How should a DLP administrator exclude a custom endpoint application named custom_app.exe from being monitored by Application File Access Control?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $9.99Unlock all

Prepare for the Symantec Data Loss Prevention (DLP) Exam with targeted quizzes and detailed explanations. Boost your knowledge and confidence with our engaging study tools!

Multiple Choice

How should a DLP administrator exclude a custom endpoint application named custom_app.exe from being monitored by Application File Access Control?

Explanation:
Excluding a specific endpoint application from Application File Access Control is handled by creating a per‑app exception in the Application Monitoring Configuration and turning off all monitoring channels for that application. By adding the executable (custom_app.exe) to the monitoring configuration and deselecting every channel it uses, you tell the DLP agent not to track or enforce file-access events for that program. This keeps monitoring active for all other applications, preserving overall protection while allowing the targeted app to operate without triggering DLP actions. Disabling Application File Access Control globally would weaken protection across the board, which is not the right approach when only one app needs to be excluded. Renaming the executable is not a reliable or supported method to prevent monitoring, since the DLP system identifies processes by their genuine executable identity. Moving the application to a trusted zone doesn’t address per‑application file-access monitoring behavior and won’t guarantee exclusion from the specific file-access channels.

Excluding a specific endpoint application from Application File Access Control is handled by creating a per‑app exception in the Application Monitoring Configuration and turning off all monitoring channels for that application. By adding the executable (custom_app.exe) to the monitoring configuration and deselecting every channel it uses, you tell the DLP agent not to track or enforce file-access events for that program. This keeps monitoring active for all other applications, preserving overall protection while allowing the targeted app to operate without triggering DLP actions.

Disabling Application File Access Control globally would weaken protection across the board, which is not the right approach when only one app needs to be excluded. Renaming the executable is not a reliable or supported method to prevent monitoring, since the DLP system identifies processes by their genuine executable identity. Moving the application to a trusted zone doesn’t address per‑application file-access monitoring behavior and won’t guarantee exclusion from the specific file-access channels.

More Multiple Choice Questions
Subscribe

Get the latest from Examzify

You can unsubscribe at any time. Read our privacy policy