Winter Sale - Special Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: dpt65

NSK101 Questions and Answers

Question # 6

In which two scenarios would you use SD-WAN technology? (Choose two.)

A.

to differentiate between corporate and personal SaaS applications

B.

to optimize utilization and performance across multiple Internet connections

C.

to ensure a user's corporate laptop has all of the required security compliance software in place

D.

to replace dedicated MPLS connections with multiple broadband WAN and mobile options

Full Access
Question # 7

Why would you want to define an App Instance?

A.

to create an API Data Protection Policy for a personal Box instance

B.

to differentiate between an enterprise Google Drive instance vs. a personal Google Drive instance

C.

to enable the instance_id attribute in the advanced search field when using query mode

D.

to differentiate between an enterprise Google Drive instance vs. an enterprise Box instance

Full Access
Question # 8

A customer is considering the cloud shared responsibility model.

In this scenario, which two criteria become the customer's responsibility? (Choose two.)

A.

controlling access

B.

third-party certification

C.

enforcing service level agreements

D.

preventing data leakage

Full Access
Question # 9

Your organization has implemented Netskope Private Access (NPA) for all users. Users from the European region are reporting that they are unable to access many of their applications. You suspect that the publishers for the European data center may be disconnected and you want to verify the Publishers' status.

Which two methods describe how you would accomplish this task? (Choose two.)

A.

Use the Status field on the Publishers page.

B.

Use the Network Events page in

C.

Use the Netskope Private Access Troubleshooter.

D.

Use the Private Apps page in

Full Access
Question # 10

What are two uses for deploying a Netskope Virtual Appliance? (Choose two.)

A.

to use as a log parser to discover in-use cloud applications

B.

to use as a local reverse proxy to secure a SaaS application

C.

to use as an endpoint for Netskope Private Access (NPA)

D.

to use as a secure way to generate Exact Data Match hashes

Full Access
Question # 11

Which three statements are correct about Netskope's NewEdge Security Cloud Network Infrastructure? (Choose three.)

A.

It takes advantage of the public cloud by deploying security services on Google Cloud Platform.

B.

It includes direct peering with Microsoft and Google in every data center.

C.

It is a private security cloud network that is massively over provisioned, highly elastic, and built for scale.

D.

It delivers a single, unified network with no surcharges or reliance on public cloud infrastructure or virtual PoPs.

E.

It simplifies the administrator's job by limiting access to pre-defined availability zones.

Full Access
Question # 12

Click the Exhibit button.

You configured a set of Cloud Firewall policies as shown in the exhibit and changed your Steering Configuration to All Traffic for Group A and Group B. Users in Group A report that they are unable to access a third-party server using TCP port 3389. Referring to the exhibit, which action correctly describes how you would allow these connections without allowing unnecessary access?

A.

Add Group A to the Group B Allow policy.

B.

Create an Allow policy using a custom application including the destination IP and TCP port 3389.

C.

Move the Group B Allow policy above the Group A Allow policy.

D.

Change the default action to Allow.

Full Access
Question # 13

What is a benefit that Netskope instance awareness provides?

A.

It prevents movement of corporate sensitive data to a personal Dropbox account.

B.

It prevents the user from copying information from a corporate email and pasting the information into a GitHub repository.

C.

It differentiates between an IT managed Google Drive instance versus a personal Dropbox account.

D.

It differentiates between an IT managed Google Drive instance versus a personal Google Drive instance.

Full Access
Question # 14

You consume application infrastructure (middleware) capabilities by a third-party provider. What is the cloud service model that you are using in this scenario?

A.

PaaS

B.

MaaS

C.

DaaS

D.

SaaS

Full Access
Question # 15

A user has performed a bulk delete activity. In this scenario, which Netskope feature monitors potential risky users for a malicious activity that would cause data loss?

A.

Netskope's Threat Protection inline policies

B.

Netskope's Behavior Analytics rule-based policies

C.

Netskope's API Data Protection policies

D.

Netskope's Cloud Threat Exchange integration

Full Access
Question # 16

The Netskope deployment for your organization is deployed in CASB-only mode. You want to view dropbox.com traffic but do not see it when using SkopeIT.

