Broadcom 250-438 Exam Practice Test Instant Access

Question 1

Which two components can perform a file system scan of a workstation? (Choose two.)

AEndpoint Server

BDLP Agent

CNetwork Prevent for Web Server

DDiscover Server

EEnforce Server

Answer : B, D

Question 2

A company needs to secure the content of all mergers and Acquisitions Agreements/ However, the standard text included in all company literature needs to be excluded.

How should the company ensure that this standard text is excluded from detection?

ACreate a Whitelisted.txt file after creating the Vector Machine Learning (VML) profile.

BCreate a Whitelisted.txt file after creating the Exact Data Matching (EDM) profile

CCreate a Whitelisted.txt file before creating the Indexed Document Matching (IDM) profile

DCreate a Whitelisted.txt file before creating the Exact Data Matching (EDM) profile

Answer : C

Question 3

What detection technology supports partial contents matching?

AIndexed Document Matching (IDM)

BDescribed Content Matching (DCM)

CExact Data Matching (DCM)

DOptical Character Recognition (OCR)

Answer : A

Question 4

When managing an Endpoint Discover scan, a DLP administrator notices some endpoint computers are NOT completing their scans.

When does the DLP agent stop scanning?

AWhen the agent sends a report within the ''Scan Idle Timeout'' period

BWhen the endpoint computer is rebooted and the agent is started

CWhen the agent is unable to send a status report within the ''Scan Idle Timeout'' period

DWhen the agent sends a report immediately after the ''Scan Idle Timeout'' period

Answer : C

Question 5

An administrator is unable to log in to the Enforce management console as â€œsysadminâ€. Symantec DLP is configured to use Active Directory authentication. The administrator is a member of two roles: â€œsysadminâ€ and â€œremediator.â€

How should the administrator log in to the Enforce console with the â€œsysadminâ€ role?

Asysadmin\username

Bsysadmin\username@domain

Cdomain\username

Dusername\sysadmin

Answer : C

Question 6

A DLP administrator has added several approved endpoint devices as exceptions to an Endpoint Prevent policy that blocks the transfer of sensitive dat

a. However, data transfers to these devices are still being blocked.

What is the first action an administrator should take to enable data transfers to the approved endpoint devices?

ADisable and re-enable the Endpoint Prevent policy to activate the changes

BDouble-check that the correct device ID or class has been entered for each device

CVerify Application File Access Control (AFAC) is configured to monitor the specific application

DEdit the exception rule to ensure that the ''Match On'' option is set to ''Attachments''

Answer : D

Question 7

An organization wants to restrict employees to copy files only a specific set of USB thumb drives owned by the organization.

Which detection method should the organization use to meet this requirement?

AExact data Matching (EDM)

BIndexed Document matching (IDM)

CDescribed Content Matching (DCM)

DVector Machine Learning (VML)

Answer : D

Broadcom 250-438 Administration of Symantec Data Loss Prevention 15 Exam Practice Test