What is required on the Enforce server to communicate with the Symantec DLP database?
A DLP administrator is attempting to add a new Network Discover detection server from the Enforce management console. However, the only available options are Network Monitor and Endpoint servers.
What should the administrator do to make the Network Discover option available?
An administrator is unable to log in to the Enforce management console as “sysadmin”. Symantec DLP is configured to use Active Directory authentication. The administrator is a member of two roles: “sysadmin” and “remediator.”
How should the administrator log in to the Enforce console with the “sysadmin” role?
What detection technology supports partial contents matching?
What detection method utilizes Data Identifiers?
Which tool must a DLP administrator run to certify the database prior to upgrading DLP?
A DLP administrator determines that the \SymantecDLP\Protect\Incidents folder on the Enforce server contains. BAD files dated today, while other. IDC files are flowing in and out of the \Incidents directory. Only .IDC files larger than 1MB are turning to .BAD files.
What could be causing only incident data smaller than 1MB to persist while incidents larger than 1MB change to .BAD files?
How should a DLP administrator change a policy so that it retains the original file when an endpoint incident has detected a “cope to USB device” operation?
Under the “System Overview” in the Enforce management console, the status of a Network Monitor detection server is shown as “Running Selected.” The Network Monitor server’s event logs indicate that the packet capture and filereader processes are crashing.
What is a possible cause for the Network Monitor server being in this state?
A software company wants to protect its source code, including new source code created between scheduled indexing runs.
Which detection method should the company use to meet this requirement?
