Exam Code: 250-438 (Practice Exam Latest Test Questions VCE PDF)
Exam Name: Administration of Symantec Data Loss Prevention 15
Certification Provider: Symantec
Free Today! Guaranteed Training- Pass 250-438 Exam.

Free 250-438 Demo Online For Symantec Certifitcation:

NEW QUESTION 1
A DLP administrator is attempting to add a new Network Discover detection server from the Enforce management console. However, the only available options are Network Monitor and Endpoint servers. What should the administrator do to make the Network Discover option available?

  • A. Restart the Symantec DLP Controller service
  • B. Apply a new software license file from the Enforce console
  • C. Install a new Network Discover detection server
  • D. Restart the Vontu Monitor Service

Answer: C

NEW QUESTION 2
Which two automated response rules will be active in policies that include Exact Data Matching (EDM) detection rule? (Choose two.)

  • A. Endpoint Discover: Quarantine File
  • B. All: Send Email Notification
  • C. Endpoint Prevent: User Cancel
  • D. Endpoint Prevent: Block
  • E. Network Protect: Quarantine File

Answer: AD

NEW QUESTION 3
A DLP administrator needs to remove an agent its associated events from an Endpoint server.
Which Agent Task should the administrator perform to disable the agent’s visibility in the Enforce management console?

  • A. Delete action from the Agent Health dashboard
  • B. Delete action from the Agent List page
  • C. Disable action from Symantec Management Console
  • D. Change Endpoint Server action from the Agent Overview page

Answer: C

NEW QUESTION 4
A DLP administrator created a new agent configuration for an Endpoint server. However, the endpoint agents fail to receive the new configuration. What is one possible reason that the agent fails to receive the new configuration?

  • A. The new agent configuration was saved but not applied to any endpoint groups.
  • B. The new agent configuration was copied and modified from the default agent configuration.
  • C. The default agent configuration must be disabled before the new configuration can take effect.
  • D. The Endpoint server needs to be recycled so that the new agent configuration can take effect.

Answer: C

NEW QUESTION 5
Which two Infrastructure-as-a-Service providers are supported for hosting Cloud Prevent for Office 365? (Choose two.)

  • A. Any customer-hosted private cloud
  • B. Amazon Web Services
  • C. AT&T
  • D. Verizon
  • E. Rackspace

Answer: BE

NEW QUESTION 6
Which server target uses the “Automated Incident Remediation Tracking” feature in Symantec DLP?

  • A. Exchange
  • B. File System
  • C. Lotus Notes
  • D. SharePoint

Answer: B

Explanation:
Reference: https://help.symantec.com/cs/DLP15.0/DLP/v83981880_v120691346/Troubleshooting-automated-incident-remediation-tracking?locale=EN_US

NEW QUESTION 7
A company needs to secure the content of all Mergers and Acquisitions Agreements However, the standard text included in all company literature needs to be excluded. How should the company ensure that this standard text is excluded from detection?

  • A. Create a Whitelisted.txt file after creating the Vector Machine Learning (VML) profile.
  • B. Create a Whitelisted.txt file after creating the Exact Data Matching (EDM) profile
  • C. Create a Whitelisted.txt file before creating the Indexed Document Matching (IDM) profile
  • D. Create a Whitelisted.txt file before creating the Exact Data Matching (EDM) profile

Answer: C

Explanation:
Reference: https://help.symantec.com/cs/dlp15.0/DLP/v27161240_v120691346/White-listing-file-contents-to-exclude-from-partial-matching?locale=EN_US

NEW QUESTION 8
Which Network Prevent action takes place when the Network Incident list shows the message is “Modified”?

  • A. Remove attachments from an email
  • B. Obfuscate text in the body of an email
  • C. Add one or more SMTP headers to an email
  • D. Modify content from the body of an email

Answer: C

NEW QUESTION 9
Which channel does Endpoint Prevent protect using Device Control?

  • A. Bluetooth
  • B. USB storage
  • C. CD/DVD
  • D. Network card

Answer: B

Explanation:
Reference: https://support.symantec.com/en_US/article.HOWTO80865.html#v36651044

NEW QUESTION 10
What is the correct order for data in motion when a customer has integrated their CloudSOC and DLP solutions?

  • A. User > CloudSOC Gatelet > DLP Cloud Detection Service > Application
  • B. User > Enforce > Application
  • C. User > Enforce > CloudSOC > Application
  • D. User > CloudSOC Gatelet > Enforce > Application

Answer: C

NEW QUESTION 11
Which two DLP products support the new Optical Character Recognition (OCR) engine in Symantec DLP 15.0? (Choose two.)

  • A. Endpoint Prevent
  • B. Cloud Service for Email
  • C. Network Prevent for Email
  • D. Network Discover
  • E. Cloud Detection Service

Answer: BC

NEW QUESTION 12
Which two factors are common sources of data leakage where the main actor is well-meaning insider? (Choose two.)

  • A. An absence of a trained incident response team
  • B. A disgruntled employee for a job with a competitor
  • C. Merger and Acquisition activities
  • D. Lack of training and awareness
  • E. Broken business processes

Answer: BD

NEW QUESTION 13
A company needs to implement Data Owner Exception so that incidents are avoided when employees send or receive their own personal information.
What detection method should the company use?

  • A. Indexed Document Matching (IDM)
  • B. Vector Machine Learning (VML)
  • C. Exact Data Matching (EDM)
  • D. Described Content Matching (DCM)

Answer: C

Explanation:
Reference: https://help.symantec.com/cs/dlp15.5/DLP/v40148006_v128674454/About-Data-Owner-Exception?locale=EN_US

NEW QUESTION 14
What is the correct configuration for “BoxMonitor.Channels” that will allow the server to start as a Network Monitor server?