In this scenario, what are two reasons for this problem? (Choose two.)

A.

The Dropbox Web application is certificate pinned and cannot be steered to the Netskope tenant.

B.

The Dropbox domains have not been configured to steer to the Netskope tenant.

C.

The Dropbox desktop application is certificate pinned and cannot be steered to the Netskope tenant.

D.

The Dropbox domains are configured to steer to the Netskope tenant.

Full Access
Question # 17

What are two correct methods to gather logs from the Netskope Client? (Choose two.)

A.

From the Netskope Console in the device detail view, select Collect Log.

B.

Right-click on the Netskope task tray icon and click Save Logs...

C.

Open the Netskope Client application and click the Advanced Debugging button.

D.

Search for the systeminfo.log file in Explorer and submit the results.

Full Access
Question # 18

When comparing data in motion with data at rest, which statement is correct?

A.

Data at rest requires API integration.

B.

Data in motion requires API integration.

C.

Data at rest cannot be scanned for malware until a user opens the file.

D.

Data in motion requires the Netskope client.

Full Access
Question # 19

A new customer is concerned about performance, especially with respect to Microsoft 365. They have offices in 20 countries around the world and their workforce is mostly mobile.

In this scenario, which two statements about NewEdge would align with the customer's requirements? (Choose two.)

A.

NewEdge accurately identifies Microsoft 365 violations and data risks.

B.

NewEdge provides advanced public cloud infrastructure security.

C.

NewEdge provides direct peering with Microsoft in every data center.

D.

NewEdge delivers a single, unified network with all services available in all locations worldwide.

Full Access
Question # 20

You want to deploy Netskope's zero trust network access (ZTNA) solution, NPA. In this scenario, which action would you perform to accomplish this task?

A.

Create an OAuth identity access control between your users and your applications.

B.

Set up a reverse proxy using SAML and an identity provider.

C.

Enable Steer all Private Apps in your existing steering configuration(s) from the admin console.

D.

Configure SCIM to exchange identity information and attributes with your applications.

Full Access
Question # 21

According to Netskope. what are two preferred methods to report a URL miscategorization? (Choose two.)

A.

Use www.netskope.com/url-lookup.

B.

Use the URL Lookup page in the dashboard.

C.

Email support@netskope.com.

D.

Tag Netskope on Twitter.

Full Access
Question # 22

You need to create a service request ticket for a client-related issue using the Netskope client Ul. In this scenario, you generate the client logs by right-clicking on the system tray icon and choosing

A.

Save logs

B.

Configuration

C.

Troubleshoot

D.

Help

Full Access
Question # 23

Your company started deploying the latest version of the Netskope Client and you want to track the progress and device count using Netskope.

Which two statements are correct in this scenario? (Choose two.)

A.

Use Netskope Digital Experience Management to monitor the status.

B.

Use the Devices page under Settings to view and filter the required data.

C.

Review the Group definitions under Settings to determine the number of deployed clients.

D.

Review the Steering Configuration to determine the number of deployed clients.

Full Access
Question # 24

What are two supported ways to provision users to your customer's Netskope tenant? (Choose two.)

A.

Use Microsoft Intune.

B.

Use the AD Connector.

C.

Use SCIM.

D.

Use the Directory Importer.

Full Access
Question # 25

Your company has implemented Netskope's Cloud Firewall and requires that all FTP connections are blocked regardless of the ports being used.

Which two statements correctly identify how to block FTP access? (Choose two.)

A.

Create a Real-time Protection policy with FTP as the destination application and Block as the action.

B.

Create a Real-time Protection policy with a custom Firewall App Definition for TCP port 21 as the destination application and Block as the action.

C.

Ensure there are no Real-time Protection polices that allow FTP and change the default non-Web action to Block.

D.

Create a custom Firewall App Definition for TCP port 21 and add it to the default tenant Steering Configuration as an exception.

Full Access
Question # 26

Which Netskope platform component uses NewEdge Traffic Management for traffic steering?

A.

Cloud Exchange

B.

Client

C.

