Scribd Logo
Upload

Welcome to Scribd!

  • 4K views

    Dlp-Exam - Revisado

    Uploaded by

    Anonymous eoHkkVmoIN
    The document contains questions and answers about configuring and using various features of Forcepoint DLP. It addresses topics like configuring URL categories, viewing the history tab to see who completed workflow operations on an incident, using regular expressions to identify unknown strings in a specific format, using the sources and destinations dashboard to identify top violators and domains where leaks occurred, the purpose of the Tomcat component and online applications feature, and more.

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd

    Dlp-Exam - Revisado

    Uploaded by

    Anonymous eoHkkVmoIN
    4K views20 pages
    The document contains questions and answers about configuring and using various features of Forcepoint DLP. It addresses topics like configuring URL categories, viewing the history tab to see who completed workflow operations on an incident, using regular expressions to identify unknown strings in a specific format, using the sources and destinations dashboard to identify top violators and domains where leaks occurred, the purpose of the Tomcat component and online applications feature, and more.

    Original Title

    2. DLP-EXAM_REVISADO

    Copyright

    © © All Rights Reserved

    Available Formats

    DOCX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    The document contains questions and answers about configuring and using various features of Forcepoint DLP. It addresses topics like configuring URL categories, viewing the history tab to see who completed workflow operations on an incident, using regular expressions to identify unknown strings in a specific format, using the sources and destinations dashboard to identify top violators and domains where leaks occurred, the purpose of the Tomcat component and online applications feature, and more.

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Download as docx, pdf, or txt
    4K views20 pages

    Dlp-Exam - Revisado

    Uploaded by

    Anonymous eoHkkVmoIN
    The document contains questions and answers about configuring and using various features of Forcepoint DLP. It addresses topics like configuring URL categories, viewing the history tab to see who completed workflow operations on an incident, using regular expressions to identify unknown strings in a specific format, using the sources and destinations dashboard to identify top violators and domains where leaks occurred, the purpose of the Tomcat component and online applications feature, and more.

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Download as docx, pdf, or txt
    You are on page 1of 20

    PREGUNTA 1

    In order to use URL Categories in Forcepoint DLP, what must first be configured and enabled?

    RESPUESTA: Websense Linking Service

    PREGUNTA 2

    You are managing multiple Incident Responders and need to research who completed different
    workflow operations for an incident. What tab in the incident should you use while using the
    Forcepoint Security Manager?

    RESPUESTA: History
    PREGUNTA 3

    An organization has a compliance requirement to identify various unknown alphanumeric


    strings in a specific format, “123-45-6789”. Which Forcepoint DLP classifier should be used?

    RESPUESTA: Regular expressions

    PREGUNTA 4

    An administrator has been tasked to quickly identify who are the top violatiors, as well as the
    top domains, where leaks occurred within a Forcepoint DLP environment. Which dashboard
    report should the administrator use?

    RESPUESTA: Sources and Destinations


    PREGUNTA 5

    What is the name of the component on the Forcepoint Security Manager that receives
    incidents and inserts properties into the database?

    RESPUESTA: Tomcat

    PREGUNTA 6

    What is the purpose of the Forcepoint DLP Online Applications feature?

    RESPUESTA: Enable file access monitoring for URLs that match a preconfigured list.
    PREGUNTA 7

    When researching an incident with Forcepoint DLP, which tab of the incident should you view
    to see what rules were triggered?

    RESPUESTA: Rules

    PREGUNTA 8

    Before file labeling classifiers can be applied, what is the first action you must perform?

    RESPUESTA: Configure a third-party classification system


    PREGUNTA 9

    Your organization has hired an outside consulting firm to help with the release of a new
    product. While they will be working from within your corporate offices, they will not have your
    specific security software installed on their laptops. Which Forcepoint DLP endpoint encryption
    option will allow your employees to share appropriate files with the consultants via USB
    drives?

    RESPUESTA: Encrypt with user password

    PREGUNTA 10

    When creating a custom user in Forcepoint DLP, what are the two minimum attributes? (Select
    two)

    RESPUESTA:

    - Username
    - Email address
    PREGUNTA 11

    Where are transactions of the data-in-use state typically detected?

    RESPUESTA: Endpoints

    PREGUNTA 12

    Which classifier type consists exclusively of predefined classifiers?

    RESPUESTA: Scripts
    PREGUNTA 13

    What is the purpose of the Forcepoint DLP Management Server?

    RESPUESTA: To act as a central control and repository for fingerprints, policies and forensics.

    PREGUNTA 14

    When configuring Cumulative DLP logic in a rule, what is the required configuration setting on
    the Severity & Action tab?

    RESPUESTA: Accumulate matches before creating an incident.


    PREGUNTA 15

    Which action plan only applies to the endpoint channel?

    RESPUESTA: Confirm

    PREGUNTA 16

    What is a limitation of the Forcepoint DLP Quick Policies?

    RESPUESTA: They cannot apply to specific types of transactions.


