Hello!
Excuse me, there would be the possibility that they would solve some doubts for me to present the Dlp 15.5 exam.
1. What activity should occur during the baseline phase, according to the risk reduction model?
A. Define and build the incident response team
B. Test policies to ensure that blocking actions minimize business process disruptions
C. Establish business metrics and begin sending reports to business unit stakeholders
D. Monitor incidents and tune the policy to reduce false positives
2. How should a DLP administrator exclude a custom endpoint aplication named "custop_app.exe" from being monitoring by aplication file acess control?
A. Add "custop_app.exe" to the "Application ****" on all Endpoint servers.
B. Add "custop_app.exe" Application Monitoring Configuration and de-select all ist channel options.
C. Add "custop_app.exe" as a filename exception to the Endpoint Prevent policy.
D. Add "custop_app.exe" to the "Program Excusion List" in the agent configuration settings.
3. Which action should a DLP administrator take to secure communications between an on premises Enforce server and detection servers hosted in the Cloud?
A: Use the built-in Symantec DLP certificate for the Enforce Server, and use the "sslkeytool" utility to create certificates for the detection servers.
B: Use the built-in Symantec DLP certificate for both the Enforce server and the hosted detection servers.
C: Set up a Virtual Private Network (VPN) for the Enforce server and the hosted detection servers.
D: Use the "sslkeytool" utility to create certificates for the Enforce server and the hosted detection servers.
4. A DLP administrator needs to stop the PacketCapture process on a detection server. Upon inspection of the Server Detail page, the administrator discovers that all processes are missing from the display. Why are the processes missing from the Server Detail page display?
A. The detection server Display Control Process option is disabled on the Server Detail page.
B. The Display Process Control setting on the Advanced Settings page is disabled.
C. The detection server PacketCapture process is displayed on the Server Overview pa
5. A DLP administrator has performed a test deployment of the DLP 15.0 Endpoint agent and now wants to uninstall the agent.
However, the administrator no longer remembers the uninstall password.
What should the administrator do to work around the password problem?
A. Apply a new global agent uninstall password in the Enforce management console.
B. Manually delete all the Endpoint agent files from the test computer and install a new agent package.
C. Replace the PGPsdk.dll file on the agent's assigned Endpoint server with a copy from a different Endpoint server
D. Use the UninstallPwdGenerator to create an UninstallPasswordKey.
6. Which statement accurately describes where Optical Character Recognition (OCR) components must be installed?
A. The OCR engine must be installed on detection server other than the Enforce server.
B. The OCR server software must be installed on one or more dedicated (non-detection) Linux servers.
C. The OCR engine must be directly on the Enforce server.
D. The OCR server software must be installed on one or more dedicated (non-detection) Windows servers.
7. What is the correct installation sequence for the components shown here, according to the Symantec Installation Guide?
-Oracle DB
-Enforce server
-Solution pack
-Detection server
8. The Symantec Data Loss risk reduction approach has six stages
Planning
Deployment
Baseline
Remediation
Notification
Prevention-Protection
Or what would they be?
Thank you for your answers!