Page: 1
/ 5
Total 73 questions
Which detection server is available from Symantec as a hardware appliance?
- A. Network Prevent for Email
- B. Network Discover
- C. Network Monitor
- D. Network Prevent for Web
Answer : D
Reference:
https://help.symantec.com/cs/dlp15.0/DLP/v122938258_v120691346/Setting-up-the-DLP-S500-Appliance?locale=EN_US
DRAG DROP -
The Symantec Data Loss risk reduction approach has six stages.
Drag and drop the six correct risk reduction stages in the proper order of Occurrence column.
Select and Place:
Answer :
Reference:
https://www.slideshare.net/iftikhariqbal/symantec-data-loss-prevention-technical-proposal-general
An organization wants to restrict employees to copy files only a specific set of USB thumb drives owned by the organization.
Which detection method should the organization use to meet this requirement?
- A. Exact Data Matching (EDM)
- B. Indexed Document Matching (IDM)
- C. Described Content Matching (DCM)
- D. Vector Machine Learning (VML)
Answer : C
Reference:
https://help.symantec.com/cs/DLP15.0/DLP/v27745860_v120691346/Data-Loss-Prevention-policy-detection-technologies?locale=EN_US
What detection server type requires a minimum of two physical network interface cards?
- A. Network Prevent for Web
- B. Network Prevent for Email
- C. Network Monitor
- D. Cloud Detection Service (CDS)
Answer : C
Refer to the exhibit. Which type of Endpoint response rule is shown?
- A. Endpoint Prevent: User Notification
- B. Endpoint Prevent: Block
- C. Endpoint Prevent: Notify
- D. Endpoint Prevent: User Cancel
Answer : B
Reference:
https://help.symantec.com/cs/dlp15.0/DLP/v27595430_v120691346/Configuring-the-Endpoint-Prevent:-Block-action?locale=EN_US
Why would an administrator set the Similarity Threshold to zero when testing and tuning a Vector Machine Learning (VML) profile?
- A. To capture the matches to the Positive set
- B. To capture the matches to the Negative set
- C. To see the false negatives only
- D. To see the entire range of potential matches
Answer : D
Reference:
https://help.symantec.com/cs/dlp15.0/DLP/v45067125_v120691346/Adjusting-the-Similarity-Threshold?locale=EN_US
Which Network Prevent action takes place when the Network Incident list shows the message is ג€Modifiedג€?
- A. Remove attachments from an email
- B. Obfuscate text in the body of an email
- C. Add one or more SMTP headers to an email
- D. Modify content from the body of an email
Answer : C
Which two technologies should an organization utilize for integration with the Network Prevent products? (choose two.)
- A. Network Tap
- B. Network Firewall
- C. Proxy Server
- D. Mail Transfer Agent
- E. Encryption Appliance
Answer : CD
Reference:
https://www.symantec.com/connect/articles/network-prevent
A customer needs to integrate information from DLP incidents into external Governance, Risk and Compliance dashboards.
Which feature should a third party component integrate with to provide dynamic reporting, create custom incident remediation processes, or support business processes?
- A. Export incidents using the CSV format
- B. Incident Reporting and Update API
- C. Incident Data Views
- D. A Web incident extraction report
Answer : B
Which two detection technology options ONLY run on a detection server? (Choose two.)
- A. Form Recognition
- B. Indexed Document Matching (IDM)
- C. Described Content Matching (DCM)
- D. Exact Data Matching (EDM)
- E. Vector Machine Learning (VML)
Answer : BD
Reference:
https://support.symantec.com/en_US/article.INFO5070.html
A DLP administrator needs to remove an agent its associated events from an Endpoint server.
Which Agent Task should the administrator perform to disable the agentג€™s visibility in the Enforce management console?
- A. Delete action from the Agent Health dashboard
- B. Delete action from the Agent List page
- C. Disable action from Symantec Management Console
- D. Change Endpoint Server action from the Agent Overview page
Answer : C
A company needs to implement Data Owner Exception so that incidents are avoided when employees send or receive their own personal information.
What detection method should the company use?
- A. Indexed Document Matching (IDM)
- B. Vector Machine Learning (VML)
- C. Exact Data Matching (EDM)
- D. Described Content Matching (DCM)
Answer : C
Reference:
https://help.symantec.com/cs/dlp15.5/DLP/v40148006_v128674454/About-Data-Owner-Exception?locale=EN_US
What should an incident responder select in the Enforce management console to remediate multiple incidents simultaneously?
- A. Smart Response on the Incident page
- B. Automated Response on the Incident Snapshot page
- C. Smart Response on an Incident List report
- D. Automated Response on an Incident List report
Answer : B
Why is it important for an administrator to utilize the grid scan feature?
- A. To distribute the scan workload across multiple network discover servers
- B. To distribute the scan workload across the cloud servers
- C. To distribute the scan workload across multiple endpoint servers
- D. To distribute the scan workload across multiple detection servers
Answer : D
Explanation -
If you plan to use the grid scanning feature to distribute the scanning workload across multiple detection servers, retain the default value (1)
Which two Network Discover/Cloud Storage targets apply Information Centric Encryption as policy response rules?
- A. Microsoft Exchange
- B. Windows File System
- C. SQL Databases
- D. Microsoft SharePoint
- E. Network File System (NFS)
Answer : DE
Reference:
https://help.symantec.com/cs/ice1.0/ICE/v126756321_v120576779/Using-ICE-with-Symantec-Data-Loss-Prevention?locale=EN_US
30 days access 