Which action replaces the original file with a notice that describes the policy violation and how it can be released?

The action that replaces the original file with a notice describing the policy violation and how it can be released is known as tombstoning. This term refers specifically to the technique of marking an inappropriate or non-compliant item, such as a file, with a placeholder or notice (the tombstone) that informs users about the violation.

When a file is tombstoned, it essentially ensures that users cannot access the original content until the issue is resolved, while still providing them the context of why the file is inaccessible. This method serves both as a deterrent to further violations and as a means of communication about the policy breaches, including the necessary steps for remediation.

Other methods, such as quarantining, would typically involve isolating a file from the system without replacing it, and blocking would prevent access without giving feedback on the nature of the violation. Alerts generally serve to notify administrators or users of a security event but do not replace the original content with a notice. Tombstoning effectively addresses the need for accountability and clarity in policy enforcement.