Winter Special - Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: top65certs

Free and Premium Netskope NSK200 Dumps Questions Answers

Page: 1 / 7
Total 93 questions

Netskope Certified Cloud Security Integrator (NCCSI) Questions and Answers

Question 1

Review the exhibit.

What is the purpose of the configuration page shown Ii the exhibit?

Options:

A.

to provision a Netskope client using SCCM

B.

to allow users to authenticate against the proxy

C.

to onboard Active Directory users to a Netskope tenant

D.

to enforce administrative role-based access

Buy Now
Question 2

Your customer has deployed the Netskope client to secure their Web traffic. Recently, they have enabled Cloud Firewall (CFW) to secure all outbound traffic for their endpoints. Through a recent acquisition, they must secure all outbound traffic at several remote offices where they have access to the local security stack (routers and firewalls). They cannot install the Netskope client.

Options:

A.

They can configure Reverse Proxy integrated with their IdP.

B.

They can deploy Netskope’s DPOP to steer the targeted traffic to the Netskope Security Cloud.

C.

They can use IPsec and GRE tunnels with Cloud Firewall.

D.

They can secure the targeted outbound traffic using Netskope’s Cloud Threat Exchange (CTE).

Question 3

You notice that your Netskope client icon has a red dot and see "Disabled due to error" when hovering the mouse over the icon. What are two reasons for this message? (Choose two.)

Options:

A.

The client service is manually stopped.

B.

The steering exceptions are incorrect.

C.

The client health check has failed.

D.

The client traffic is directed over iPsec.

Question 4

What is the purpose of the file hash list in Netskope?

Options:

A.

It configures blocklist and allowlist entries referenced in the custom Malware Detection profiles.

B.

It is used to allow and block URLs.

C.

It provides the file types that Netskope can inspect.

D.

It provides Client Threat Exploit Prevention (CTEP).

Question 5

Your company needs to keep quarantined files that have been triggered by a DLP policy. In this scenario, which statement Is true?

Options:

A.

The files are stofed remotely In your data center assigned In the Quarantine profile.

B.

The files are stored In the Netskope data center assigned in the Quarantine profile.

C.

The files are stored In the Cloud provider assigned In the Quarantine profile.

D.

The files are stored on the administrator console PC assigned In the Quarantine profile.

Question 6

Your customer implements Netskope Secure Web Gateway to secure all Web traffic. While they have created policies to block certain categories, there are many new sites available dally that are not yet categorized. The customer's users need quick access and cannot wait to put in a request to gain access requiring a policy change or have the site's category changed.

To solve this problem, which Netskope feature would provide quick, safe access to these types of sites?

Options:

A.

Netskope Cloud Firewall (CFW)

B.

Netskope Remote Browser Isolation (RBI)

C.

Netskope Continuous Security Assessment (CSA)

D.

Netskope SaaS Security Posture Management (SSPM)

Question 7

Review the exhibit.

Referring to the exhibit, which three statements are correct? (Choose three.)

Options:

A.

The request was processed successfully.

B.

A request was submitted to extract application event details.

C.

An invalid token was used.

D.

The request was limited to the first 5000 records.

E.

The request was confined to only the "Professional Networking and Social" category.

Question 8

You discover the ongoing use of the native Dropbox client in your organization. Although Dropbox is not a corporate-approved application, you do not want to prevent the use of Dropbox. You do, however, want to ensure visibility into its usage.

Options:

A.

Change Windows and Mac steering exception actions to use Tunnel mode and set Netskope as the source IP address for SSO services.

B.

Modify the existing tenant steering exception configuration to block the Dropbox native application to force users to use the Dropbox website.

C.

Remove all Dropbox entries from the tenant steering SSL configuration entirely.

D.

Create a new tenant steering exception type of Destination Locations that contains the Dropbox application.

Question 9

You want the ability to perform automated remediation of misconfigurations on GitHub, Microsoft 365, Salesforce, ServiceNow, and Zoom.

Options:

A.

Netskope Infrastructure as a Service

B.

Netskope Remote Browser Isolation

C.

Netskope Cloud Firewall

D.

Netskope SaaS Security Posture Management

Question 10

After deploying the Netskope client to a number of devices, users report that the Client status indicates "Admin Disabled". User and gateway information is displayed correctly in the client configuration dialog

Why are clients installing in an "Admin Disabled" state in this scenario?

Options:

A.

All devices were previously disabled by the administrator.

B.

The user's identity is not synchronized to Netskope.

C.

The user's password was incorrect during enrollment.

D.

The user's account has no mail ID attribute In Active Directory.

Question 11

Review the exhibit.

While diagnosing an NPA connectivity issue, you notice an error message in the Netskope client logs.

Referring to the exhibit, what does this error represent?

Options:

A.

The Netskope client has been load-balanced to a different data center.

B.

The primary publisher is unavailable or cannot be reached.

C.

There Is an EDNS or LDNS resolution error.

D.

There Is an upstream device trying to intercept the NPA TLS connection.

Question 12

Review the exhibit.

You want to discover new cloud applications in use within an organization.

Referring to the exhibit, which three methods would accomplish this task? (Choose three.)

Options:

A.

Set up API-enabled Protection instances for SaaS applications.

B.

Deploy an On-Premises Log Parser (OPLP).

C.

Use forward proxy steering methods to direct cloud traffic to Netskope

D.

View "All Apps" within the Cloud Confidence Index (CCI) In the Netskope Ul.

E.

Upload firewall or proxy logs directly into the Netskope platform.

Question 13

You are testing policies using the DLP predefined identifier "Card Numbers (Major Networks; all)." No DLP policy hits are observed.

Options:

A.

You must use Netskope API protection.

B.

Your data must have valid credit card numbers.

C.

