Administration of Symantec Data Loss Prevention 15

Here you have the best Symantec 250-438 practice exam questions

  • You have 70 total questions to study from
  • Each page has 5 questions, making a total of 14 pages
  • You can navigate through the pages using the buttons at the bottom
  • This questions were last updated on January 2, 2026
  • This site is not affiliated with or endorsed by Symantec.
Question 1 of 70
How should a DLP administrator change a policy so that it retains the original file when an endpoint incident has detected a `copy to USB device` operation?
Correct Answer: A

Question 2 of 70
What is the correct configuration for `BoxMonitor.Channels` that will allow the server to start as a Network Monitor server?
Correct Answer: C

Question 3 of 70
Under the `System Overview` in the Enforce management console, the status of a Network Monitor detection server is shown as `Running Selected.` The Network
Monitor server's event logs indicate that the packet capture and filereader processes are crashing.
What is a possible cause for the Network Monitor server being in this state?
Correct Answer: D

Question 4 of 70
Which two Infrastructure-as-a-Service providers are supported for hosting Cloud Prevent for Office 365? (Choose two.)
Correct Answer: B, E

Question 5 of 70
A DLP administrator has enabled and successfully tested custom attribute lookups for incident data based on the Active Directory LDAP plugin. The Chief
Information Security Officer (CISO) has attempted to generate a User Risk Summary report, but the report is empty. The DLP administrator confirms the Cisco's role has the `User Reporting` privilege enabled, but User Risk reporting is still not working.
What is the probable reason that the User Risk Summary report is blank?
Correct Answer: D