How should a DLP administrator exclude a custom endpoint application named "custom_app.exe" from being monitoring by Application File Access Control?

A. Add "custom_app.exe" to the "Application Whitelist" on all Endpoint servers.

B. Add "custom_app.exe" Application Monitoring Configuration and de-select all its channel options.

C. Add "custom_app_.exe" as a filename exception to the Endpoint Prevent policy.

D. Add "custom_app.exe" to the "Program Exclusion List" in the agent configuration settings.

Which action should a DLP administrator take to secure communications between an on-premises Enforce server and detection servers hosted in the Cloud?

A. Use the built-in Symantec DLP certificate for the Enforce Server, and use the "sslkeytool" utility to create certificates for the detection servers.

B. Use the built-in Symantec DLP certificate for both the Enforce server and the hosted detection servers.

C. Set up a Virtual Private Network (VPN) for the Enforce server and the hosted detection servers.

D. Use the "sslkeytool" utility to create certificates for the Enforce server and the hosted detection servers.

What is the default fallback option for the Endpoint Prevent Encrypt response rule?

A. Block

B. User Cancel

C. Encrypt

D. Notify

A DLP administrator needs to stop the PacketCapture process on a detection server. Upon inspection of the Server Detail page, the administrator discovers that all processes are missing from the display. What are the processes missing from the Server Detail page display?

A. The Display Process Control setting on the Advanced Settings page is disabled.

B. The Advanced Process Control setting on the System Settings page is deselected.

C. The detection server Display Control Process option is disabled on the Server Detail page.

D. The detection server PacketCapture process is displayed on the Server Overview page.

What detection technology supports partial contents matching?

A. Indexed Document Matching (IDM)

B. Described Content Matching (DCM)

C. Exact Data Matching (EDM)

D. Optical Character Recognition (OCR)

What detection method utilizes Data Identifiers?

A. Indexed Document Matching (IDM)

B. Described Content Matching (DCM)

C. Directory Group Matching (DGM)

D. Exact Data Matching (EDM)

A DLP administrator is testing Network Prevent for Web functionality. When the administrator posts a small test file to a cloud storage website, no new incidents are reported. What should the administrator do to allow incidents to be generated against this file?

A. Change the "Ignore requests Smaller Than" value to 1

B. Add the filename to the Inspect Content Type field

C. Change the "PacketCapture.DISCARD_HTTP_GET" value to "false"

D. Uncheck trial mode under the ICAP tab

An organization wants to restrict employees to copy files only a specific set of USB thumb drives owned by the organization. Which detection method should the organization use to meet this requirement?

A. Exact Data Matching (EDM)

B. Indexed Document Matching (IDM)

C. Described Content Matching (DCM)

D. Vector Machine Learning (VML)

Why would an administrator set the Similarity Threshold to zero when testing and tuning a Vector Machine Learning (VML) profile?

A. To capture the matches to the Positive set

B. To capture the matches to the Negative set

C. To see the false negatives only

D. To see the entire range of potential matches

Which two automated response rules will be active in policies that include Exact Data Matching (EDM) detection rule? (Choose two.)

A. Endpoint Discover: Quarantine File

B. All: Send Email Notification

C. Endpoint Prevent: User Cancel

D. Endpoint Prevent: Block

E. Network Protect: Quarantine File