Prevention Network Prevent for EmailData Loss Prevention Network DiscoverData Loss Prevention Network Prevent for Web
If there is an exception for a *.jar file in the policy. There was a .txt file inside the .jar file which contained a violating text. The .jar was excluded, however the text within was extracted and detection happened on the same.
Applies to :DLP v11.x, 12.0
When you set the detection to Matched Component Only, and the detection is set on an Archive File type, the matched component is the internal file and NOT the archive file. So, the exception would not trigger.
If you set the exception to be applied to entire message (i.e. any message component), it would look over the entire message to see if there was a .jar file and it would then apply.
Set the “Apply Exception to” part in the policy to “Entire Message” instead of “Matched Components Only” (which is selected by default).