Free Forcepoint DSPM- Deploy-and-Administer Practice Exam with Questions & Answers | Set: 2

The correct selections are Revoking user permissions , Exporting reports , and Manually verifying ML classification . The Enterprise Search page is the primary file-level investigation view in Forcepoint DSPM. It lists scanned and cataloged files, allows filtering through standard filters or GQL, and provides operational actions against the returned results. Forcepoint states that Enterprise Search allows users to filter file data, save frequently used filters, customize columns, and generate meaningful reports. It also provides an EXPORT button that creates a CSV or JSON download of the filtered data.

Revoking permissions is also supported as a data-governance action. Forcepoint documents that administrators can view or modify file permissions and access rights from the file Actions menu, and supporting documentation identifies required permissions for revoke operations in Microsoft repositories.

Manual classification validation is explicitly available from the Enterprise Search hamburger menu. Forcepoint states that to adjust a file’s machine-learning classification, the user selects Manually verify classification , modifies the ML-suggested classification, and saves the change.

The incorrect choices are outside this specific Enterprise Search action set. Moving risky files to a private folder is not the standard named Enterprise Search action in this workflow, and assigned risk is not manually changed from the page. References/topics: Enterprise Search, Exporting Data, Permissions & Access Rights, Manual ML Classification Verification .

Workflow Configuration Tool → Allows the creation of GQL syntax rules with conditions for organizational files and users.

Rule-Based Automation → Establish criteria to identify data policy violations, data handling irregularities, and other anomalies.

Notification System → Triggered rules can be configured to generate alerts and send them to webhooks to ensure prompt action.

Incident Management → Review events and manage rules through cards.

Controls Orchestration in Forcepoint DSPM is the policy automation layer used to convert data-risk criteria into reviewable operational events. The Workflow Configuration Tool is represented by the rule-building interface under Policy Center > Controls Orchestration , where administrators define datasets, ownership, rule conditions, and GQL logic for organizational files, trustees, or agent activities. Forcepoint states that rules are created to identify data matching specific criteria and are applied during scans of the selected dataset.

Rule-Based Automation describes the criteria-driven detection model. Administrators establish rules that identify policy violations, data-handling irregularities, or other anomalies that require attention. Notification System maps to the ability to configure triggered rules to send external notifications, including webhook-based alerts, when matching data is detected. Incident Management maps to the Incidents workflow: Forcepoint states that each rule is automatically added as a card in the Incidents tab, and selecting the card takes the user back to the associated rule. References/topics: Policy Center, Controls Orchestration, GQL Conditions, Notifications, Webhooks, Incidents .