Summer Sale - Special 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: 70dumps

NSK200 Questions and Answers

Question # 6

You are currently migrating users away from a legacy proxy to the Netskope client in the company’s corporate offices. You have deployed the client to a pilot group; however, when the client attempts to connect to Netskope, it fails to establish a tunnel.

In this scenario, what would cause this problem?

A.

The legacy proxy is intercepting SSL/TLS traffic to Netskope.

B.

The corporate firewall is blocking UDP port 443 to Netskope.

C.

The corporate firewall is blocking the Netskope EPoT address.

D.

The client cannot reach dns.google for EDNS resolution.

Full Access
Question # 7

You are asked to prevent Netskope from inspecting Google traffic while maintaining visibility. According to Netskope, what is the recommended way to accomplish this task?

A.

Create a real-time policy to block Google traffic.

B.

Create a steering exception.

C.

Add a trusted CA to allow Netskope to trust the traffic source.

D.

Create a Do Not Decrypt SSL policy for the Google traffic.

Full Access
Question # 8

You discover the ongoing use of the native Dropbox client in your organization. Although Dropbox is not a corporate-approved application, you do not want to prevent the use of Dropbox. You do, however, want to ensure visibility into its usage.

A.

Change Windows and Mac steering exception actions to use Tunnel mode and set Netskope as the source IP address for SSO services.

B.

Modify the existing tenant steering exception configuration to block the Dropbox native application to force users to use the Dropbox website.

C.

Remove all Dropbox entries from the tenant steering SSL configuration entirely.

D.

Create a new tenant steering exception type of Destination Locations that contains the Dropbox application.

Full Access
Question # 9

Which object would be selected when creating a Malware Detection profile?

A.

DLP profile

B.

File profile

C.

Domain profile

D.

User profile

Full Access
Question # 10

You have deployed a development Web server on a public hosting service using self-signed SSL certificates. After some troubleshooting, you determined that when the Netskope client is enabled, you are unable to access the Web server over SSL. The default Netskope tenant steering configuration is in place.

In this scenario, which two settings are causing this behavior? (Choose two.)

A.

SSL pinned certificates are blocked.

B.

Untrusted root certificates are blocked.

C.

Incomplete certificate trust chains are blocked.

D.

Self-signed server certificates are blocked.

Full Access
Question # 11

Your customer has some managed Windows-based endpoints where they cannot add any clients or agents. For their users to have secure access to their SaaS application, you suggest that the customer use Netskope ' s Explicit Proxy.

Which two configurations are supported for this use case? (Choose two.)

A.

Endpoints can be configured to directly use the Netskope proxy.

B.

Endpoints must have separate steering configurations in the tenant settings.

C.

Endpoints must be configured in the device section of the tenant to interoperate with all proxies.

D.

Endpoints can be configured to use a Proxy Auto Configuration (PAC) file.

Full Access
Question # 12

You are provisioning Netskope users from Okta with SCIM Provisioning, and users are not showing up in the tenant. In this scenario, which two Netskope components should you verify first In Okta for accuracy? (Choose two.)

A.

IdP Entity ID

B.

OAuth token

C.

Netskope SAML certificate

D.

SCIM server URL

Full Access
Question # 13

Review the exhibit.

Question # 13

A security analyst needs to create a report to view the top five categories of unsanctioned applications accessed in the last 90 days. Referring to the exhibit, what are two data collections in Advanced Analytics that would be used to create this report? (Choose two.)

A.

Alerts

B.

Application Events

C.

Page Events

D.

Network Events

Full Access
Question # 14

You want to reduce false positives by only triggering policies when contents of your customer database are uploaded to Dropbox. Your maximum database size is 2 MB. In this scenario, what are two ways to accomplish this task? (Choose two.)

A.

Upload the .csv export lo the Netskope tenant DLP rules section to create an exact match hash.

B.

Use the Netskope client to upload the .csv export to the Netskope management plane DLP container.

C.

Send the .csv export to Netskope using a support ticket with the subject, " create exact match hash " .

D.

Use a Netskope virtual appliance to create an exact match hash.

Full Access
Question # 15

Your company wants to know if there has been any unusual user activity. In the UI, you go to Skope IT - > Alerts.

Which two types of alerts would you filter to find this information? (Choose two.)

A.

Alert type = uba

B.

Alert type = anomaly

C.

Alert type = malware

D.

Alert type = policy

Full Access
Question # 16

Review the exhibit.

Question # 16

What is the purpose of the configuration page shown Ii the exhibit?

