Which option correctly describes the two-tier installation type for Symantec DLP? A. Install the Oracle database on the host, and install the Enforce server and a detection server on a second host. B. Install the Oracle database on a local physical host, and install the Enforce server and detection servers on virtual hosts in the […]

Which action should a DLP administrator take to secure communications between an on-premises Enforce server and detection servers hosted in the Cloud? A. Use the built-in Symantec DLP certificate for the Enforce Server, and use the “sslkeytool” utility to create certificates for the detection servers. B. Use the built-in Symantec DLP certificate for both the […]

Which detection method depends on “training sets”? A. Form Recognition B. Vector Machine Learning (VML) C. Index Document Matching (IDM) D. Exact Data Matching (IDM) Reference: http://eval.symantec.com/mktginfo/enterprise/white_papers/b-dlp_machine_learning.WP_en-us.pdf

Which two locations can Symantec DLP scan and perform Information Centric Encryption (ICE) actions on? (Choose two.) A. Exchange B. Jiveon C. File store D. SharePoint E. Confluence Reference: https://www.symantec.com/content/dam/symantec/docs/data-sheets/information-centric-encryption-en.pdf

Which product is able to replace a confidential document residing on a file share with a marker file explaining why the document was removed? A. Network Discover B. Cloud Service for Email C. Endpoint Prevent D. Network Protect Reference: https://help.symantec.com/cs/dlp15.1/DLP/v15600645_v125428396/Configuring-Network-Protect-for-file-shares?locale=EN_US

What detection server is used for Network Discover, Network Protect, and Cloud Storage? A. Network Protect Storage Discover B. Network Discover/Cloud Storage Discover C. Network Prevent/Cloud Detection Service D. Network Protect/Cloud Detection Service Reference: https://help.symantec.com/cs/dlp15.0/DLP/v16110606_v120691346/Modifying-the-Network-Discover-Cloud-Storage-Discover-Server-configuration?locale=EN_US

What are two reasons an administrator should utilize a manual configuration to determine the endpoint location? (Choose two.) A. To specify Wi-Fi SSID names B. To specify an IP address or range C. To specify the endpoint server D. To specify domain names E. To specify network card status (ON/OFF) Reference: https://help.symantec.com/cs/dlp15.1/DLP/v18349332_v125428396/Setting-the-endpoint-location?locale=EN_US

A software company wants to protect its source code, including new source code created between scheduled indexing runs. Which detection method should the company use to meet this requirement? A. Exact Data Matching (EDM) B. Described Content Matching (DCM) C. Vector Machine Learning (VML) D. Indexed Document Matching (IDM) Reference: https://help.symantec.com/cs/DLP15.0/DLP/v100774847_v120691346/Scheduling-remote-indexing?locale=EN_US

How should a DLP administrator exclude a custom endpoint application named “custom_app.exe” from being monitoring by Application File Access Control? A. Add “custom_app.exe” to the “Application Whitelist” on all Endpoint servers. B. Add “custom_app.exe” Application Monitoring Configuration and de-select all its channel options. C. Add “custom_app_.exe” as a filename exception to the Endpoint Prevent policy. […]

A DLP administrator has enabled and successfully tested custom attribute lookups for incident data based on the Active Directory LDAP plugin. The Chief Information Security Officer (CISO) has attempted to generate a User Risk Summary report, but the report is empty. The DLP administrator confirms the Cisco’s role has the “User Reporting” privilege enabled, but […]