250-587 Symantec Data Loss Prevention 16.x Administration Technical Specialist Questions and Answers
A DLP administrator needs to stop the PacketCapture process on a detection server. Upon inspection of the Server Detail page, the administrator discovers that all processes are missing from the display.
What are the processes missing from the Server Detail page display?
How should a DLP administrator change a policy so that it retains the original file when an endpoint incident has detected a “cope to USB device” operation?
Which two (2) technologies should an organization utilize for integration with the Network Prevent products? (Choose two.)
A DLP administrator created a new agent configuration for an Endpoint server. However, the endpoint agents fail to receive the new configuration.
What is one possible reason that the agent fails to receive the new configuration?
Which two (2) DLP products support Optical Character Recognition (OCR)? (Choose two.)
Which server target uses the “Automated Incident Remediation Tracking” feature in Symantec DLP?
A software company wants to protect its source code, including new source code created between scheduled indexing runs.
Which detection method should the company use to meet this requirement?
What is the correct installation sequence for the components shown here, according to the Symantec Installation Guide?
Place the options in the correct installation sequence.
Refer to the exhibit.
What activity should occur during the baseline phase, according to the risk reduction model?
Which two (2) detection servers are available as virtual appliances? (Choose two.)
What are three features that are available for Network Discover File System High-Speed Discover (FS-HSD) scans but are NOT available for Network Discover (regular or legacy) File System scans?
A customer needs to integrate information from DLP incidents into external Governance, Risk and Compliance dashboards.
Which feature should a third party component integrate with to provide dynamic reporting, create custom incident remediation processes, or support business processes?
A divisional executive requests a report of all incidents generated by a particular region, summarized by department.
What does the DLP administrator need to configure to generate this report?
Which two detection technology options ONLY run on a detection server? (Choose two.)
A company needs to secure the content of all mergers and Acquisitions Agreements/ However, the standard text included in all company literature needs to be excluded.
How should the company ensure that this standard text is excluded from detection?
Which action is available for use in both Smart Response and Automated Response rules?
A compliance officer needs to understand how the company is complying with its data security policies over time.
Which report should be compliance officer generate to obtain the compliance information?
Why would an administrator set the Similarity Threshold to zero when testing and tuning a Vector Machine Learning (VML) profile?
Under the “System Overview” in the Enforce management console, the status of a Network Monitor detection server is shown as “Running Selected.” The Network Monitor server’s event logs indicate that the packet capture and filereader processes are crashing.
What is a possible cause for the Network Monitor server being in this state?
Which of the following would have to be a custom attribute (and not an out-of -the-box system attribute) in incident snapshots?
A DLP administrator needs to stop the PacketCapture process on a detection server. Upon inspection of the Server Detail page, the administrator discovers that all processes are missing from the display.
What are the processes missing from the Server Detail page display?
Which two DLP products support the new Optical Character Recognition (OCR) engine in Symantec DLP 15.0? (Choose two.)
PDF + Testing Engine
Testing Engine
PDF (Q&A)
