New Year Sale - Special 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: 70dumps

NSK200 Questions and Answers

Question # 6

You are comparing the behavior of Netskope's Real-time Protection policies to API Data Protection policies. In this Instance, which statement is correct?

A.

All real-time policies are enforced, regardless of sequential order, while API policies are analyzed sequentially from top to bottom and stop once a policy Is matched.

B.

Both real-time and API policies are analyzed sequentially from top to bottom and stop once a policy Is matched.

C.

All API policies are enforced, regardless of sequential order, while real-time policies are analyzed sequentially from top to bottom and stop once a policy Is matched.

D.

Both real-time and API policies are all enforced, regardless of sequential order.

Full Access
Question # 7

Review the exhibit.

You want to discover new cloud applications in use within an organization.

Referring to the exhibit, which three methods would accomplish this task? (Choose three.)

A.

Set up API-enabled Protection instances for SaaS applications.

B.

Deploy an On-Premises Log Parser (OPLP).

C.

Use forward proxy steering methods to direct cloud traffic to Netskope

D.

View "All Apps" within the Cloud Confidence Index (CCI) In the Netskope Ul.

E.

Upload firewall or proxy logs directly into the Netskope platform.

Full Access
Question # 8

Review the exhibit.

While diagnosing an NPA connectivity issue, you notice an error message in the Netskope client logs.

Referring to the exhibit, what does this error represent?

A.

The Netskope client has been load-balanced to a different data center.

B.

The primary publisher is unavailable or cannot be reached.

C.

There Is an EDNS or LDNS resolution error.

D.

There Is an upstream device trying to intercept the NPA TLS connection.

Full Access
Question # 9

Which statement describes a requirement for deploying a Netskope Private Application (NPA) Publisher?

A.

The publisher must be deployed in a public cloud environment, such as AWS.

B.

The publisher must be deployed in a private data center.

C.

The publisher must be deployed on the network where the private application will be accessed.

D.

The publisher's name must match the name of the application process that it will access.

Full Access
Question # 10

You are using Skope IT to analyze and correlate a security incident. You are seeing too many events generated by API policies. You want to filter for logs generated by the Netskope client only.

A.

Use the access_method filter and select Client from the dropdown menu.

B.

Use the access_method filter and select Tunnel from the dropdown menu.

C.

Use the access_method filter and select Logs from the dropdown menu.

D.

Use query mode and use access_method neq Client.

Full Access
Question # 11

You are configuring GRE tunnels from a Palo Alto Networks firewall to a Netskope tenant with the Netskope for Web license enabled. Your tunnel is up as seen from the Netskope dashboard. You are unable to ping hosts behind the Netskope gateway.

Which two statements are true about this scenario? (Choose two.)

A.

You need to call support to enable the GRE POP selection feature.

B.

Netskope only supports Web traffic through the tunnel.

C.

You can only ping the probe IP provided by Netskope.

D.

There is no client installed on the source hosts in your network.

Full Access
Question # 12

You are an administrator writing Netskope Real-time Protection policies and must determine proper policy ordering.

Which two statements are true in this scenario? (Choose two.)

A.

You must place Netskope private access malware policies in the middle.

B.

You do not need to create an "allow all" Web Access policy at the bottom.

C.

You must place DLP policies at the bottom.

D.

You must place high-risk block policies at the top.

Full Access
Question # 13

You want to secure Microsoft Exchange and Gmail SMTP traffic for DLP using Netskope. Which statement is true about this scenario when using the Netskope client?

A.

Netskope can inspect outbound SMTP traffic for Microsoft Exchange and Gmail.

B.

Enable Cloud Firewall to Inspect Inbound SMTP traffic for Microsoft Exchange and Gmail.

C.

Netskope can inspect inbound and outbound SMTP traffic for Microsoft Exchange and Gmail.

D.

Enable REST API v2 to Inspect inbound SMTP traffic for Microsoft Exchange and Gmail.

Full Access
Question # 14

An engineering firm is using Netskope DLP to identify and block sensitive documents, including schematics and drawings. Lately, they have identified that when these documents are blocked, certain employees may be taking screenshots and uploading them. They want to block any screenshots from being uploaded.

Which feature would you use to satisfy this requirement?

A.

exact data match (EDM)

B.

document fingerprinting

C.

ML image classifier

D.

optical character recognition (OCR)

Full Access
Question # 15

You want to prevent a document stored in Google Drive from being shared externally with a public link.

A.

Quarantine

B.

Threat Protection policy

C.

API Data Protection policy

D.

