Summer Sale - Special 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: 70dumps

NSK300 Questions and Answers

Question # 6

You are deploying the Netskope Client in a multi-user VDI environment and need to determine the command to deploy the MSI.

Which three parameters are required in this scenario? (Choose three.)

A.

mode=peruserconfig

B.

host=

C.

installmode=IDP

D.

token=

E.

autoupdate=on

Full Access
Question # 7

You are implementing a solution to deploy Netskope for machine traffic in an AWS account across multiple VPCs. You want to deploy the least amount of tunnels while providing connectivity for all VPCs.

How would you accomplish this task?

A.

Use IPsec tunnels from the AWS Virtual Private Gateway.

B.

Use GRE tunnels from the AWS Transit Gateway.

C.

Use GRE tunnels from the AWS Virtual Private Gateway

D.

Use IPsec tunnels from the AWS Transit Gateway.

Full Access
Question # 8

You deployed IPsec tunnels to steer on-premises traffic to Netskope. You are now experiencing problems with an application that had previously been working. In an attempt to solve the issue, you create a Steering Exception in the Netskope tenant tor that application: however, the problems are still occurring

Which statement is correct in this scenario?

A.

You must create a private application to steer Web application traffic to Netskope over an IPsec tunnel.

B.

Exceptions only work with IP address destinations

C.

Steering bypasses for IPsec tunnels must be applied at your edge network device.

D.

You must deploy a PAC file to ensure the traffic is bypassed pre-tunnel

Full Access
Question # 9

You want to integrate with a third-party DLP engine that requires ICAP. In this scenario, which Netskope platform component must be configured?

A.

On-Premises Log Parser (OPLP)

B.

Secure Forwarder

C.

Netskope Cloud Exchange

D.

Netskope Adapter

Full Access
Question # 10

Given the following:

Question # 10

Which result does this Skope IT query provide?

A.

The query returns all events of user@company.com downloading or uploading to or from the site ' Amazon S3 " using the Netskope Client.

B.

The query returns all events of an IP address downloading or uploading to or from Amazon S3 using the Netskope Client.

C.

The query returns all events of everyone except user@company.com downloading or uploading to or from the site " Amazon S3 " using the Netskope Client.

D.

The query returns all events of user@company.com downloading or uploading to or from the application " Amazon S3 " using the Netskope Client.

Full Access
Question # 11

You have users connecting to Netskope from around the world You need a way for your NOC to quickly view the status of the tunnels and easily visualize where the tunnels are located. Which Netskope monitoring tool would you use in this scenario?

A.

Network Steering in Digital Experience Management

B.

Network Events in Skope IT

C.

Web Usage Summary in Advanced Analytics

D.

Alerts in Skope IT

Full Access
Question # 12

You want customers to configure Real-time Protection policies. In which order should the policies be placed in this scenario?

A.

Threat, CASB, RBI, Web

B.

RBI, CASB, Web, Threat

C.

Threat, RBI, CASB, Web

D.

CASB, RBI, Threat, Web

Full Access
Question # 13

You just deployed and registered an NPA publisher for your first private application and need to provide access to this application for the Human Resources (HR) users group only. How would you accomplish this task?

A.

1. Enable private app steering in the Steering Configuration assigned to the HR group.2. Create a new Private App.3. Create a new Real-time Protection policy as follows;Source = HR user group Destination = Private App Action = Allow

B.

1. Create a new private app and assign it to the HR user group.2. Create a new Real-time Protection policy as follows:Source = HR user group Destination = Private App Action = Allow.

C.

1. Enable private app steering in Tenant Steering Configuration.2. Create a new private app and assign it to the HR user group.

D.

1. Enable private app steering in the Steering Configuration assigned to the HR group.2. Create a new private app and assign it to the HR user group3. Create a new Real-time Protection policy as follows:Source = HR user group Destination = Private App Action = Allow

Full Access
Question # 14

Review the exhibit.

Question # 14

AcmeCorp has recently begun using Microsoft 365. The organization is concerned that employees will start using third-party non-AcmeCorp OneDrive instances to store company data. The CISO asks you to use Netskope to create a policy that ensures that no data is being uploaded to non-AcmeCorp instances of OneDrive.

Referring to the exhibit, which two policies would accomplish this posture? (Choose two.)

A.

4

B.

3

C.

2

D.

1

Full Access
Question # 15

You are the network architect for a company using Netskope Private Access. Multiple users are reporting that they are unable to access an application using Netskope Private Access that was working previously. You have verified that the Real-time Protection policy allows access to the application, private applications are steered for the users, and the application is reachable from internal machines. You must verify that the application is reachable through Netskope Publisher

In this scenario, which two tools in the Netskope UI would you use to accomplish this task? (Choose two.)

A.

Reachability Via Publisher in the App Definitions page

B.

