Which of the following actions can you implement ONLY as a Smart Response rule (and not as an automates response rule)?
Which server target uses the “Automated Incident Remediation Tracking” feature in Symantec DLP?
Which two factors are common sources of data leakage where the main actor is well-meaning insider? (Choose two.)
What is required on the Enforce server to communicate with the Symantec DLP database?
An organization wants to restrict employees to copy files only a specific set of USB thumb drives owned by the organization.
Which detection method should the organization use to meet this requirement?
What is the default fallback option for the Endpoint Prevent Encrypt response rule?
What is the correct installation sequence for the components shown here, according to the Symantec Installation Guide?
Place the options in the correct installation sequence.
Which statement accurately describes where Optical Character Recognition (OCR) components must be installed?
What should an incident responder select in the Enforce management console to remediate multiple incidents simultaneously?
Why would an administrator set the Similarity Threshold to zero when testing and tuning a Vector Machine Learning (VML) profile?
A customer needs to integrate information form DLP incidents into external Governance, Risk, and Compliance dashboards.
Which feature should a third-party component integrate with to provide dynamic reporting, create custom incident remediation processes, or support business processes?
What is the correct order for data in motion when a customer has integrated their CloudSOC and DLP solutions?
A DLP administrator created a new agent configuration for an Endpoint server. However, the endpoint agents fail to receive the new configuration.
What is one possible reason that the agent fails to receive the new configuration?
Which two technologies should an organization utilize for integration with the Network Prevent products? (choose two.)
Which two automated response rules will be active in policies that include Exact Data Matching (EDM) detection rule? (Choose two.)
What is the correct configuration for “BoxMonitor.Channels” that will allow the server to start as a Network Monitor server?
Which product is able to replace a confidential document residing on a file share with a marker file explaining why the document was removed?
What are two (2) reasons an administrator should utilize a manual configuration to determine the endpoint location? (Choose two.)
A DLP administrator is attempting to add a new Network Discover detection server from the Enforce management console. However, the only available options are Network Monitor and Endpoint servers.
What should the administrator do to make the Network Discover option available?
Where in the Enforce management console can a DLP administrator change the “UI.NO_SCAN.int” setting to disable the “Inspecting data” pop-up?
Which two (2) technologies should an organization utilize for integration with the Network Prevent products? (Choose two.)
Which two components can perform a file system scan of a workstation? (Choose two.)
TESTED 22 May 2026
