How should a DLP administrator change a policy so that it retains the original file when an endpoint
incident has detected a “cope to USB device” operation?
Question No 2
What is the correct configuration for “BoxMonitor.Channels” that will allow the server to start as a
Network Monitor server?
Question No 3
Under the “System Overview” in the Enforce management console, the status of a Network Monitor
detection server is shown as “Running Selected.” The Network Monitor server’s event logs indicate
that the packet capture and filereader processes are crashing.
What is a possible cause for the Network Monitor server being in this state?
Question No 4
Which two Infrastructure - as - a - Service providers are supported for hosting Cloud Prevent for Office
365? (Choose two.)
Question No 5
A DLP administrator has enabled and successfully tested custom attribute lookups for incident data
based on the Active Directory LDAP plugin. The Chief Information Security Officer (CISO) has
attempted to generate a User Risk Summary report, but the report is empty. The DLP administrator
confirms the Cisco’s role has the “User Reporting” privilege enabled, but User Risk reporting is still
not working.
What is the probable reason that the User Risk Summary report is blank?