Pre-Summer Sale Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: 70track

Free Symantec 250-587 Practice Exam with Questions & Answers | Set: 2

Questions 11

A DLP administrator is checking the System Overview in the Enforce management console, and all of the detection servers are showing as “unknown”. The Vontu services are up and running on the detection servers. Thousands of .IDC files are building up in the Incidents directory on the detection servers. There is good network connectivity between the detection servers and the Enforce server when testing with the telnet command.

How should the administrator bring the detection servers to a running state in the Enforce management console?

Options:
A.

Restart the Vontu Update Service on the Enforce server

B.

Ensure the Vontu Monitor Controller service is running in the Enforce server

C.

Delete all of the .BAD files in the Incidents folder on the Enforce server

D.

Restart the Vontu Monitor Service on all the affected detection servers

Symantec 250-587 Premium Access
Questions 12

Which two factors are common sources of data leakage where the main actor is well-meaning insider? (Choose two.)

Options:
A.

An absence of a trained incident response team

B.

A disgruntled employee for a job with a competitor

C.

Merger and Acquisition activities

D.

Lack of training and awareness

E.

Broken business processes

Questions 13

Which of the following would have to be a custom attribute (and not an out-of -the-box system attribute) in incident snapshots?

Options:
A.

Network Prevent Action

B.

Endpoint Location

C.

Employee Phone Number

D.

See Before

Questions 14

Why would an administrator set the Similarity Threshold to zero when testing and tuning a Vector Machine Learning (VML) profile?

Options:
A.

To capture the matches to the Negative set

B.

To capture the matches to the Positive set

C.

To see the entire range of potential matches

D.

To see the false negatives only

Questions 15

A DLP administrator is preparing to install Symantec DLP and has been asked to use an Oracle database provided by the Database Administration team.

Which SQL *Plus command should the administrator utilize to determine if the database is using a supported version of Oracle?

Options:
A.

select database version from < database name > ;

B.

select * from db$version;

C.

select * from v$version;

D.

select db$ver from < database name > ;

Questions 16

What detection server is used for Network Discover, Network Protect, and Cloud Storage?

Options:
A.

Network Protect Storage Discover

B.

Network Discover/Cloud Storage Discover

C.

Network Prevent/Cloud Detection Service

D.

Network Protect/Cloud Detection Service

Questions 17

Which option correctly describes the two-tier installation type for Symantec DLP?

Options:
A.

Install the Oracle database on one host, and install the Enforce server and a detection server on a second host.

B.

Install the Oracle database and Enforce server on the same host, and install detection servers on separate hosts.

C.

Install the Oracle database and a detection server on the same host, and install the Enforce server on a second host.

D.

Install the Oracle database on a local physical host, and install the Enforce server and detection servers on virtual hosts in the Cloud.

Questions 18

Why would an administrator set the Similarity Threshold to s=zero when testing and tuning a Vector Machine Learning (VML) profile?

Options:
A.

To capture the matches to the Positive set

B.

To capture the matches to the negative set

C.

To see the false negatives only

D.

To see the entire range of potential matches

Questions 19

What detection server type requires a minimum of two physical network interface cards?

Options:
A.

Network Prevent for Web

B.

Network Prevent for Email

C.

Network Monitor

D.

Cloud Detection Service (CDS)

Questions 20

A software company wants to protect its source code, including new source code created between scheduled indexing runs.

Which detection method should the company use to meet this requirement?

Options:
A.

Exact Data Matching (EDM)

B.

Described Content Matching (DCM)

C.

Vector Machine Learning (VML)

D.

Indexed Document Matching (IDM)

Exam Code: 250-587
Certification Provider: Symantec
Exam Name: Symantec Data Loss Prevention 16.x Administration Technical Specialist
Last Update: May 9, 2026
Questions: 100

How to Pass 250-587 Exams

PDF + Testing Engine
$164.99
$49.5
Add to Cart
Testing Engine
$124.99
$37.5
Add to Cart
PDF (Q&A)
$104.99
$31.5
Add to Cart

Symantec Related Exams

How to pass Symantec 250-438 - Administration of Symantec Data Loss Prevention 15 Exam
250-603 - ValueOps ConnectALL Technical Specialist
250-557 - Administration of Symantec ProxySG 7.2 with Secure Web Gateway
250-570 - Web Isolation R2 Technical Specialist
250-605 - Symantec Endpoint Protection 14.x Admin R2 Technical Specialist
250-446 - Administration of Symantec Web Security Service (WSS) - R1
250-578 - AppNeta Technical Specialist
250-426 - Administration of Data Center Security - Server Advanced 6.7
250-585 - DX NetOps 23.3.x Technical Specialist
250-584 - Symantec Web Protection R1 Technical Specialist
250-581 - Symantec Web Protection - Edge SWG R1 Technical Specialist
250-588 - Symantec Web Protection Cloud SWG R2 Technical Specialist
250-576 - Mainframe Academy Core 2 Exam V1
250-607 - Tanzu Platform Cloud Foundry v10 Technical Specialist
250-562 - TDM 4.9 Foundations Technical Specialist
Symantec Free Access
Get Symantec Full Access

Symantec Free Exams
Symantec Free Exams
Get the best free Symantec exam study materials and practice tests at Examstrack. Perfect your Symantec preparation by visiting Examstrack.