Summer Sale Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: ecus65

Symantec 250-438 - Administration of Symantec Data Loss Prevention 15

Page: 2 / 3
Total 70 questions

Which two actions are available for a “Network Prevent: Remove HTTP/HTTPS content” response rule when the content is unable to be removed? (Choose two.)

A.

Allow the content to be posted

B.

Remove the content through FlexResponse

C.

Block the content before posting

D.

Encrypt the content before posting

E.

Redirect the content to an alternative destination

A DLP administrator needs to remove an agent its associated events from an Endpoint server.

Which Agent Task should the administrator perform to disable the agent’s visibility in the Enforce management console?

A.

Delete action from the Agent health dashboard

B.

Delete action from the Agent List page

C.

Disable action from Symantec Management Console

D.

Change endpoint Server action from the Agent Overview page

Which two detection technology options ONLY run on a detection server? (Choose two.)

A.

Form Recognition

B.

Indexed Document matching (IDM)

C.

Described Content Matching (DCM)

D.

Exact data matching (EDM)

E.

vector Machine Learning (VML)

Which option correctly describes the two-tier installation type for Symantec DLP?

A.

Install the Oracle database on the host, and install the Enforce server and a detection server on a second host.

B.

Install the Oracle database on a local physical host, and install the Enforce server and detection servers on virtual hosts in the Cloud.

C.

Install the Oracle database and a detection server in the same host, and install the Enforce server on a second host.

D.

Install the Oracle database and Enforce server on the same host, and install detection servers on separate hosts.

Which action should a DLP administrator take to secure communications between an on-premises Enforce server and detection servers hosted in the Cloud?

A.

Use the built-in Symantec DLP certificate for the Enforce Server, and use the “sslkeytool” utility to create certificates for the detection servers.

B.

Use the built-in Symantec DLP certificate for both the Enforce server and the hosted detection servers.

C.

Set up a Virtual Private Network (VPN) for the Enforce server and the hosted detection servers.

D.

Use the “sslkeytool” utility to create certificates for the Enforce server and the hosted detection servers.

An organization wants to restrict employees to copy files only a specific set of USB thumb drives owned by the organization.

Which detection method should the organization use to meet this requirement?

A.

Exact data Matching (EDM)

B.

Indexed Document matching (IDM)

C.

Described Content Matching (DCM)

D.

Vector Machine Learning (VML)

Which detection server is available from Symantec as a hardware appliance?

A.

Network Prevent for Email

B.

Network Discover

C.

Network Monitor

D.

Network Prevent for Web

Which two locations can Symantec DLP scan and perform Information Centric Encryption (ICE) actions on? (Choose two.)

A.

Exchange

B.

Jiveon

C.

File store

D.

SharePoint

E.

Confluence

An administrator is unable to log in to the Enforce management console as “sysadmin”. Symantec DLP is configured to use Active Directory authentication. The administrator is a member of two roles: “sysadmin” and “remediator.”

How should the administrator log in to the Enforce console with the “sysadmin” role?

A.

sysadmin\username

B.

sysadmin\username@domain

C.

domain\username

D.

username\sysadmin

How should a DLP administrator change a policy so that it retains the original file when an endpoint incident has detected a “cope to USB device” operation?

A.

Add a “Limit Incident Data Retention” response rule with “retain Original Message” option selected.

B.

Modify the agent config.db to include the file

C.

Modify the “Endpoint_Retain_Files.int” setting in the Endpoint server configuration

D.

Modify the agent configuration and select the option “retain Original Files”