Data Plane On-Premises

D.

Explicit Proxy Over Tunnel

Full Access
Question # 27

What are two use cases for Netskope's DLP solution? (Choose two.)

A.

to stop unintentional data movement

B.

to detect malware in files before they are uploaded to a cloud application

C.

to detect sensitive data in password protected files

D.

to ensure regulatory compliance

Full Access
Question # 28

You are attempting to allow access to an application using NPA. Private Apps steering is already enabled for all users.

In this scenario, which two actions are required to accomplish this task? (Choose two.)

A.

Disable Cloud & Firewall Apps in Steering Config.

B.

Create a Real-time Protection "Allow" policy for the Private App.

C.

Create a Private App.

D.

Ensure that SSO is in place.

Full Access
Question # 29

You need to provide a quick view under the Skope IT Applications page showing only risky shadow IT cloud applications being used.

In this scenario, which two filter combinations would you use to accomplish this task? (Choose two.)

A.

Sanctioned = No

B.

CCL = High. Under Research

C.

User Device Type = Windows Device

D.

CCL = Medium. Low, Poor

Full Access
Question # 30

An administrator wants to determine to which data plane a user is traversing. In this scenario, what are two ways to accomplish this task? (Choose two.)

A.

Settings -> Security Cloud Platform -> Devices

B.

Settings -> Security Cloud Platform -> Client Configuration

C.

SkopeIT -> Alerts -> View Details

D.

System Tray -> Configuration

Full Access
Question # 31

You want to prevent Man-in-the-Middle (MITM) attacks on an encrypted website or application. In this scenario, which method would you use?

A.

Use a stronger encryption algorithm.

B.

Use certificate pinning.

C.

Use a proxy for the connection.

D.

Use a weaker encryption algorithm.

Full Access
Question # 32

Which two statements are correct about Netskope’s NewEdge Security Cloud Network Infrastructure? (Choose two.)

A.

It utilizes virtual POPs for traffic onboarding ensuring low latency.

B.

It includes direct peering with Microsoft and Google in every data center.

C.

It is a private security cloud network that is over-provisioned, elastic, and built for scale.

D.

It utilizes multiple public cloud providers for inline services ensuring high availability and elasticity.

Full Access
Question # 33

Which three components make up the Borderless SD-WAN solution? (Choose three)

A.

Endpoint SD-WAN Client

B.

SASE Orchestrator

C.

NPA Publisher

D.

SASE Gateway

E.

On-Premises Log Parser

Full Access
Question # 34

Which two technologies form a part of Netskope's Threat Protection module? (Choose two.)

A.

log parser

B.

DLP

C.

sandbox

D.

heuristics

Full Access
Question # 35

Which three technologies describe the primary cloud service models as defined by the National Institute of Standards and Technology (NIST)? (Choose three.)

A.

Cloud Service Provider (CSP)

B.

Identity as a Service (IDaaS)

C.

Platform as a Service (PaaS)

D.

Software as a Service (SaaS)

E.

Infrastructure as a Service (laaS)

Full Access
Question # 36

As an administrator, you need to configure the Netskope Admin UI to be accessible by specific IP addresses and to display a custom message after the admin users have been authenticated.

Which two statements are correct in this scenario? (Choose two.)

A.

Add the specific IP addresses on the IP Allow List.

B.

Configure and enable the Privacy Notice to display the custom message.

C.

Add the specific IP addresses on the Network Location.

D.

Enable and set the User Notification Template to display the custom message.

Full Access
Question # 37

Your company asks you to obtain a detailed list of all events from the last 24 hours for a specific user. In this scenario, what are two methods to accomplish this task? (Choose two.)

A.

Use the Netskope reporting engine.

B.

Export the data from Skope IT Application Events.

C.

Use the Netskope REST API.

D.

Export the data from Skope IT Alerts.

Full Access
Question # 38

When comparing data in motion with data at rest, which statement is correct?

A.

Data at rest cannot be scanned for malware until a user opens the file.

B.

Data in motion requires API integration.

C.

Data in motion requires the Netskope client.

D.

Data at rest requires API integration.

Full Access