CertsTopics Logo

Labour Day Special - Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: top65certs

Symantec 250-438 Dumps

Page: 1 / 3
Total 70 questions
Get 250-438 Full Access Download 250-438 PDF

Administration of Symantec Data Loss Prevention 15 Questions and Answers

Question 1

Which two Network Discover/Cloud Storage targets apply Information Centric Encryption as policy response rules?

Options:

A.

Microsoft Exchange

B.

Windows File System

C.

SQL Databases

D.

Microsoft SharePoint

E.

Network File System (NFS)

Question 2

The Symantec Data Loss risk reduction approach has six stages.

Drag and drop the six correct risk reduction stages in the proper order of Occurrence column.

Options:

Question 3

How should a DLP administrator change a policy so that it retains the original file when an endpoint incident has detected a “cope to USB device” operation?

Options:

A.

Add a “Limit Incident Data Retention” response rule with “retain Original Message” option selected.

B.

Modify the agent config.db to include the file

C.

Modify the “Endpoint_Retain_Files.int” setting in the Endpoint server configuration

D.

Modify the agent configuration and select the option “retain Original Files”

Question 4

Which action is available for use in both Smart Response and Automated Response rules?

Options:

A.

Log to a Syslog Server

B.

Limit incident data retention

C.

Modify SMTP message

D.

Block email message

Question 5

What detection technology supports partial contents matching?

Options:

A.

Indexed Document Matching (IDM)

B.

Described Content Matching (DCM)

C.

Exact Data Matching (DCM)

D.

Optical Character Recognition (OCR)

Question 6

Which service encrypts the message when using a Modify SMTP Message response rule?

Options:

A.

Network Monitor server

B.

SMTP Prevent

C.

Enforce server

D.

Encryption Gateway

Question 7

A customer needs to integrate information from DLP incidents into external Governance, Risk and Compliance dashboards.

Which feature should a third party component integrate with to provide dynamic reporting, create custom incident remediation processes, or support business processes?

Options:

A.

Export incidents using the CSV format

B.

Incident Reporting and Update API

C.

Incident Data Views

D.

A Web incident extraction report

Question 8

Which two detection technology options run on the DLP agent? (Choose two.)

Options:

A.

Optical Character Recognition (OCR)

B.

Described Content Matching (DCM)

C.

Directory Group Matching (DGM)

D.

Form Recognition

E.

Indexed Document Matching (IDM)

Question 9

Which network Prevent action takes place when the network Incident list shows the message is “Modified”?

Options:

A.

Remove attachments from an email

B.

Obfuscate text in the body of an email

C.

Add one or more SMTP headers to an email

D.

Modify content from the body of an email

Question 10

An organization wants to restrict employees to copy files only a specific set of USB thumb drives owned by the organization.

Which detection method should the organization use to meet this requirement?

Options:

A.

Exact data Matching (EDM)

B.

Indexed Document matching (IDM)

C.

Described Content Matching (DCM)

D.

Vector Machine Learning (VML)

Page: 1 / 3
Total 70 questions
Get 250-438 Full Access Download 250-438 PDF