Spring Sale Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code = simple70

Pass the Symantec Data Loss Prevention 250-587 Questions and answers with Dumpstech

Exam 250-587 Premium Access

View all detail and faqs for the 250-587 exam

Go to Exam
Practice at least 50% of the questions to maximize your chances of passing.
Viewing page 1 out of 3 pages
Viewing questions 1-10 out of questions
Questions # 1:

How should a DLP administrator change a policy so that it retains the original file when an endpoint incident has detected a “cope to USB device” operation?

Options:

A.

Add a “Limit Incident Data Retention” response rule with “retain Original Message” option selected.

B.

Modify the agent config.db to include the file

C.

Modify the “Endpoint_Retain_Files.int” setting in the Endpoint server configuration

D.

Modify the agent configuration and select the option “retain Original Files”

Questions # 2:

Which two detection technology options run on the DLP agent? (Choose two.)

Options:

A.

Optical Character Recognition (OCR)

B.

Described Content Matching (DCM)

C.

Directory Group Matching (DGM)

D.

Form Recognition

E.

Indexed Document Matching (IDM)

Questions # 3:

Where should an administrator set the debug levels for an Endpoint Agent?

Options:

A.

Setting the log level within the Agent List

B.

Advanced configuration within the Agent settings

C.

Setting the log level within the Agent Overview

D.

Advanced server settings within the Endpoint server

Questions # 4:

What detection technology supports partial contents matching?

Options:

A.

Indexed Document Matching (IDM)

B.

Described Content Matching (DCM)

C.

Exact Data Matching (DCM)

D.

Optical Character Recognition (OCR)

Questions # 5:

What are two reasons an administrator should utilize a manual configuration to determine the endpoint location? (Choose two.)

Options:

A.

To specify Wi-Fi SSID names

B.

To specify an IP address or range

C.

To specify the endpoint server

D.

To specify domain names

E.

To specify network card status (ON/OFF)

Questions # 6:

Where in the Enforce management console can a DLP administrator change the “UI.NO_SCAN.int” setting to disable the “Inspecting data” pop-up?

Options:

A.

Advanced Server Settings from the Endpoint Server Configuration

B.

Advanced Monitoring from the Agent Configuration

C.

Advanced Agent Settings from the Agent Configuration

D.

Application Monitoring from the Agent Configuration

Questions # 7:

What are three features that are available for Network Discover File System High-Speed Discover (FS-HSD) scans but are NOT available for Network Discover (regular or legacy) File System scans?

Options:

A.

Support for SMB v3, Symantec DLP REST APIs, and Internal Pause-Resume

B.

Support for SMB v3, Symantec DLP REST APIs, and incremental scans

C.

Symantec DLP REST APIs, incremental scans, and scan scheduling

D.

Incremental scans, scan scheduling, and incident replication scan status

Questions # 8:

A software company wants to protect its source code, including new source code created between scheduled indexing runs.

Which detection method should the company use to meet this requirement?

Options:

A.

Exact Data Matching (EDM)

B.

Described Content Matching (DCM)

C.

Indexed Document Matching (IDM)

D.

Vector Machine Learning (VML)

Questions # 9:

Which two (2) actions are available for a “Network Prevent: Remove HTTP/HTTPS content” response rule when the content is unable to be removed? (Choose two.)

Options:

A.

Redirect the content to an alternative destination

B.

Block the content from being posted

C.

Encrypt the content before posting

D.

Remove the content through FlexResponse

E.

Allow the content to be posted

Questions # 10:

Which two (2) detection servers are available as virtual appliances? (Choose two.)

Options:

A.

Network Prevent for Email

B.

Network Monitor

C.

Network Discover

D.

Network Prevent for Web

E.

Optical Character Recognition (OCR)

Viewing page 1 out of 3 pages
Viewing questions 1-10 out of questions