How Many Questions Of 250-438 Free Demo

Ucertify 250-438 Questions are updated and all 250-438 answers are verified by experts. Once you have completely prepared with our 250-438 exam prep kits you will be ready for the real 250-438 exam without a problem. We have Avant-garde Symantec 250-438 dumps study guide. PASSED 250-438 First attempt! Here What I Did.

Online 250-438 free questions and answers of New Version:

NEW QUESTION 1
How should a DLP administrator exclude a custom endpoint application named “custom_app.exe” from being monitoring by Application File Access Control?

  • A. Add “custom_app.exe” to the “Application Whitelist” on all Endpoint servers.
  • B. Add “custom_app.exe” Application Monitoring Configuration and de-select all its channel options.
  • C. Add “custom_app_.exe” as a filename exception to the Endpoint Prevent policy.
  • D. Add “custom_app.exe” to the “Program Exclusion List” in the agent configuration settings.

Answer: A

Explanation:
Reference: https://docs.mcafee.com/bundle/data-loss-prevention-11.0.400-product-guide-epolicy-orchestrator/page/GUID-0F81A895-0A46-4FF8-A869-0365D6620185.html

NEW QUESTION 2
Which two Infrastructure-as-a-Service providers are supported for hosting Cloud Prevent for Office 365? (Choose two.)

  • A. Any customer-hosted private cloud
  • B. Amazon Web Services
  • C. AT&T
  • D. Verizon
  • E. Rackspace

Answer: BE

NEW QUESTION 3
What is Application Detection Configuration?

  • A. The Cloud Detection Service (CDS) process that tells Enforce a policy has been violated
  • B. The Data Loss Prevention (DLP) policy which has been pushed into Cloud Detection Service (CDC) for files in transit to or residing in Cloud apps
  • C. The terminology describing the Data Loss Prevention (DLP) process within the CloudSOC administration portal
  • D. The setting configured within the user interface (UI) that determines whether CloudSOC should send a file to Cloud Detection Service (CDS) for analysis.

Answer: A

Explanation:
Reference: https://help.symantec.com/cs/DLP15.0/DLP/v119805091_v120691346/About-Application-Detection%7CSymantec%EF%BF%BD-Data-Loss-Prevention-15.0?locale=EN_US

NEW QUESTION 4
A DLP administrator has performed a test deployment of the DLP 15.0 Endpoint agent and now wants to uninstall the agent. However, the administrator no longer remembers the uninstall password. What should the administrator do to work around the password problem?

  • A. Apply a new global agent uninstall password in the Enforce management console.
  • B. Manually delete all the Endpoint agent files from the test computer and install a new agent package.
  • C. Replace the PGPsdk.dll file on the agent’s assigned Endpoint server with a copy from a different Endpoint server
  • D. Use the UninstallPwdGenerator to create an UninstallPasswordKey.

Answer: D

NEW QUESTION 5
Which detection method depends on “training sets”?

  • A. Form Recognition
  • B. Vector Machine Learning (VML)
  • C. Index Document Matching (IDM)
  • D. Exact Data Matching (EDM)

Answer: B

Explanation:
Reference: http://eval.symantec.com/mktginfo/enterprise/white_papers/b-dlp_machine_learning.WP_en-us.pdf

NEW QUESTION 6
What is the correct order for data in motion when a customer has integrated their CloudSOC and DLP solutions?

  • A. User > CloudSOC Gatelet > DLP Cloud Detection Service > Application
  • B. User > Enforce > Application
  • C. User > Enforce > CloudSOC > Application
  • D. User > CloudSOC Gatelet > Enforce > Application

Answer: C

NEW QUESTION 7
What is required on the Enforce server to communicate with the Symantec DLP database?

  • A. Port 8082 should be opened
  • B. CryptoMasterKey.properties file
  • C. Symbolic links to .dbf files
  • D. SQL*Plus Client

Answer: D

Explanation:
Reference: https://www.symantec.com/connect/articles/three-tier-installation-dlp-product

NEW QUESTION 8
What are two reasons an administrator should utilize a manual configuration to determine the endpoint location? (Choose two.)

  • A. To specify Wi-Fi SSID names
  • B. To specify an IP address or range
  • C. To specify the endpoint server
  • D. To specify domain names
  • E. To specify network card status (ON/OFF)

Answer: BD

Explanation:
Reference: https://help.symantec.com/cs/dlp15.1/DLP/v18349332_v125428396/Setting-the-endpoint-location?locale=EN_US

NEW QUESTION 9
Which channel does Endpoint Prevent protect using Device Control?

  • A. Bluetooth
  • B. USB storage
  • C. CD/DVD
  • D. Network card

Answer: B

Explanation:
Reference: https://support.symantec.com/en_US/article.HOWTO80865.html#v36651044

NEW QUESTION 10
Which detection server is available from Symantec as a hardware appliance?

  • A. Network Prevent for Email
  • B. Network Discover
  • C. Network Monitor
  • D. Network Prevent for Web

Answer: D

Explanation:
Reference: https://help.symantec.com/cs/dlp15.0/DLP/v122938258_v120691346/Setting-up-the-DLP-S500-Appliance?locale=EN_US

NEW QUESTION 11
Where should an administrator set the debug levels for an Endpoint Agent?

  • A. Setting the log level within the Agent List
  • B. Advanced configuration within the Agent settings
  • C. Setting the log level within the Agent Overview
  • D. Advanced server settings within the Endpoint server

Answer: C

Explanation:
Reference: https://support.symantec.com/en_US/article.TECH248581.html

NEW QUESTION 12
Which two locations can Symantec DLP scan and perform Information Centric Encryption (ICE) actions on? (Choose two.)

