New Year Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: 70special

Symantec 250-438 Administration of Symantec Data Loss Prevention 15 Exam Practice Test

Page: 1 / 7
Total 70 questions

Administration of Symantec Data Loss Prevention 15 Questions and Answers

Testing Engine

  • Product Type: Testing Engine
$37.5  $124.99

PDF Study Guide

  • Product Type: PDF Study Guide
$33  $109.99
Question 1

A DLP administrator needs to stop the PacketCapture process on a detection server. Upon inspection of the Server Detail page, the administrator discovers that all processes are missing from the display.

What are the processes missing from the Server Detail page display?

Options:

A.

The Display Process Control setting on the Advanced Settings page is disabled.

B.

The Advanced Process Control setting on the System Settings page is deselected.

C.

The detection server Display Control Process option is disabled on the Server Detail page.

D.

The detection server PacketCapture process is displayed on the Server Overview page.

Question 2

What is required on the Enforce server to communicate with the Symantec DLP database?

Options:

A.

Port 8082 should be opened

B.

CryptoMasterKey.properties file

C.

Symbolic links to .dbf files

D.

SQL*plus Client

Question 3

Which network Prevent action takes place when the network Incident list shows the message is “Modified”?

Options:

A.

Remove attachments from an email

B.

Obfuscate text in the body of an email

C.

Add one or more SMTP headers to an email

D.

Modify content from the body of an email

Question 4

A DLP administrator is testing Network Prevent for Web functionality. When the administrator posts a small test file to a cloud storage website, no new incidents are reported.

What should the administrator do to allow incidents to be generated against this file?

Options:

A.

Change the “Ignore requests Smaller Than” value to 1

B.

Add the filename to the Inspect Content Type field

C.

Change the “PacketCapture.DISCARD_HTTP_GET” value to “false”

D.

Uncheck trial mode under the ICAP tab

Question 5

Which action should a DLP administrator take to secure communications between an on-premises Enforce server and detection servers hosted in the Cloud?

Options:

A.

Use the built-in Symantec DLP certificate for the Enforce Server, and use the “sslkeytool” utility to create certificates for the detection servers.

B.

Use the built-in Symantec DLP certificate for both the Enforce server and the hosted detection servers.

C.

Set up a Virtual Private Network (VPN) for the Enforce server and the hosted detection servers.

D.

Use the “sslkeytool” utility to create certificates for the Enforce server and the hosted detection servers.

Question 6

Which two detection technology options ONLY run on a detection server? (Choose two.)

Options:

A.

Form Recognition

B.

Indexed Document matching (IDM)

C.

Described Content Matching (DCM)

D.

Exact data matching (EDM)

E.

vector Machine Learning (VML)

Question 7

What is Application Detection Configuration?

Options:

A.

The Cloud Detection Service (CDS) process that tells Enforce a policy has been violated

B.

The Data Loss Prevention (DLP) policy which has been pushed into Cloud Detection Service (CDC) for files in transit to or residing in Cloud apps

C.

The terminology describing the Data Loss Prevention (DLP) process within the CloudSOC administration portal

D.

the setting configured within the user interface (UI) that determines whether CloudSOC should send a file to Cloud Detection Service (CDS) for analysis.

Question 8

Which detection method depends on “training sets”?

Options:

A.

Form Recognition

B.

Vector Machine Learning (VML)

C.

Index Document Matching (IDM)

D.

Exact Data Matching (IDM)

Question 9

Under the “System Overview” in the Enforce management console, the status of a Network Monitor detection server is shown as “Running Selected.” The Network Monitor server’s event logs indicate that the packet capture and filereader processes are crashing.

What is a possible cause for the Network Monitor server being in this state?

Options:

A.

There is insufficient disk space on the Network Monitor server.

B.

The Network Monitor server’s certificate is corrupt or missing.

C.

The Network Monitor server’s license file has expired.

D.

The Enforce and Network Monitor servers are running different versions of DLP.

Question 10

Which two Infrastructure-as-a-Service providers are supported for hosting Cloud Prevent for Office 365? (Choose two.)

Options:

A.

Any customer-hosted private cloud

B.

Amazon Web Services

C.

AT&T

D.

Verizon

E.

Rackspace

Page: 1 / 7
Total 70 questions