  • A. Packet Capture, Span Port
  • B. Packet Capture, Network Tap
  • C. Packet Capture, Copy Rule
  • D. Packet capture, Network Monitor

Answer: C

Explanation:
Reference: https://support.symantec.com/en_US/article.TECH218980.html

NEW QUESTION 15
Which two detection servers are available as virtual appliances? (Choose two.)

  • A. Network Monitor
  • B. Network Prevent for Web
  • C. Network Discover
  • D. Network Prevent for Email
  • E. Optical Character Recognition (OCR)

Answer: BD

Explanation:
Reference: https://help.symantec.com/cs/dlp15.0/DLP/v123002905_v120691346/About-DLP-Appliances?locale=EN_US

NEW QUESTION 16
Why is it important for an administrator to utilize the grid scan feature?

  • A. To distribute the scan workload across multiple network discover servers
  • B. To distribute the scan workload across the cloud servers
  • C. To distribute the scan workload across multiple endpoint servers
  • D. To distribute the scan workload across multiple detection servers

Answer: D

Explanation:
If you plan to use the grid scanning feature to distribute the scanning workload across multiple detection servers, retain the default value (1)

NEW QUESTION 17
Which detection server is available from Symantec as a hardware appliance?

  • A. Network Prevent for Email
  • B. Network Discover
  • C. Network Monitor
  • D. Network Prevent for Web

Answer: D

Explanation:
Reference: https://help.symantec.com/cs/dlp15.0/DLP/v122938258_v120691346/Setting-up-the-DLP-S500-Appliance?locale=EN_US

NEW QUESTION 18
Which action should a DLP administrator take to secure communications between an on-premises Enforce server and detection servers hosted in the Cloud?

  • A. Use the built-in Symantec DLP certificate for the Enforce Server, and use the “sslkeytool” utility to create certificates for the detection servers.
  • B. Use the built-in Symantec DLP certificate for both the Enforce server and the hosted detection servers.
  • C. Set up a Virtual Private Network (VPN) for the Enforce server and the hosted detection servers.
  • D. Use the “sslkeytool” utility to create certificates for the Enforce server and the hosted detection servers.

Answer: A

Explanation:
Reference: https://www.symantec.com/connect/articles/sslkeytool-utility-and-server-certificates

NEW QUESTION 19
A DLP administrator needs to stop the PacketCapture process on a detection server. Upon inspection of the Server Detail page, the administrator discovers that all processes are missing from the display. What are the processes missing from the Server Detail page display?

  • A. The Display Process Control setting on the Advanced Settings page is disabled.
  • B. The Advanced Process Control setting on the System Settings page is deselected.
  • C. The detection server Display Control Process option is disabled on the Server Detail page.
  • D. The detection server PacketCapture process is displayed on the Server Overview page.

Answer: B

Explanation:
Reference: https://support.symantec.com/content/unifiedweb/en_US/article.TECH220250.html

NEW QUESTION 20
What is the Symantec recommended order for stopping Symantec DLP services on a Windows Enforce server?

  • A. Vontu Notifier, Vontu Incident Persister, Vontu Update, Vontu Manager, Vontu Monitor Controller
  • B. Vontu Update, Vontu Notifier, Vontu Manager, Vontu Incident Persister, Vontu Monitor Controller
  • C. Vontu Incident Persister, Vontu Update, Vontu Notifier, Vontu Monitor Controller, Vontu Manager.
  • D. Vontu Monitor Controller, Vontu Incident Persister, Vontu Manager, Vontu Notifier, Vontu Update.

Answer: D

Explanation:
Reference: https://help.symantec.com/cs/dlp15.1/DLP/v23042736_v125428396/Stopping-an-Enforce-Server-on-Windows?locale=EN_US

NEW QUESTION 21
How should a DLP administrator change a policy so that it retains the original file when an endpoint incident has detected a “copy to USB device” operation?

  • A. Add a “Limit Incident Data Retention” response rule with “Retain Original Message” option selected.
  • B. Modify the agent config.db to include the file
  • C. Modify the “Endpoint_Retain_Files.int” setting in the Endpoint server configuration
  • D. Modify the agent configuration and select the option “Retain Original Files”

Answer: A

NEW QUESTION 22
Which two Network Discover/Cloud Storage targets apply Information Centric Encryption as policy response rules?

  • A. Microsoft Exchange
  • B. Windows File System
  • C. SQL Databases
  • D. Microsoft SharePoint
  • E. Network File System (NFS)

Answer: AD

NEW QUESTION 23
Which statement accurately describes where Optical Character Recognition (OCR) components must be installed?

  • A. The OCR engine must be installed on detection server other than the Enforce server.
  • B. The OCR server software must be installed on one or more dedicated (non-detection) Linux servers.
  • C. The OCR engine must be directly on the Enforce server.
  • D. The OCR server software must be installed on one or more dedicated (non-detection) Windows servers.

Answer: C

Explanation:
Reference: https://help.symantec.com/cs/dlp15.0/DLP/v122760174_v120691346/Setting-up-OCR-Servers?locale=EN_US

NEW QUESTION 24
......

Thanks for reading the newest 250-438 exam dumps! We recommend you to try the PREMIUM Downloadfreepdf.net 250-438 dumps in VCE and PDF here: https://www.downloadfreepdf.net/250-438-pdf-download.html (70 Q&As Dumps)