Symantec 250-438 - Symantec Administration of Symantec Data Loss Prevention 15 Certification Exam
Question #1 (Topic: demo questions)
How should a DLP administrator exclude a custom endpoint application named “custom_app.exe” from being monitoring by Application File Access Control?
Correct Answer: A
Explanation not available for this question.
Question #2 (Topic: demo questions)
A DLP administrator has enabled and successfully tested custom attribute lookups for incident data based on the Active Directory LDAP plugin. The Chief Information Security Officer (CISO) has attempted to generate a User Risk Summary report, but the report is empty. The DLP administrator confirms the Cisco’s role has the “User Reporting” privilege enabled, but User Risk reporting is still not working. What is the probable reason that the User Risk Summary report is blank?
Correct Answer: D
Explanation not available for this question.
Question #3 (Topic: demo questions)
Under the “System Overview” in the Enforce management console, the status of a Network Monitor detection server is shown as “Running Selected.” The Network Monitor server’s event logs indicate that the packet capture and filereader processes are crashing. What is a possible cause for the Network Monitor server being in this state?
Correct Answer: D
Explanation not available for this question.
Question #4 (Topic: demo questions)
What is the correct configuration for “BoxMonitor.Channels” that will allow the server to start as a Network Monitor server?
Correct Answer: C
Explanation not available for this question.
Question #5 (Topic: demo questions)
How should a DLP administrator change a policy so that it retains the original file when an endpoint incident has detected a “cope to USB device” operation?
Correct Answer: A
Explanation not available for this question.