250-587 Symantec Data Loss Prevention 16.x Administration Technical Specialist Questions and Answers
Why would an administrator set the Similarity Threshold to zero when testing and tuning a Vector Machine Learning (VML) profile?
What is the Symantec recommended order for stopping Symantec DLP services on a Windows Enforce server?
Which two components can perform a file system scan of a workstation? (Choose two.)
A DLP administrator is testing Network Prevent for Web functionality. When the administrator posts a small test file to a cloud storage website, no new incidents are reported.
What should the administrator do to allow incidents to be generated against this file?
Which option correctly describes the two-tier installation type for Symantec DLP?
A DLP administrator is preparing to install Symantec DLP and has been asked to use an Oracle database provided by the Database Administration team.
Which SQL *Plus command should the administrator utilize to determine if the database is using a supported version of Oracle?
Which product is able to replace a confidential document residing on a file share with a marker file explaining why the document was removed?
Which two Network Discover/Cloud Storage targets apply Information Centric Encryption as policy response rules?
What should an incident responder select in the Enforce management console to remediate multiple incidents simultaneously?
What should an incident responder select in the Enforce management console to remediate multiple incidents simultaneously?
How should a DLP administrator change a policy so that it retains the original file when an endpoint incident has detected a “cope to USB device” operation?
Which of the following is a good use case for Structured Data Identifiers (SDIs)?
When configuring Network Prevent for Email, what is the role of Mail Transfer Agents (MTAs)?
Which two (2) DLP products support Optical Character Recognition (OCR)? (Choose two.)
Which network DLP products support User Risk-Based Detection, in which Symantec DLP uses Symantec Information Centric Analytics (ICA) user risk scores in policy detection rules?
Which two detection technology options ONLY run on a detection server? (Choose two.)
A divisional executive requests a report of all incidents generated by a particular region, summarized by department.
What does the DLP administrator need to configure to generate this report?
An administrator is unable to log in to the Enforce management console as “sysadmin”. Symantec DLP is configured to use Active Directory authentication. The administrator is a member of two roles: “sysadmin” and “remediator.”
How should the administrator log in to the Enforce console with the “sysadmin” role?
What is the correct configuration for “BoxMonitor.Channels” that will allow the server to start as a Network Monitor server?
Which two actions are available for a “Network Prevent: Remove HTTP/HTTPS content” response rule when the content is unable to be removed? (Choose two.)
Which two locations can Symantec DLP scan and perform Information Centric Encryption (ICE) actions on? (Choose two.)
A DLP administrator created a new agent configuration for an Endpoint server. However, the endpoint agents fail to receive the new configuration.
What is one possible reason that the agent fails to receive the new configuration?
What is the default fallback option for the Endpoint Prevent Encrypt response rule?
Which two (2) actions are available for a “Network Prevent: Remove HTTP/HTTPS content” response rule when the content is unable to be removed? (Choose two.)