RSA Certified SE Professional in Data Loss Prevention Exam v6.0

Page:    1 / 5   
Exam contains 70 questions

Once a grid scan has started, where would you find information related to the scan start date, scan type, scan status, and events count?

  • A. The Scan tab of the RSA DLP Datacenter Grid Scan Group
  • B. The Setup tab of the RSA DLP Datacenter Grid Scan Group
  • C. The Config tab of the RSA DLP Datacenter Grid Scan Group
  • D. The History tab of the RSA DLP Datacenter Grid Scan Group


Answer : D

What are the two data detection methods used by RSA DLP?

  • A. Describing and auditing content
  • B. Fingerprinting and Marking content
  • C. Fingerprinting and auditing content
  • D. Describing and fingerprinting content


Answer : D

Describing content is best used when?

  • A. The data does not change
  • B. You are searching for binary data
  • C. You want to track specific words or phrases
  • D. You know exactly where the sensitive resides


Answer : C

Which of the RSA DLP products can scan for document actions?

  • A. RSA DLP Network
  • B. RSA DLP Endpoint
  • C. RSA DLP Endpoint and Network
  • D. RSA DLP Datacenter and Network


Answer : B

Which of the following statements is correct concerning new blank policies in RSA DLP?

  • A. New policies are enabled by default.
  • B. New policies can only have three content blades configured.
  • C. New policies have automatic remediation set to block by default.
  • D. New policies have no content blades associated with them by default.


Answer : D

What is the correct action to take if you receive a warning message from the RSA DLP
Policy Manager after saving a policy?

  • A. Ignore the warning
  • B. Delete and re-create the policy
  • C. Reboot the RSA DLP Enterprise Manager
  • D. Verify that the content blades used in the policy are enabled


Answer : D

In a situation where the RSA DLP Enterprise Manager fails to respond, one solution is to verify that the Enterprise Manager Service is running. What is the name of this service?

  • A. EM Starter
  • B. DLP EM Init
  • C. RSA DLP Init
  • D. RSA DLP Enterprise Manager


Answer : D

Which directory on an RSA DLP Network Controller appliance acts as the base location for configuration and status information?

  • A. /etc/bin
  • B. /opt/rsa/sensor
  • C. /opt/rsa/controller
  • D. /opt/bin/controller


Answer : C

What is the first step to take if you believe that incidents that should be displayed within the
RSA DLP Enterprise Manager are not being displayed?

  • A. Reboot the Enterprise Manager
  • B. Reboot all RSA DLP Network appliances
  • C. Stop and start the Enterprise Manager services
  • D. Verify that the policy responsible for generating the incidents is enabled


Answer : D

What is the location of the base log directory for an RSA DLP Network Interceptor?

  • A. /etc/log
  • B. /opt/bin/log
  • C. /etc/interceptor/log
  • D. /opt/rsa/interceptor/log


Answer : D

When creating a new policy within the RSA DLP Enterprise Manager what step must be taken for the policy to take effect?

  • A. Perform a database grid scan
  • B. Reboot the Enterprise Manager
  • C. Restart the RSA DLP Enterprise Manager services
  • D. Enable the policy for each of the RSA DLP products to which you want to apply the policy


Answer : D

Which tool can be used to verify that packets are being seen by the analysis card of an
RSA DLP Network Sensor?

  • A. tcp
  • B. ping
  • C. netmon
  • D. tcpflowx


Answer : D

If you have verified that the policy and content blades in question are enabled, but are still not seeing events when you expect to, what would be the next logical step to take?

  • A. Re-create the policy
  • B. Re-create the content blades
  • C. Restart the Enterprise Manager services
  • D. Verify that the user you are logged in to the RSA DLP Enterprise Manager has permission to view the events


Answer : D

What is the major drawback to using the tcpdump command opposed to the tcpflowx command for troubleshooting RSA DLP Network problems?

  • A. The tcpdump command requires a monthly licensing fee
  • B. The tcpdump command does not provide a graphical user interface
  • C. The tcpdump command will not work with the RSA DLP Napatech card
  • D. The tcpdump command process packets slower than the tcpflowx command


Answer : C

Which statement is correct concerning the default search behavior of the RSA DLP
Enterprise Manager when displaying incidents and events?

  • A. By default, the Enterprise Manager displays only DLP Network incidents
  • B. By default, the Enterprise Manager does not display any incidents or events
  • C. By default, the Enterprise Manager displays all incidents and events, regardless of login ID
  • D. By default, the Enterprise Manager only displays incidents and events that are assigned to the login ID of the user currently logged in


Answer : D

Page:    1 / 5   
Exam contains 70 questions

Talk to us!


Have any questions or issues ? Please dont hesitate to contact us

Certlibrary doesn't offer Real Microsoft Exam Questions.
Certlibrary Materials do not contain actual questions and answers from Cisco's Certification Exams.
CFA Institute does not endorse, promote or warrant the accuracy or quality of Certlibrary. CFA® and Chartered Financial Analyst® are registered trademarks owned by CFA Institute.