Exam 5: Symantec Messaging Gateway 10.5 Technical Assessment (Broadcom)

While filling out the After Actions Report, an Incident Response Team noted that improved log monitoring could help detect future breaches. What are two examples of how an organization can improve log monitoring to help detect future breaches? (Choose two.)

The DLP services on an Endpoint Server keep stopping. The only events displayed in the Enforce UI are that the server processes have stopped. What is the first step the administrator should take to keep the services on the Endpoint server running?

How does a server know where to retrieve the requested information when it receives a GET request method? (Choose the best answer.)

Refer to the exhibit. An administrator needs to implement the use of a scanner, but is unfamiliar with the general, high-level process associated with scanners. Which action occurs in step 3?

Which valid automated response option should an administrator choose for Email Prevent?

You are using the Symantec Storage Foundation Web GUI to manage a tiered storage environment. The Storage Foundation Web GUI provides a mechanism that allows an improved level of data management over mechanisms. What is this mechanism?

An incident response team has determined that multiple incidents are resulting from the same user action of copying sensitive data to USB devices. Which action should the incident response team take to fix this issue so only one incident per action is detected?

In the administration of a large storage environment, you learn that files not only have differing usages at the times they are created, but that many type of files have individual life cycles. User files do not have a defined lifecycle. You want DST capabilities to manage these files. How does DST help address this issue?

Which two actions should an organization take when deploying Endpoint Prevent according to Symantec best practices?  (Select two.)

A compliance officer needs to understand how the company is complying with its data security policies over time. Which report should the compliance officer generate to obtain the compliance information?

A DLP administrator has determined that a Network Discover server is unable to scan a remote file server. Which action should the administrator take to successfully scan the remote file server?

What is the role of Insight within the Advanced Threat Protection (ATP) solution?

A company needs to disable USB devices on computers that are generating a number of recurring DLP incidents. It decides to implement Endpoint Lockdown using Endpoint Prevent, which integrates with Symantec Endpoint Protection Manager and Symantec Management Platform. After incidents are still detected from several agents, the company determines that a component is missing. Which component needs to be added to disable the USB devices once incidents are detected?

How would you define a template that is used in Intelligent Storage Provisioning (ISP)?

An organization has five (5) shops with a few endpoints and a large warehouse where 98% of all computers are located. The shops are connected to the warehouse using leased lines and access internet through the warehouse network. How should the organization deploy the network scanners to observe all inbound and outbound traffic based on Symantec best practices for Inline mode?

Which two are the advantages of the Logical PITCs?

While performing a disk group joins operation, you get an error "VxVM vxdg ERROR V-5-1-2866 object: Record already exists in disk group." You want to resolve this error. How should you resolve this error?

While working with volume under VxVM control, you discover that a subdisk is detached from a RAID-5 volume. Because of the failure of the disk or an uncorrectable error on the disk, you get the following error messagE. "VxVM vxio WARNING V-5-0-237 object subdisk detached from RAID-5 volume at column column offset offset" How should you resolve this error?

Which threat is an example of an Advanced Persistent Threat (APT)?

Which stage of an Advanced Persistent Threat (APT) attack do attackers map an organization's defenses from the inside?