Symantec Other Certification

Free Sharing Updated 250-438 VCE and PDF Exam Practice Materials

Attention please! Here is the shortcut to pass your Newest 250-438 vce exam! Get yourself well prepared for the Symantec Other Certification May 17,2022 Newest 250-438 study guide Administration of Symantec Data Loss Prevention 15 exam is really a hard job. But don’t worry! We We, provides the most update 250-438 dumps. With We latest 250-438 real exam questions, you’ll pass the Symantec Other Certification Latest 250-438 QAs Administration of Symantec Data Loss Prevention 15 exam in an easy way

We Geekcert has our own expert team. They selected and published the latest 250-438 preparation materials from Official Exam-Center.

The following are the 250-438 free dumps. Go through and check the validity and accuracy of our 250-438 dumps.The following questions and answers are from the latest 250-438 free dumps. It will help you understand the validity of the latest 250-438 dumps.

Question 1:

What is the correct configuration for “BoxMonitor.Channels” that will allow the server to start as a Network Monitor server?

A. Packet Capture, Span Port

B. Packet Capture, Network Tap

C. Packet Capture, Copy Rule

D. Packet capture, Network Monitor

Correct Answer: C

Reference: https://support.symantec.com/en_US/article.TECH218980.html


Question 2:

A software company wants to protect its source code, including new source code created between scheduled indexing runs. Which detection method should the company use to meet this requirement?

A. Exact Data Matching (EDM)

B. Described Content Matching (DCM)

C. Vector Machine Learning (VML)

D. Indexed Document Matching (IDM)

Correct Answer: D

Reference: https://help.symantec.com/cs/DLP15.0/DLP/v100774847_v120691346/Scheduling-remote-indexing?locale=EN_US


Question 3:

Which product is able to replace a confidential document residing on a file share with a marker file explaining why the document was removed?

A. Network Discover

B. Cloud Service for Email

C. Endpoint Prevent

D. Network Protect

Correct Answer: D

Reference: https://help.symantec.com/cs/dlp15.1/DLP/v15600645_v125428396/Configuring-Network-Protect-for-file-shares?locale=EN_US


Question 4:

Which detection method depends on “training sets”?

A. Form Recognition

B. Vector Machine Learning (VML)

C. Index Document Matching (IDM)

D. Exact Data Matching (EDM)

Correct Answer: B

Reference: http://eval.symantec.com/mktginfo/enterprise/white_papers/b-dlp_machine_learning.WP_en-us.pdf


Question 5:

Which action should a DLP administrator take to secure communications between an on-premises Enforce server and detection servers hosted in the Cloud?

A. Use the built-in Symantec DLP certificate for the Enforce Server, and use the “sslkeytool” utility to create certificates for the detection servers.

B. Use the built-in Symantec DLP certificate for both the Enforce server and the hosted detection servers.

C. Set up a Virtual Private Network (VPN) for the Enforce server and the hosted detection servers.

D. Use the “sslkeytool” utility to create certificates for the Enforce server and the hosted detection servers.

Correct Answer: A

Reference: https://www.symantec.com/connect/articles/sslkeytool-utility-and-server-certificates


Question 6:

Which two components can perform a file system scan of a workstation? (Choose two.)

A. Endpoint Server

B. DLP Agent

C. Network Prevent for Web Server

D. Discover Server

E. Enforce Server

Correct Answer: BD


Question 7:

A DLP administrator needs to stop the PacketCapture process on a detection server. Upon inspection of the Server Detail page, the administrator discovers that all processes are missing from the display. What are the processes missing from the Server Detail page display?

A. The Display Process Control setting on the Advanced Settings page is disabled.

B. The Advanced Process Control setting on the System Settings page is deselected.

C. The detection server Display Control Process option is disabled on the Server Detail page.

D. The detection server PacketCapture process is displayed on the Server Overview page.

Correct Answer: B

Reference: https://support.symantec.com/content/unifiedweb/en_US/article.TECH220250.html


Question 8:

What detection technology supports partial contents matching?

A. Indexed Document Matching (IDM)

B. Described Content Matching (DCM)

C. Exact Data Matching (EDM)

D. Optical Character Recognition (OCR)

Correct Answer: A

Reference: https://help.symantec.com/cs/dlp15.1/DLP/v115965297_v125428396/Mac-agent-detection-technologies?locale=EN_US


Question 9:

What is Application Detection Configuration?

A. The Cloud Detection Service (CDS) process that tells Enforce a policy has been violated

B. The Data Loss Prevention (DLP) policy which has been pushed into Cloud Detection Service (CDC) for files in transit to or residing in Cloud apps

C. The terminology describing the Data Loss Prevention (DLP) process within the CloudSOC administration portal

D. The setting configured within the user interface (UI) that determines whether CloudSOC should send a file to Cloud Detection Service (CDS) for analysis.

Correct Answer: A

Reference: https://help.symantec.com/cs/DLP15.0/DLP/v119805091_v120691346/About-Application-Detection|Symantec�-Data-Loss-Prevention-15.0?locale=EN_US


Question 10:

Which two detection servers are available as virtual appliances? (Choose two.)

A. Network Monitor

B. Network Prevent for Web

C. Network Discover

D. Network Prevent for Email

E. Optical Character Recognition (OCR)

Correct Answer: BD

Reference: https://help.symantec.com/cs/dlp15.0/DLP/v123002905_v120691346/About-DLP-Appliances?locale=EN_US


Question 11:

Which server target uses the “Automated Incident Remediation Tracking” feature in Symantec DLP?

A. Exchange

B. File System

C. Lotus Notes

D. SharePoint

Correct Answer: B

Reference: https://help.symantec.com/cs/DLP15.0/DLP/v83981880_v120691346/Troubleshooting-automated-incident-remediation-tracking?locale=EN_US


Question 12:

An administrator is unable to log in to the Enforce management console as “sysadmin”. Symantec DLP is configured to use Active Directory authentication. The administrator is a member of two roles: “sysadmin” and “remediator.” How should the administrator log in to the Enforce console with the “sysadmin” role?

A. sysadmin\username

B. sysadmin\[email protected]

C. domain\username

D. username\sysadmin

Correct Answer: C


Question 13:

Which tool must a DLP administrator run to certify the database prior to upgrading DLP?

A. Lob_Tablespace Reclamation Tool

B. Upgrade Readiness Tool

C. SymDiag

D. EnforceMigrationUtility

Correct Answer: B

Reference: https://support.symantec.com/en_US/article.DOC10667.html


Question 14:

Which two DLP products support the new Optical Character Recognition (OCR) engine in Symantec DLP 15.0? (Choose two.)

A. Endpoint Prevent

B. Cloud Service for Email

C. Network Prevent for Email

D. Network Discover

E. Cloud Detection Service

Correct Answer: BC


Question 15:

Which two factors are common sources of data leakage where the main actor is well-meaning insider? (Choose two.)

A. An absence of a trained incident response team

B. A disgruntled employee for a job with a competitor

C. Merger and Acquisition activities

D. Lack of training and awareness

E. Broken business processes

Correct Answer: BD