Troubleshooter tool in the App Definitions page

C.

Applications in Skope IT

D.

Clear Private App Auth under Users in Skope IT

Full Access
Question # 16

You received a malicious file hash from a third party and you want to see all instances of the hash that have been detected by Netskope. In this scenario, which two tools show the desired information? (Choose two.)

A.

the Netskope Client logs

B.

a SIEM of your choice and Web Transactions

C.

Skope IT

D.

Netskope Advanced Analytics

Full Access
Question # 17

Your company purchased Netskope ' s Next Gen Secure Web Gateway You are working with your network administrator to create GRE tunnels to send traffic to Netskope Your network administrator has set up the tunnel, keepalives. and a policy-based route on your corporate router to send all HTTP and HTTPS traffic to Netskope. You want to validate that the tunnel is configured correctly and that traffic is flowing.

In this scenario, which two statements are correct? (Choose two.)

A.

You can use your local router or network device to verify that keepalives are being received and traffic is flowing to Netskope.

B.

You must use your own monitoring tools to verify that the tunnel is up.

C.

You can verify that the tunnel is up and receiving traffic in the Netskope UI under Settings > Security Cloud Platform > GRE.

D.

You can verify that the tunnel is up in the Netskope Trust portal at https://trust netskope.com/.

Full Access
Question # 18

You are consuming Audit Reports as part of a Salesforce API integration. Someone has made a change to a Salesforce account record field that should not have been made and you are asked to verify the previous value of the structured data field. You have the approximate date and time of the change, user information, and the new field value.

How would you accomplish this task?

A.

Create a classic report and apply a query that filters on the changed field value.

B.

Use the Application Events Data Collection within Advanced Analytics and filter on the changed field value.

C.

Query Skope IT Page Events and look for the specific Page URL that was called under the Application section.

D.

Query Skope IT for an Access Method of API Connector and search Application Event Details for the Old Value field using the User details and Edit Activity.

Full Access
Question # 19

A hospital has a patient form that they share with their patients over Gmail. The blank form can be freely shared among anyone. However, if the form has any information filled out. the document is considered confidential.

Which rule type should be used in the DLP profile to match such a document?

A.

Use fingerprint classification.

B.

Use a dictionary rule for all your patient names.

C.

Use Exact Match with patient names

D.

Use predefined DLP Rule(s) that match the patient name.

Full Access
Question # 20

You deployed the Netskope Client for Web steering in a large enterprise with dynamic steering. The steering configuration includes a bypass rule for an application that is IP restricted. What is the source IP for traffic to this application when the user is on-premises at the enterprise?

A.

Loopback IPv4

B.

Netskope data plane gateway IPv4

C.

Enterprise Egress IPv4

D.

DHCP assigned RFC1918 IPv4

Full Access
Question # 21

Users in your network are attempting to reach a website that has a self-signed certificate using a GRE tunnel to Netskope. They are currently being blocked by Netskope with an SSL error. How would you allow this traffic?

A.

Configure a Do Not Decrypt SSL Decryption rule to allow traffic to pass.

B.

Configure a Real-time Protection policy with the action set to Allow.

C.

Set the No SNI setting in Netskope to Bypass.

D.

Ensure that the users add the self-signed certificate to their local certificate store.

Full Access
Question # 22

What is a Fast Scan component of Netskope Threat Detection?

A.

Heuristic Analysis

B.

Machine Learning

C.

Dynamic Analysis

D.

Statical Analysis

Full Access
Question # 23

Your CISO asks that you to provide a report with a visual representation of the top 10 applications (by number of objects) and their risk score. As the administrator, you decide to use a Sankey visualization in Advanced Analytics to represent the data in an efficient manner.

In this scenario, which two field types are required to produce a Sankey Tile in your report? {Choose two.)

A.

Dimension

B.

Measure

C.

Pivot Ranks

D.

Period of Type

Full Access
Question # 24

Review the exhibit.

SelfSignedCert (self signed certificate in certificate chain) Blocked by SSL_SELF_SIGNED. The destination is not reachable. Contact your IT administrator with the following error.

You are the proxy administrator for a medical devices company. You recently changed a pilot group of users from cloud app steering to all Web traffic. Pilot group users have started to report that they receive the error shown in the exhibit when attempting to access the company intranet site that is publicly available. During troubleshooting, you realize that this site uses your company’s internal certificate authority for SSL certificates. Which three statements describe ways to solve this issue? (Choose three.)

A.

Create a Real-time Protection policy to allow access.

B.

Instruct the user to proceed past the error message.

C.

Bypass SSL inspection for the affected site(s).

D.

Change the SSL Error Settings from Block to Bypass in the Netskope UI.

E.

Import the root certificate for your internal certificate authority into Netskope.

Full Access