Symantec Data Loss Prevention 14.6: Administration (IR0996)

This course is designed to provide you with the fundamental knowledge to configure and administer the Symantec Data Loss Prevention Enforce platform.


Certified Training Course




R 17 500 p.p. (Excl. VAT)*
*Pricing may be subject to change due to exchange rate volatility.

SATV Redeemable 


Delivery Method

Classroom-based, Instructor-led with emphasis on hands-on exercises


5 days

Start time: 09:00 (Registration will commence at 08:30 on the first day)


The knowledge and skills that a learner must have before attending this course is as follows:

  • A working knowledge of Windows serverclass operating systems and commands, as well as networking and network security concepts.

Course Objectives

By the end of this course, you will be able to configure and use Symantec Data Loss Prevention 14.6.

Exam & Certifications

This course prepares students to write the Administration of Symantec Data Loss Prevention 12 Exam (Exam Code: 250-513) as part of the Symantec Certified Specialist certification path.

Symantec Certified Specialist (SCS) credentials have no expiration date. The no-expiration policy means that the value of Symantec credentials will be based on how relevant the certification’s competencies are to the IT marketplace.

Upcoming exams: Exam 250-424: Administration of Data Loss Prevention 14.6 (r has been release).

Exam Details

  • # of Questions: 70 - 80
  • Exam Duration: 105 minutes
  • Passing Score: 72%
  • Languages: English
  • Exam Price: $225 USD (or your country's currency equivalent)

Suggested Preparation

Below includes the recommended preparation to achieve this level of expertise.

  • Exam Objectives (PDF)
  • Sample Exam (PDF)
  • The study guide is targeted for those who have attended the recommended -day training course. This self-study guide summarizes the key lessons and topics in the corresponding certification exam.
  • Experience with the product through shadowing of a successful risk assessment, technical evaluation, product deployment, or six months’ experience administering DLP 12.

See Symantec’s website for more information

View Symantec exam policies

Course Topics

1. Introduction to Symantec Data Loss Prevention

  • Symantec Data Loss Prevention overview
  • Symantec Data Loss Prevention architecture

2. Navigation and Reporting

  • Navigating the user interface
  • Reporting and analysis
  • Report navigation, preferences, and features
  • Report filters
  • Report commands
  • Incident snapshot
  • Incident Data Access
  • Hands-on labs: Become familiar with navigation and toolsin the user interface. Create, filter, summarise, customise and distribute reports. Create users, roles, and attributes

3. Incident Remediation and Workflow

  • Incident remediation and workf low
  • Managing users and attributes
  • Custom attribute lookup
  • User Risk Summary
  • Hands-on labs: Remediate incidents and configure a user’s reporting preferences

4. Policy Management

  • Policy overview
  • Creating policy groups
  • Using policy templates
  • Building policies
  • Policy development best practices
  • Hands-on labs: Use policy templates and policy builder to configure and apply new policies

5. Response Rule Management

  • Response rule overview
  • Configuring Automated Response rules
  • Configuring Smart Response rules
  • Response rule best practices
  • Hands-On Labs: Create and use Automated and Smart Response rules

6. Described Content Matching

  • DCM detection methods
  • Hands-on labs: Create policies that include DCM and then use those policies to capture incidents

7. Exact Data Matching and Directory Group Matching

  • Exact data matching (EDM)
  • Advanced EDM
  • Directory group matching (DGM)
  • Hands-on labs: Create policies that include EDM and DGM, and then use those policies to capture incidents

8. Indexed Document Matching

  • Indexed document matching (IDM)
  • Hands-on labs: Create policies that include IDM rules and then use those policies to capture incidents

9. Vector Machine Learning

  • Vector Machine Learning (VML)
  • Hands-on labs: Create a VML profile, import document sets, and create a VML policy

10. Network Monitor

  • Review of Network Monitor
  • Protocols
  • Traffic filtering
  • Network Monitor best practices
  • Hands-On Labs: Apply IP and L7 filters

11. Network Prevent

  • Network Prevent overview
  • Introduction to Network Prevent (Email)
  • Introduction to Network Prevent (Web)
  • Hands-On Labs: Configure Network Prevent (E-mail) response rules, incorporate them into policies, and use the policies to capture incidents

12. Mobile Email Monitor and Mobile Prevent

  • Introduction to Mobile Email Monitor
  • Mobile Prevent overview
  • Configuration
  • VPN configuration
  • Policy and Response Rule Creation
  • Reporting and Remediation
  • Troubleshooting

13. Network Discover and Network Protect

  • Network Discover and Network Protect overview
  • Configuring Discover targets
  • Configuring Box cloud targets
  • Protecting data
  • Auto-discovery of servers and shares
  • Running and managing scans
  • Reports and remediation
  • Network Discover and Network Protect best practices
  • Hands-on labs: Create and run a file system target using various response rules, including quarantining

14. Endpoint Prevent

  • Endpoint Prevent overview
  • Detection capabilities at the Endpoint
  • Configuring Endpoint Prevent
  • Creating Endpoint response rules
  • View ing Endpoint Prevent incidents
  • Endpoint Prevent best practices
  • Managing DLP Agents
  • Hands-on labs: Create Agent Groups and Endpoint response rules, monitor and block Endpoint actions, view Endpoint incidents, and use the Enforce console to manage DLP Agents

15. Endpoint Discover

  • Endpoint Discover overview
  • Creating and running Endpoint Discover targets
  • Using Endpoint Discover reports and reporting features
  • Hands-on labs: Create Endpoint Discover targets, run Endpoint Discover targets, and view Endpoint Discover incidents

16. Enterprise Enablement

  • Preparing for risk reduction
  • Risk reduction
  • DLP Maturity model

17. System Administration

  • Server administration
  • Language support
  • Incident Deleter
  • Credential management
  • Troubleshooting
  • Diagnostic tools
  • Troubleshooting scenario
  • Getting support
  • Hands-on labs: Interpret event reports and traffic reports, configure alerts, and use the Log Collection and Configuration tool