What are two reasons an administrator should utilize a manual configuration to determine the endpoint location
What are two reasons an administrator should utilize a manual configuration to determine the endpoint location? (Choose two.) A. To specify Wi-Fi SSID names B. To specify an IP address or range C. To specify the endpoint server D. To specify domain names E. To specify network card status (ON/OFF) Reference: https://help.symantec.com/cs/dlp15.1/DLP/v18349332_v125428396/Setting-the-endpoint-location?locale=EN_US
Which detection method should the company use to meet this requirement?
A software company wants to protect its source code, including new source code created between scheduled indexing runs. Which detection method should the company use to meet this requirement? A. Exact Data Matching (EDM) B. Described Content Matching (DCM) C. Vector Machine Learning (VML) D. Indexed Document Matching (IDM) Reference: https://help.symantec.com/cs/DLP15.0/DLP/v100774847_v120691346/Scheduling-remote-indexing?locale=EN_US
How should a DLP administrator exclude a custom endpoint application named “custom_app.exe” from being mon
How should a DLP administrator exclude a custom endpoint application named “custom_app.exe” from being monitoring by Application File Access Control? A. Add “custom_app.exe” to the “Application Whitelist” on all Endpoint servers. B. Add “custom_app.exe” Application Monitoring Configuration and de-select all its channel options. C. Add “custom_app_.exe” as a filename exception to the Endpoint Prevent policy. […]
What is the probable reason that the User Risk Summary report is blank?
A DLP administrator has enabled and successfully tested custom attribute lookups for incident data based on the Active Directory LDAP plugin. The Chief Information Security Officer (CISO) has attempted to generate a User Risk Summary report, but the report is empty. The DLP administrator confirms the Cisco’s role has the “User Reporting” privilege enabled, but […]
Which two Infrastructure-as-a-Service providers are supported for hosting Cloud Prevent for Office 365?
Which two Infrastructure-as-a-Service providers are supported for hosting Cloud Prevent for Office 365? (Choose two.) A. Any customer-hosted private cloud B. Amazon Web Services C. AT&T D. Verizon E. Rackspace Reference: https://symwisedownload.symantec.com//resources/sites/SYMWISE/content/live/DOCUMENTATION/8000/DOC8244/en_US/Symantec_DLP_15.0_Cloud_Prevent_O365.pdf?__gda__=1554430310_584ffada3918e15ced8b6483a2bfb6fb (14)
What is a possible cause for the Network Monitor server being in this state?
Under the “System Overview” in the Enforce management console, the status of a Network Monitor detection server is shown as “Running Selected.” The Network Monitor server’s event logs indicate that the packet capture and filereader processes are crashing. What is a possible cause for the Network Monitor server being in this state? A. There is […]
What is the correct configuration for “BoxMonitor.Channels” that will allow the server to start as a Netwo
What is the correct configuration for “BoxMonitor.Channels” that will allow the server to start as a Network Monitor server? A. Packet Capture, Span Port B. Packet Capture, Network Tap C. Packet Capture, Copy Rule D. Packet capture, Network Monitor Reference: https://support.symantec.com/en_US/article.TECH218980.html
How should a DLP administrator change a policy so that it retains the original file when an endpoint incident
How should a DLP administrator change a policy so that it retains the original file when an endpoint incident has detected a “cope to USB device” operation? A. Add a “Limit Incident Data Retention” response rule with “retain Original Message” option selected. B. Modify the agent config.db to include the file C. Modify the “Endpoint_Retain_Files.int” […]
Which action should the administrator take to ensure that the desired setting is in place on the client?
An administrator changes the Virus and Spyware Protection policy for a specific group that disables Auto-Protect. The administrator assigns the policy and the client systems apply the corresponding policy serial number. Upon visual inspection of a physical client system, the policy serial number is correct. However, Auto-Protect is still enabled on the client system. Which […]
Which task should an administrator perform to troubleshoot operation of the Symantec Endpoint Protection embed
Which task should an administrator perform to troubleshoot operation of the Symantec Endpoint Protection embedded database? A. Verify the sqlserver.exe service is running on port 1433 B. Verify that dbsrv11.exe is listening on port 2638 C. Check the database transaction logs in X:\Program Files\Microsoft SQL Server D. Check whether the MSSQLSERVER service is running References: […]