    PREGUNTA 17

    You have been tasked with researching an incident involving a sent email that contained
    sensitive information regarding a project. You need to find out who the message was from,
    who it was sent to, and the exact text of the message body. Which tab of the incident in
    Forcepoint DLP should you use?

    RESPUESTA: Forensics

    PREGUNTA 18

    On which Forcepoint DLP component is an Optical Character Recognition (OCR) server


    installed?

    RESPUESTA: Supplementary DLP server


    PREGUNTA 19

    Your organization is working towards enforcing compliance with the General Data Protection
    Regulation (GDPR). Part of the enforcement includes ensuring that incident responders in the
    organization do not see information such as the sender or recipient of email addresses from
    triggered incidents. What is the name of the role-based permission setting used to achieve
    this?

    RESPUESTA: Hide source and destination

    PREGUNTA 20

    You are in the process of virtualizing all the security appliances within your corporate
    environment. In addition to ensuring that there is enough space for the core components of
    the appliances, you want to ensure that you are correctly sizing for the Forcepoint DLP
    Fingerprint Repository. What is the Forcepoint recommended maximum size for a Fingerprint
    Repository?

    RESPUESTA: 14 GB
    PREGUNTA 21

    What is a feature available with Forcepoint DLP for IP Protection that is NOT available for
    Forcepoint DLP for Compliance?

    RESPUESTA: Machine learning

    PREGUNTA 22

    What is the purpose of selecting a country when making predefined policy selections?

    RESPUESTA: To set which predefined policies appear based on regional requirements.


    PREGUNTA 23

    Which default action plan in Forcepoint DLP only applies to SMTP traffic?

    RESPUESTA: Drop Email Attachments

    PREGUNTA 24

    What are the two parts of a Forcepoint DLP Incident Envelope called?

    RESPUESTA: Incident Forensics and Incident Properties


    PREGUNTA 25

    Which Data Settings > General > Services tab selects which file labeling system to use?

    RESPUESTA: File Labeling

    PREGUNTA 26
    An administrator is unsure if a particular computer has received the latest policy updates from
    the Forcepoint Security Manager. Where in the Forcepoint Security Manager UI can this
    information be obtained?

    RESPUESTA: Endpoint Status

    PREGUNTA 27

    You have been tasked with creating an Acceptable Usage Policy (AUP) for a medical
    organization. What would be an appropriate example of an AUP?

    RESPUESTA: Do not allow doctors to send patient records off network


    PREGUNTA 28

    Which Forcepoint DLP classifier will classify data by the presence of a keyword or phrase?

    RESPUESTA: Key phrases

    PREGUNTA 29

    What is a preconfigured service for the Online Application feature in Forcepoint DLP?

    RESPUESTA: Box

    PREGUNTA 30
    What action must be used in an action plan to use the “Employee Coaching” feature on the
    Forcepoint One Endpoint?

    RESPUESTA: Confirm

    PREGUNTA 31

    Your organization is using Splunk to streamline the correlation of incidents across multiple
    security platforms. In order to have information explicitly sent there when DLP policies are
    breached, what setting should you use?

    RESPUESTA: Send Syslog message


    PREGUNTA 32

    Your organization’s CFO is travelling and is being prevented from printing a document in their
    hotel by the Forcepoint One Endpoint synchronized DLP policies. What is the DLP security
    consideration for allowing a temporary bypass to the Forcepoint One Agent?

    RESPUESTA: While the endpoint bypass is active, no content on that endpoint is analyzed and
    no content is blocked in the event of a policy violation.

    PREGUNTA 33

    An administrator wants to send a notification when a rule is triggered. Which default action
    plan accomplishes this?

    RESPUESTA: Audit and Notify


    PREGUNTA 34

    An organization has not configured any device names or serial numbers for USB drives in the
    Forcepoint Security Manager. What is the behavior when policies are applied to the removable
    media channel?

    RESPUESTA: All USB devices are monitored

    PREGUNTA 35

    What is the purpose of “Batch Operations” in Forcepoint DLP?

    RESPUESTA: They allow administrators to update or delete multiple items at once.

    PREGUNTA 36
    An administrator has created a set of policies that identifies when sensitive files are being
    copied to removable media. The policies encrypt the files with a profile key. Where would an
    administrator be able to manage the different endpoint encryption keys that exist within the
    Forcepoint DLP environment?

    RESPUESTA: Settings > Deployment > Endpoint Profiles

    PREGUNTA 37

    When considering network email transactions, what is the state of the data?

    RESPUESTA: Data-in-motion
    PREGUNTA 38

    A Forcepoint DLP Supplemental Server has been deployed with Optical Character Recognition
    (OCR) installed. In order for OCR to be used by a Policy Engine, where must the configuration
    be set in the Forcepoint Security Manager?

    RESPUESTA: Deployment > System Modules

    PREGUNTA 39

    Which action plan only applies to the network email channel?

    RESPUESTA: Quarantine

    You might also like