  • A. Exchange
  • B. Jiveon
  • C. File store
  • D. SharePoint
  • E. Confluence

Answer: CD

Explanation:
Reference: https://www.symantec.com/content/dam/symantec/docs/data-sheets/information-centric-encryption-en.pdf

NEW QUESTION 13
Where in the Enforce management console can a DLP administrator change the “UI.NO_SCAN.int” setting to disable the “Inspecting data” pop-up?

  • A. Advanced Server Settings from the Endpoint Server Configuration
  • B. Advanced Monitoring from the Agent Configuration
  • C. Advanced Agent Settings from the Agent Configuration
  • D. Application Monitoring from the Agent Configuration

Answer: C

Explanation:
Reference: https://www.symantec.com/connect/forums/dlp-pop-examining-content

NEW QUESTION 14
Which two factors are common sources of data leakage where the main actor is well-meaning insider? (Choose two.)

  • A. An absence of a trained incident response team
  • B. A disgruntled employee for a job with a competitor
  • C. Merger and Acquisition activities
  • D. Lack of training and awareness
  • E. Broken business processes

Answer: BD

NEW QUESTION 15
What is the correct configuration for “BoxMonitor.Channels” that will allow the server to start as a Network Monitor server?

  • A. Packet Capture, Span Port
  • B. Packet Capture, Network Tap
  • C. Packet Capture, Copy Rule
  • D. Packet capture, Network Monitor

Answer: C

Explanation:
Reference: https://support.symantec.com/en_US/article.TECH218980.html

NEW QUESTION 16
A customer needs to integrate information from DLP incidents into external Governance, Risk and Compliance dashboards.
Which feature should a third party component integrate with to provide dynamic reporting, create custom incident remediation processes, or support business processes?

  • A. Export incidents using the CSV format
  • B. Incident Reporting and Update API
  • C. Incident Data Views
  • D. A Web incident extraction report

Answer: B

NEW QUESTION 17
Which two DLP products support the new Optical Character Recognition (OCR) engine in Symantec DLP 15.0? (Choose two.)

  • A. Endpoint Prevent
  • B. Cloud Service for Email
  • C. Network Prevent for Email
  • D. Network Discover
  • E. Cloud Detection Service

Answer: BC

NEW QUESTION 18
Refer to the exhibit.
250-438 dumps exhibit
What activity should occur during the baseline phase, according to the risk reduction model?

  • A. Define and build the incident response team
  • B. Monitor incidents and tune the policy to reduce false positives
  • C. Establish business metrics and begin sending reports to business unit stakeholders
  • D. Test policies to ensure that blocking actions minimize business process disruptions

Answer: C

NEW QUESTION 19
What detection method utilizes Data Identifiers?

  • A. Indexed Document Matching (IDM)
  • B. Described Content Matching (DCM)
  • C. Directory Group Matching (DGM)
  • D. Exact Data Matching (EDM)

Answer: D

Explanation:
Reference: https://www.symantec.com/connect/forums/edm-policy-exception

NEW QUESTION 20
What should an incident responder select in the Enforce management console to remediate multiple incidents simultaneously?

  • A. Smart Response on the Incident page
  • B. Automated Response on the Incident Snapshot page
  • C. Smart Response on an Incident List report
  • D. Automated Response on an Incident List report

Answer: B

NEW QUESTION 21
What detection server is used for Network Discover, Network Protect, and Cloud Storage?

  • A. Network Protect Storage Discover
  • B. Network Discover/Cloud Storage Discover
  • C. Network Prevent/Cloud Detection Service
  • D. Network Protect/Cloud Detection Service

Answer: B

Explanation:
Reference: https://help.symantec.com/cs/dlp15.0/DLP/v16110606_v120691346/Modifying-the-Network-Discover-Cloud-Storage-Discover-Server-configuration?locale=EN_US

NEW QUESTION 22
What is the default fallback option for the Endpoint Prevent Encrypt response rule?

  • A. Block
  • B. User Cancel
  • C. Encrypt
  • D. Notify

Answer: D

NEW QUESTION 23
Which service encrypts the message when using a Modify SMTP Message response rule?

  • A. Network Monitor server
  • B. SMTP Prevent
  • C. Enforce server
  • D. Encryption Gateway

Answer: D

Explanation:
Reference: https://www.symantec.com/connect/articles/network-prevent

NEW QUESTION 24
Which product is able to replace a confidential document residing on a file share with a marker file explaining why the document was removed?

  • A. Network Discover
  • B. Cloud Service for Email
  • C. Endpoint Prevent
  • D. Network Protect

Answer: D

Explanation:
Reference: https://help.symantec.com/cs/dlp15.1/DLP/v15600645_v125428396/Configuring-Network-Protect-for-file-shares?locale=EN_US

NEW QUESTION 25
A DLP administrator is preparing to install Symantec DLP and has been asked to use an Oracle database provided by the Database Administration team. Which SQL *Plus command should the administrator utilize to determine if the database is using a supported version of Oracle?

  • A. select database version from <database name>;
  • B. select * from db$version;
  • C. select * from v$version;
  • D. select db$ver from <database name>;

Answer: C

Explanation:
Reference: https://www.symantec.com/connect/forums/new-install-oracle-returns-error

NEW QUESTION 26
......

100% Valid and Newest Version 250-438 Questions & Answers shared by 2passeasy, Get Full Dumps HERE: https://www.2passeasy.com/dumps/250-438/ (New 70 Q&As)