ST0-237 - Symantec Data Loss Prevention 12 Technical Assessment

Go back to Veritas

Example Questions

The amount of discarded packets for a Network Monitor server is increasing throughout the day. Which Network Monitor configuration changes should be implemented to reduce the number of packets that are discarded? A policy template called Customer Credit Card Numbers is being imported into the system. What is the default result for the import of this policy template? An incident response team has determined that multiple incidents are resulting from the same user action of copying sensitive data to USB devices. Which action should the incident response team take to fix this issue so only one incident per action is detected? Which Symantec Control Compliance Suite 9.0 component is responsible for most inter-component transactions? Which two database versions does Symantec Data Loss Prevention 11.5 support for incident and policy storage? (Select two.) A DLP administrator needs to inspect HTTP traffic using a Network Monitor, including data pushed up to the web and data pulled down from the web. Which configuration changes should the administrator make under the advanced server settings to include all cases? An administrator is running a Discover Scanner target scan and the scanner is unable to communicate back to the Discover Server. Where will the files be stored? A Data Loss Prevention administrator notices that several errors occurred during a Network Discover scan. Which report can the administrator use to determine exactly which errors occurred and when? Which two benefits does the Policy Module provide? (Select two.) Silent installation can be performed for which component of Symantec Control Compliance Suite 9.0? How can an administrator validate that once a policy is updated and saved it has been enabled on a specific detection server? Where can a Data Loss Prevention administrator configure the throttling option for a DLP Agent? What must a policy manager do when working with Exact Data Matching (EDM) indexes? Which traffic type will be excluded from analysis? The Symantec Control Compliance Suite 9.0 (CCS 9.0) stores large amounts of data in databases. The database administrator must perform tasks on the databases outside of CCS 9.0 to maintain the databases and to ensure that the databases are performing at an acceptable level. Which three tasks should be routinely scheduled in SQL Server Management Studio? (Select three.) Which traffic type is excluded from analysis when an administrator uses Network Monitor? Which tool is provided by default to edit a database on an endpoint? A user receives this error message in the Symantec event log: An error occurred while attempting to run a scheduled job; Reason for failure: Password doesn't exist for username. The Symantec Control Compliance Suite 9.0 is configured to store the user credentials for job runs. Where must the user supply the correct credentials? Which two dates must be selected when creating an exception request? (Select two.) Which is the correct installation sequence? What are two functions of the Enterprise Configuration Service? (Select two.) Which delimiter is acceptable in Exact Data Matching (EDM) data sources? The terms Confidentiality, Integrity, and Availability refer to which aspect of an Evaluation of a Standard? An administrator is configuring an approved Endpoint device and adding it as an exception to a policy that blocks the transfer of sensitive data. Data transfers to these approved Endpoint devices are still being blocked. Which action should the administrator take to prevent the data transfers from being blocked? Which two options are available when selecting an incident for deletion? (Select two.) An administrator is applying a newly created agent configuration to an Endpoint server. Upon inspection, the new configuration is unassigned in the Endpoint Server Details. What is a possible cause for the new configuration failing to be assigned? You execute the qio_convertdbfiles command to convert the database files to use Quick I/O. The command results with an error that the database files are not on a VxFS file system. You need to convert the database files to use Quick I/O. What should you do? Which two protocols are available by default and recognized by Network Monitor by their individual signatures? (Select two.) Which Network Discover option is used to determine whether confidential data exists without having to scan the entire target? Which two detection condition types match on all Envelope, Subject, Body, and Attachment components? (Select two.) How is data moved to the servers at Symantec when auto-transmission of Supportability Telemetry data is enabled? A company needs to protect all Mergers and Acquisitions Agreements from leaving the organization. However, there is standard text that is included in all company literature that they would like to exclude. What should be done to make sure that this standard text is excluded from detection? The following steps have been taken: Which job will be executed? Which structures are parts of the Cross-platform Data Sharing (CDS) format? Which response rule condition allows a policy manager to configure an Automated Response rule to execute while a user is travelling? Which command line diagnostic utilities would give a user the operating system version of the detection servers? You have executed the vxdg -g diskgroup adddisk disk_name= command. Which switch needs to be added to force VxVM to take the disk media name of the failed disk and assign it to the new replacement disk? You have replaced disks on a system under the VxVM control and you get an error "VxVM vxconfigrestore ERROR V-5-1-6012 There are two backups that have the same disk group name with different disk group id". How will you resolve this error? You are turning on the quota on a file system for the first time. You want to ensure you are able to establish quota for a group of users named finance. What should you do? Which two Diagnostic Logging Settings can be configured under the Systems > Servers > Logs - Configuration tab in the Enforce UI? (Select two.) An administrator pulls the Services and Operation logs off of a DLP Agent by using the Pull Logs action. What happens to the log files after the administrator performs the Pull Logs action? Which report helps a compliance officer understand how the company is complying with its data security policies over time? What is required to assign permissions to the asset system? Which Symantec Control Compliance Suite 9.0 components must be installed in the same domain? Which interface provides single sign-on access for the purpose of administering Data Loss Prevention servers, managing policies, and remediating incidents? If a customer is running Enterprise Security Manager (ESM) 6.5.x in their environment, which two ESM components must be upgraded for it to work with Symantec Control Compliance Suite 9.0? (Select two.) A Network Monitor server has been installed and the networking components configured accordingly. The server is receiving traffic, but fails to detect incidents. Running Wireshark indicates that the desired traffic is reaching the detection server. What is the most likely cause for this behavior? The business data owner is unavailable. Who can approve the entitlements in his absence? Which three are valid Reconciliation Rule types in Symantec Control Compliance Suite 9.0? (Select three.) How should an administrator determine which Database version is running?