A.

to provision a Netskope client using SCCM

B.

to allow users to authenticate against the proxy

C.

to onboard Active Directory users to a Netskope tenant

D.

to enforce administrative role-based access

Full Access
Question # 17

Review the exhibit.

Question # 17

You are asked to restrict users from accessing YouTube content tagged as Sport. You created the required real-time policy; however, users can still access the content

Referring to the exhibit, what is the problem?

A.

The website is in a steering policy exception.

B.

The policy changes have not been applied.

C.

The YouTube content cannot be controlled.

D.

The traffic matched a Do Not Decrypt policy

Full Access
Question # 18

An engineering firm is using Netskope DLP to identify and block sensitive documents, including schematics and drawings. Lately, they have identified that when these documents are blocked, certain employees may be taking screenshots and uploading them. They want to block any screenshots from being uploaded.

Which feature would you use to satisfy this requirement?

A.

exact data match (EDM)

B.

document fingerprinting

C.

ML image classifier

D.

optical character recognition (OCR)

Full Access
Question # 19

You want to prevent a document stored in Google Drive from being shared externally with a public link.

A.

Quarantine

B.

Threat Protection policy

C.

API Data Protection policy

D.

Real-time Protection policy

Full Access
Question # 20

Which statement describes a requirement for deploying a Netskope Private Application (NPA) Publisher?

A.

The publisher must be deployed in a public cloud environment, such as AWS.

B.

The publisher must be deployed in a private data center.

C.

The publisher must be deployed on the network where the private application will be accessed.

D.

The publisher ' s name must match the name of the application process that it will access.

Full Access
Question # 21

Your IT organization is migrating its user directory services from Microsoft Active Directory to a cloud-based Identity Provider (IdP) solution, Azure AD. You are asked to adapt the Netskope user provisioning process to work with this new cloud-based IdP.

A.

Directory Importer

B.

Microsoft GPO

C.

SCIMApp

D.

Manual Import

Full Access
Question # 22

With Netskope DLP, which feature would be used to detect keywords such as " Confidential " or " Access key " ?

A.

Regular Expression

B.

Exact Match

C.

Fingerprint Classification

D.

Dictionary

Full Access
Question # 23

Review the exhibit.

Question # 23

You are asked to create a new role that allows analysts to view Events and Reports while providing user privacy. You need to avoid directly exposing identities and user location information.

Which three fields must you obfuscate in this scenario? (Choose three.)

A.

User IPs

B.

User names

C.

App names, URLs, and destination IPs

D.

File and object names

E.

Source location information

Full Access
Question # 24

What is the purpose of the file hash list in Netskope?

A.

It configures blocklist and allowlist entries referenced in the custom Malware Detection profiles.

B.

It is used to allow and block URLs.

C.

It provides the file types that Netskope can inspect.

D.

It provides Client Threat Exploit Prevention (CTEP).

Full Access
Question # 25

Review the exhibit.

Question # 25

You receive a service request from a user who indicates that their Netskope client is in a disabled state. The exhibit shows an excerpt (rom the affected client nsdebuglog.log.

What is the problem in this scenario?

A.

User authentication failed during IdP-based enrollment.

B.

The Netskope client connection is being decrypted.

C.

Custom installation parameters are incorrectly specified

D.

The user ' s account has not been provisioned into Netskope.

Full Access
Question # 26

Your company needs to keep quarantined files that have been triggered by a DLP policy. In this scenario, which statement Is true?

A.

The files are stofed remotely In your data center assigned In the Quarantine profile.

B.

The files are stored In the Netskope data center assigned in the Quarantine profile.

C.

The files are stored In the Cloud provider assigned In the Quarantine profile.

D.

The files are stored on the administrator console PC assigned In the Quarantine profile.

Full Access
Question # 27

Examine the image provided.

Question # 27

You are asked to provide the results of a cloud risk assessment to your executive team. The results must be presented visually, as well as have the ability to drill down and pivot on the data. Referring to the image, what will satisfy the requirements in this scenario?

A.

Netskope Advanced Analytics

B.

Netskope Reports

C.

Skope IT Application Events

D.

Discovered Apps in the Cloud Confidence Index (CCI)

Full Access
Question # 28

You created the Netskope application in your IdP for user provisioning and validated that the API Integration settings are correct and functional. However, you are not able to push the user groups from the IdP into your Netskope tenant.

A.

The IdP group contains active users, as well as one or more deactivated users.

B.

The IdP does not have Create User permissions.

C.

You do not have enough users assigned to the IdP group.

D.

You failed to push the IdP users before attempting to push the IdP groups.

Full Access