Download Symantec.250-438.CertKey.2019-07-25.31q.vcex

Download Exam

File Info

Exam Administration of Symantec Data Loss Prevention 15
Number 250-438
File Name Symantec.250-438.CertKey.2019-07-25.31q.vcex
Size 192 KB
Posted Jul 25, 2019
Download Symantec.250-438.CertKey.2019-07-25.31q.vcex

How to open VCEX & EXAM Files?

Files with VCEX & EXAM extensions can be opened by ProfExam Simulator.

Download
ProfExam Simulator

Purchase

Coupon: MASTEREXAM
With discount: 20%





Demo Questions

Question 1

How should a DLP administrator change a policy so that it retains the original file when an endpoint incident has detected a “copy to USB device” operation?


  1. Add a “Limit Incident Data Retention” response rule with “Retain Original Message” option selected.
  2. Modify the agent config.db to include the file
  3. Modify the “Endpoint_Retain_Files.int” setting in the Endpoint server configuration
  4. Modify the agent configuration and select the option “Retain Original Files”
Correct answer: A



Question 2

What is the correct configuration for “BoxMonitor.Channels” that will allow the server to start as a Network Monitor server?


  1. Packet Capture, Span Port
  2. Packet Capture, Network Tap
  3. Packet Capture, Copy Rule
  4. Packet capture, Network Monitor
Correct answer: C
Explanation:
Reference: https://support.symantec.com/en_US/article.TECH218980.html
Reference: https://support.symantec.com/en_US/article.TECH218980.html



Question 3

Under the “System Overview” in the Enforce management console, the status of a Network Monitor detection server is shown as “Running Selected.” The Network Monitor server’s event logs indicate that the packet capture and filereader processes are crashing. 
What is a possible cause for the Network Monitor server being in this state?


  1. There is insufficient disk space on the Network Monitor server.
  2. The Network Monitor server’s certificate is corrupt or missing.
  3. The Network Monitor server’s license file has expired.
  4. The Enforce and Network Monitor servers are running different versions of DLP.
Correct answer: D



Question 4

A DLP administrator has enabled and successfully tested custom attribute lookups for incident data based on the Active Directory LDAP plugin. The Chief Information Security Officer (CISO) has attempted to generate a User Risk Summary report, but the report is empty. The DLP administrator confirms the Cisco’s role has the “User Reporting” privilege enabled, but User Risk reporting is still not working. 
What is the probable reason that the User Risk Summary report is blank?


  1. Only DLP administrators are permitted to access and view data for high risk users.
  2. The Enforce server has insufficient permissions for importing user attributes.
  3. User attribute data must be configured separately from incident data attributes.
  4. User attributes have been incorrectly mapped to Active Directory accounts.
Correct answer: D



Question 5

How should a DLP administrator exclude a custom endpoint application named “custom_app.exe” from being monitoring by Application File Access Control?


  1. Add “custom_app.exe” to the “Application Whitelist” on all Endpoint servers.
  2. Add “custom_app.exe” Application Monitoring Configuration and de-select all its channel options.
  3. Add “custom_app_.exe” as a filename exception to the Endpoint Prevent policy.
  4. Add “custom_app.exe” to the “Program Exclusion List” in the agent configuration settings.
Correct answer: A
Explanation:
Reference: https://docs.mcafee.com/bundle/data-loss-prevention-11.0.400-product-guide-epolicy-orchestrator/page/GUID-0F81A895-0A46-4FF8-A869-0365D6620185.html
Reference: https://docs.mcafee.com/bundle/data-loss-prevention-11.0.400-product-guide-epolicy-orchestrator/page/GUID-0F81A895-0A46-4FF8-A869-0365D6620185.html



Question 6

What detection server is used for Network Discover, Network Protect, and Cloud Storage?


  1. Network Protect Storage Discover
  2. Network Discover/Cloud Storage Discover
  3. Network Prevent/Cloud Detection Service
  4. Network Protect/Cloud Detection Service
Correct answer: B
Explanation:
Reference: https://help.symantec.com/cs/dlp15.0/DLP/v16110606_v120691346/Modifying-the-Network-Discover-Cloud-Storage-Discover-Server-configuration?locale=EN_US
Reference: https://help.symantec.com/cs/dlp15.0/DLP/v16110606_v120691346/Modifying-the-Network-Discover-Cloud-Storage-Discover-Server-configuration?locale=EN_US



Question 7

Which product is able to replace a confidential document residing on a file share with a marker file explaining why the document was removed?


  1. Network Discover
  2. Cloud Service for Email
  3. Endpoint Prevent
  4. Network Protect
Correct answer: D
Explanation:
Reference: https://help.symantec.com/cs/dlp15.1/DLP/v15600645_v125428396/Configuring-Network-Protect-for-file-shares?locale=EN_US
Reference: https://help.symantec.com/cs/dlp15.1/DLP/v15600645_v125428396/Configuring-Network-Protect-for-file-shares?locale=EN_US



Question 8

Which two locations can Symantec DLP scan and perform Information Centric Encryption (ICE) actions on? (Choose two.)


  1. Exchange
  2. Jiveon
  3. File store
  4. SharePoint
  5. Confluence
Correct answer: CD
Explanation:
Reference: https://www.symantec.com/content/dam/symantec/docs/data-sheets/information-centric-encryption-en.pdf
Reference: https://www.symantec.com/content/dam/symantec/docs/data-sheets/information-centric-encryption-en.pdf



Question 9

Which action should a DLP administrator take to secure communications between an on-premises Enforce server and detection servers hosted in the Cloud?


  1. Use the built-in Symantec DLP certificate for the Enforce Server, and use the “sslkeytool” utility to create certificates for the detection servers.
  2. Use the built-in Symantec DLP certificate for both the Enforce server and the hosted detection servers.
  3. Set up a Virtual Private Network (VPN) for the Enforce server and the hosted detection servers.
  4. Use the “sslkeytool” utility to create certificates for the Enforce server and the hosted detection servers.
Correct answer: A
Explanation:
Reference: https://www.symantec.com/connect/articles/sslkeytool-utility-and-server-certificates
Reference: https://www.symantec.com/connect/articles/sslkeytool-utility-and-server-certificates



Question 10

Which option correctly describes the two-tier installation type for Symantec DLP?


  1. Install the Oracle database on the host, and install the Enforce server and a detection server on a second host.
  2. Install the Oracle database on a local physical host, and install the Enforce server and detection servers on virtual hosts in the Cloud.
  3. Install the Oracle database and a detection server in the same host, and install the Enforce server on a second host.
  4. Install the Oracle database and Enforce server on the same host, and install detection servers on separate hosts.
Correct answer: D
Explanation:
Reference: https://www.symantec.com/connect/forums/deployment-enforce-and-detection-servers
Reference: https://www.symantec.com/connect/forums/deployment-enforce-and-detection-servers









CONNECT US

Facebook

Twitter

PROFEXAM WITH A 20% DISCOUNT

You can buy ProfExam with a 20% discount!

Get Now!


HOW TO OPEN VCEX FILES

Use ProfExam Simulator to open VCEX files