New Year Special 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: best70

250-438 Administration of Symantec Data Loss Prevention 15 Questions and Answers

Questions 4

Which detection method depends on “training sets”?

Options:

A.

Form Recognition

B.

Vector Machine Learning (VML)

C.

Index Document Matching (IDM)

D.

Exact Data Matching (IDM)

Buy Now
Questions 5

A DLP administrator determines that the \SymantecDLP\Protect\Incidents folder on the Enforce server contains. BAD files dated today, while other. IDC files are flowing in and out of the \Incidents directory. Only .IDC files larger than 1MB are turning to .BAD files.

What could be causing only incident data smaller than 1MB to persist while incidents larger than 1MB change to .BAD files?

Options:

A.

A corrupted policy was deployed.

B.

The Enforce server’s hard drive is out of space.

C.

A detection server has excessive filereader restarts.

D.

Tablespace is almost full.

Buy Now
Questions 6

A DLP administrator is testing Network Prevent for Web functionality. When the administrator posts a small test file to a cloud storage website, no new incidents are reported.

What should the administrator do to allow incidents to be generated against this file?

Options:

A.

Change the “Ignore requests Smaller Than” value to 1

B.

Add the filename to the Inspect Content Type field

C.

Change the “PacketCapture.DISCARD_HTTP_GET” value to “false”

D.

Uncheck trial mode under the ICAP tab

Buy Now
Questions 7

A DLP administrator has added several approved endpoint devices as exceptions to an Endpoint Prevent policy that blocks the transfer of sensitive data. However, data transfers to these devices are still being blocked.

What is the first action an administrator should take to enable data transfers to the approved endpoint devices?

Options:

A.

Disable and re-enable the Endpoint Prevent policy to activate the changes

B.

Double-check that the correct device ID or class has been entered for each device

C.

Verify Application File Access Control (AFAC) is configured to monitor the specific application

D.

Edit the exception rule to ensure that the “Match On” option is set to “Attachments”

Buy Now
Questions 8

Which network Prevent action takes place when the network Incident list shows the message is “Modified”?

Options:

A.

Remove attachments from an email

B.

Obfuscate text in the body of an email

C.

Add one or more SMTP headers to an email

D.

Modify content from the body of an email

Buy Now
Questions 9

When managing an Endpoint Discover scan, a DLP administrator notices some endpoint computers are NOT completing their scans.

When does the DLP agent stop scanning?

Options:

A.

When the agent sends a report within the “Scan Idle Timeout” period

B.

When the endpoint computer is rebooted and the agent is started

C.

When the agent is unable to send a status report within the “Scan Idle Timeout” period

D.

When the agent sends a report immediately after the “Scan Idle Timeout” period

Buy Now
Questions 10

An administrator is unable to log in to the Enforce management console as “sysadmin”. Symantec DLP is configured to use Active Directory authentication. The administrator is a member of two roles: “sysadmin” and “remediator.”

How should the administrator log in to the Enforce console with the “sysadmin” role?

Options:

A.

sysadmin\username

B.

sysadmin\username@domain

C.

domain\username

D.

username\sysadmin

Buy Now
Exam Code: 250-438
Exam Name: Administration of Symantec Data Loss Prevention 15
Last Update: Dec 22, 2024
Questions: 70

PDF + Testing Engine

$134.99

Testing Engine

$99.99

PDF (Q&A)

$84.99