You must normalize credit card numbers to 16-digit consecutive numbers.

D.

You must use the Netskope client to perform advanced DLP and optical character recognition.

Question 14

A customer wants to deploy the Netskope client on all their employee laptops to protect all Web traffic when users are working from home. However, users are required to work from their local offices at least one day per week. Management requests that users returning to the office be able to transparently leverage the local security stack without any user intervention.

Which two statements are correct in this scenario? (Choose two.)

Options:

A.

You must enable On-premises Detection in the client configuration.

B.

You must allow users to unenroll In the client configuration.

C.

You must disable Dynamic Steering in the traffic steering profile.

D.

You must configure IPsec/GRE tunnels on the local network to steer traffic to Netskope.

Question 15

You want to reduce false positives by only triggering policies when contents of your customer database are uploaded to Dropbox. Your maximum database size is 2 MB. In this scenario, what are two ways to accomplish this task? (Choose two.)

Options:

A.

Upload the .csv export lo the Netskope tenant DLP rules section to create an exact match hash.

B.

Use the Netskope client to upload the .csv export to the Netskope management plane DLP container.

C.

Send the .csv export to Netskope using a support ticket with the subject, "create exact match hash".

D.

Use a Netskope virtual appliance to create an exact match hash.

Question 16

You created the Netskope application in your IdP for user provisioning and validated that the API Integration settings are correct and functional. However, you are not able to push the user groups from the IdP into your Netskope tenant.

Options:

A.

The IdP group contains active users, as well as one or more deactivated users.

B.

The IdP does not have Create User permissions.

C.

You do not have enough users assigned to the IdP group.

D.

You failed to push the IdP users before attempting to push the IdP groups.

Question 17

A customer wants to use Netskope to prevent PCI data from leaving the corporate sanctioned OneDrive instance. In this scenario. which two solutions would assist in preventing data exfiltration? (Choose two.)

Options:

A.

API Data Protection

B.

Cloud Firewall (CFW)

C.

SaaS Security Posture Management (SSPM)

D.

Real-time Protection

Question 18

Your customer has some managed Windows-based endpoints where they cannot add any clients or agents. For their users to have secure access to their SaaS application, you suggest that the customer use Netskope's Explicit Proxy.

Which two configurations are supported for this use case? (Choose two.)

Options:

A.

Endpoints can be configured to directly use the Netskope proxy.

B.

Endpoints must have separate steering configurations in the tenant settings.

C.

Endpoints must be configured in the device section of the tenant to interoperate with all proxies.

D.

Endpoints can be configured to use a Proxy Auto Configuration (PAC) file.

Question 19

A city uses many types of forms, including permit applications. These forms contain personal and financial information of citizens. Remote employees download these forms and work directly with the citizens to complete them. The city wants to be able to identify and monitor the specific forms and block the employees from downloading completed forms.

Which feature would you use to accomplish this task?

Options:

A.

exact data match (EDM)

B.

regular expressions (regex)

C.

document fingerprinting

D.

optical character recognition (OCR)

Question 20

Your customer is using a virtual desktop infrastructure (VDI) for their support engineers. Multiple users will be logging into the same device, and they want to detect activities for each user.

Options:

A.

Install Netskope client in default mode and enable DTLS.

B.

Install Netskope client and create a separate steering configuration for each user.

C.

Install Netskope client in peruserconfig mode.

D.

Install Netskope client and create a separate device configuration for each user.

Question 21

You are an administrator writing Netskope Real-time Protection policies and must determine proper policy ordering.

Which two statements are true in this scenario? (Choose two.)

Options:

A.

You must place DLP policies at the bottom.

B.

You do not need to create an "allow all" Web Access policy at the bottom.

C.

You must place Netskope private access malware policies in the middle.

D.

You must place high-risk block policies at the top.

Question 22

You are integrating Netskope tenant administration with an external identity provider. You need to implement role-based access control. Which two statements are true about this scenario? (Choose two.)

Options:

A.

The roles you want to assign must be present in the Netskope tenant.

B.

You do not need to define the administrators locally in the Netskope tenant after It Is integrated with IdP.

C.

You need to define the administrators locally in the Netskope tenant.

D.

Once integrated with IdP. you must append the "locallogin" URL to log in using IdP

Question 23

Review the exhibit.

A security analyst needs to create a report to view the top five categories of unsanctioned applications accessed in the last 90 days. Referring to the exhibit, what are two data collections in Advanced Analytics that would be used to create this report? (Choose two.)

Options:

A.

Alerts

B.

Application Events

C.

Page Events

D.

Network Events

Question 24

Your company wants to deploy Netskope using a tunnel because you have a mixture of device operating systems. You also do not want to enable encryption because you want to maximize bandwidth.

Options:

A.

explicit proxy

B.

IPsec

C.

proxy chaining

D.

GRE

Question 25

What are three methods to deploy a Netskope client? (Choose three.)

Options:

A.

Deploy Netskope client using SCCM.

B.

Deploy Netskope client using REST API v2.

C.

Deploy Netskope client using email invite.

D.

Deploy Netskope client using REST API v1.

E.

Deploy Netskope client using IdP.

Question 26

You are troubleshooting private application access from a user's computer. The user is complaining that they cannot access the corporate file share; however, the private tunnel seems to be established. You open the npadebuglog.log file in a text editor and cannot find any reference to the private application.

Options:

A.

The absence of npadebuglog.log entries is not significant.

B.

File shares cannot be published using private access.

C.

The user is not added to the required real-time policy.

D.

The user needs to re-authenticate for private applications.

Question 27

To which three event types does Netskope's REST API v2 provide access? (Choose three.)

Options:

A.

application

B.

alert

C.

client

D.

infrastructure

E.

user

Page: 1 / 7
Total 93 questions