Real-time Protection policy

Full Access
Question # 16

You want to allow both the user identities and groups to be imported in the Netskope platform. Which two methods would satisfy this requirement? (Choose two.)

A.

Use System for Cross-domain Identity Management (SCIM).

B.

Use Manual Entries.

C.

Use Directory Importer.

D.

Use Bulk Upload with a CSV file.

Full Access
Question # 17

You are currently migrating users away from a legacy proxy to the Netskope client in the company’s corporate offices. You have deployed the client to a pilot group; however, when the client attempts to connect to Netskope, it fails to establish a tunnel.

In this scenario, what would cause this problem?

A.

The legacy proxy is intercepting SSL/TLS traffic to Netskope.

B.

The corporate firewall is blocking UDP port 443 to Netskope.

C.

The corporate firewall is blocking the Netskope EPoT address.

D.

The client cannot reach dns.google for EDNS resolution.

Full Access
Question # 18

Your company has many users that are remote and travel often. You want to provide the greatest visibility into their activities, even while traveling.

Using Netskope, which deployment method would be used in this scenario?

A.

Use a Netskope client.

B.

Use an IPsec tunnel.

C.

Use a GRE tunnel.

D.

Use proxy chaining.

Full Access
Question # 19

You are creating an API token to allow a DevSecOps engineer to create and update a URL list using REST API v2. In this scenario, which privilege(s) do you need to create in the API token?

A.

Provide read and write access for the "/events" endpoint.

B.

Provide read and write access for the "/urllist" endpoint.

C.

Provide only read access for the "/urllist" endpoint.

D.

Provide only write access for the "/urllist" endpoint.

Full Access
Question # 20

You are using the Netskope DLP solution. You notice flies containing test data for credit cards are not triggering DLP events when uploaded to Dropbox. There are corresponding page events. Which two scenarios would cause this behavior? (Choose two.)

A.

The Netskope client Is not steering Dropbox traffic.

B.

The DLP rule has the severity threshold set to a value higher than the number of occurrences.

C.

The credit card numbers in your test data are Invalid 16-dlglt numbers.

D.

There is no API protection configured for Dropbox.

Full Access
Question # 21

You are provisioning Netskope users from Okta with SCIM Provisioning, and users are not showing up in the tenant. In this scenario, which two Netskope components should you verify first In Okta for accuracy? (Choose two.)

A.

IdP Entity ID

B.

OAuth token

C.

Netskope SAML certificate

D.

SCIM server URL

Full Access
Question # 22

Review the exhibit.

You are asked to create a new role that allows analysts to view Events and Reports while providing user privacy. You need to avoid directly exposing identities and user location information.

Which three fields must you obfuscate in this scenario? (Choose three.)

A.

User IPs

B.

User names

C.

App names, URLs, and destination IPs

D.

File and object names

E.

Source location information

Full Access
Question # 23

Your company needs to keep quarantined files that have been triggered by a DLP policy. In this scenario, which statement Is true?

A.

The files are stofed remotely In your data center assigned In the Quarantine profile.

B.

The files are stored In the Netskope data center assigned in the Quarantine profile.

C.

The files are stored In the Cloud provider assigned In the Quarantine profile.

D.

The files are stored on the administrator console PC assigned In the Quarantine profile.

Full Access
Question # 24

Which statement describes how Netskope's REST API, v1 and v2, handles authentication?

A.

Both REST API v1 and v2 require the use of tokens to make calls to the API

B.

Neither REST API v1 nor v2 require the use of tokens.

C.

REST API v2 requires the use of a token to make calls to the API. while API vl does not.

D.

REST API v1 requires the use of a token to make calls to the API. while API v2 does not.

Full Access
Question # 25

What are three methods to deploy a Netskope client? (Choose three.)

A.

Deploy Netskope client using SCCM.

B.

Deploy Netskope client using REST API v2.

C.

Deploy Netskope client using email invite.

D.

Deploy Netskope client using REST API v1.

E.

Deploy Netskope client using IdP.

Full Access
Question # 26

Your company asks you to use Netskope to integrate with Endpoint Detection and Response (EDR) vendors such as Crowdstrike.

Which two requirements are needed for a successful integration and sharing of threat data? (Choose two.)

A.

Remediation profile

B.

Device classification

C.

API Client ID

D.

Custom log parser

Full Access
Question # 27

Review the exhibit.

Your Real-time Protection policy contains some rules with only a browse activity. The exhibit shows a new policy rule.

Where is the correct location to place this rule?

A.

at the bottom

B.

before browse activity

C.

after browse activity

D.

at the top

Full Access