To secure communications between an on-prem Enforce server and cloud detection servers, which action should you take?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $9.99Unlock all

Get ready for the Symantec Data Loss Prevention Test with our quizzes. Study with flashcards and multiple choice questions, each with hints and explanations. Prepare effectively for your certification exam!

Multiple Choice

To secure communications between an on-prem Enforce server and cloud detection servers, which action should you take?

Explanation:
Securing communications between on-prem Enforce and cloud detection servers relies on encrypted channels and trusted identities established through TLS certificates. Using the built-in certificate for the Enforce server provides a trusted identity on the on-prem side, while the sslkeytool utility is used to generate and manage certificates for the cloud detection servers so they can be authenticated by Enforce during the TLS handshake. This combination creates a mutually authenticated, encrypted link, ensuring traffic cannot be intercepted or impersonated. Choosing a VPN tunnel can protect data in transit, but it doesn’t address the certificate-based trust required by DLP components to recognize and authenticate each other; it’s not the standard mechanism for this integration. Disabling TLS would leave communications unencrypted and vulnerable. Relying on self-signed certificates on both sides can cause trust issues unless you manually distribute and configure the trusted roots, which is error-prone in a cloud-on-prem setup. So, the best approach is to use the built-in Enforce certificate and generate the appropriate certificates for the detection servers with the sslkeytool utility to establish a trusted, encrypted connection.

Securing communications between on-prem Enforce and cloud detection servers relies on encrypted channels and trusted identities established through TLS certificates. Using the built-in certificate for the Enforce server provides a trusted identity on the on-prem side, while the sslkeytool utility is used to generate and manage certificates for the cloud detection servers so they can be authenticated by Enforce during the TLS handshake. This combination creates a mutually authenticated, encrypted link, ensuring traffic cannot be intercepted or impersonated.

Choosing a VPN tunnel can protect data in transit, but it doesn’t address the certificate-based trust required by DLP components to recognize and authenticate each other; it’s not the standard mechanism for this integration. Disabling TLS would leave communications unencrypted and vulnerable. Relying on self-signed certificates on both sides can cause trust issues unless you manually distribute and configure the trusted roots, which is error-prone in a cloud-on-prem setup.

So, the best approach is to use the built-in Enforce certificate and generate the appropriate certificates for the detection servers with the sslkeytool utility to establish a trusted, encrypted connection.

More Multiple Choice Questions
Subscribe

Get the latest from Examzify

You can unsubscribe at any time. Read our privacy policy