NSK100 Dumps NSK100 Braindumps NSK100 Real Questions NSK100 Practice Test
NSK100 Actual Questions
Netskope Certified Cloud Security Administrator (NCCSA)
Certification
https://killexams.com/pass4sure/exam-detail/NSK100
You investigate a suspected malware incident and confirm that it was a false alarm.
In this scenario, how would you prevent the same file from triggering another incident?
Quarantine the file. Look up the hash at the VirusTotal website.
Export the packet capture to a pcap file.
Add the hash to the file filter.
Which two common security frameworks are used today to assess and validate a vendor's security practices? (Choose two.)
Data Science Council of America
Building Security in Maturity Model
ISO 27001
NIST Cybersecurity Framework
You have applied a DLP Profile to block all Personally Identifiable Information data uploads to Microsoft 365 OneDrive. DLP Alerts are not displayed and no OneDrive-related activities are displayed in the Skope IT App Events table.
In this scenario, what are two possible reasons for this issue? (Choose two.)
The Cloud Storage category is in the Steering Configuration as an exception.
The destination domain is excluded from decryption in the decryption policy.
A Netskope POP is not in your local country and therefore DLP policies cannot be applied.
DLP policies do not apply when using IPsec as a steering option.
A customer changes CCI scoring from the default objective score to another score. In this scenario, what would be a valid reason for making this change?
The customer has discovered a new SaaS application that is not yet rated in the CCI database.
The customer's organization places a higher business risk weight on vendors that claim ownership of their data.
The customer wants to punish an application vendor for providing poor customer service.
The customer's organization uses a SaaS application that is currently listed as "under research".
What are two use cases for Netskope's DLP solution? (Choose two.)
to stop unintentional data movement
to detect malware in files before they are uploaded to a cloud application
to detect sensitive data in password protected files
to ensure regulatory compliance
What are two uses for deploying a Netskope Virtual Appliance? (Choose two.)
as an endpoint for Netskope Private Access (NPA)
as a local reverse-proxy to secure a SaaS application
as a log parser to discover in-use cloud applications
as a Secure Forwarder to steer traffic
You are working with a large retail chain and have concerns about their customer data. You want to protect customer credit card data so that it is never exposed in transit or at rest.
In this scenario, which regulatory compliance standard should be used to govern this data?
SOC 3
PCI-DSS
AES-256
ISO 27001
You need to block all users from uploading data files into risky collaboration applications. Which element must you configure within Netskope's CASB to accomplish this task?
DLP Rule
real-time policy
DLP Profile
block notification
Which three security controls are offered by the Netskope Cloud platform? (Choose three.)
identity lifecycle management
data loss prevention for SMTP
cloud security posture management
endpoint anti-malware
threat protection
You want to use an out-of-band API connection into your sanctioned Microsoft 365 OneDrive for Business application to find sensitive content, enforce near real-time policy controls, and quarantine malware.
In this scenario, which primary function in the Netskope platform would you use to connect your application to Netskope?
DLP forensics
Risk Insights
laaS API-enabled Protection
SaaS API-enabled Protection
You need to create a service request ticket for a client-related issue using the Netskope client Ul. In this scenario, you generate the client logs by right-clicking on the system tray icon and choosing
Save logs
Configuration
Troubleshoot
Help
What are two characteristics of Netskope's Private Access Solution? (Choose two.)
It provides protection for private applications.
It provides access to private applications.
It acts as a cloud-based firewall.
It requires on-premises hardware.
You are required to mitigate malicious scripts from being downloaded into your corporate devices every time a user goes to a website. Users need to access websites from a variety of categories, including new websites.
Which two actions would help you accomplish this task while allowing the user to work? (Choose two.)
Allow the user to browse uncategorized domains but restrict edit activities.
Block malware detected on download activity for all remaining categories.
Block known bad websites and enable RBI to uncategorized domains.
Allow a limited amount of domains and block everything else.
A customer asks you to create several real-time policies. Policy A generates alerts when any user downloads, uploads, or shares files on a cloud storage application. Policy B blocks users from downloading files from any operating system (OS) other than Mac or Windows for cloud storage. In this case, policy A is least restrictive and policy B is more restrictive.
Which statement is correct in this scenario?
Policy A is implemented before policy
Policy B is implemented before policy
The policy order is not important; policies are independent of each other.
These two policies would actually not work together.
A company is attempting to steer traffic to Netskope using GRE tunnels. They notice that after the initial configuration, users cannot access external websites from their browsers.
What are three probable causes for this issue? (Choose three.)
The pre-shared key for the GRE tunnel is incorrect.
The configured GRE peer in the Netskope platform is incorrect.
The corporate firewall might be blocking GRE traffic.
The route map was applied to the wrong router interface.
Netskope does not support GRE tunnels.
What are two fundamental differences between the inline and API implementation of the Netskope platform? (Choose two.)
The API implementation can be used with both sanctioned and unsanctioned applications.
The API implementation can only be used with sanctioned applications.
The inline implementation can effectively block a transaction in both sanctioned and unsanctioned applications.
The inline implementation can only effectively block a transaction in sanctioned applications.
Your company asks you to obtain a detailed list of all events from the last 24 hours for a specific user. In this scenario, what are two methods to accomplish this task? (Choose two.)
Use the Netskope reporting engine.
Export the data from Skope IT Application Events.
Use the Netskope REST AP
Export the data from Skope IT Alerts.
Why would you want to define an App Instance?
to create an API Data Protection Policy for a personal Box instance
to differentiate between an enterprise Google Drive instance vs. a personal Google Drive instance
to enable the instance_id attribute in the advanced search field when using query mode
to differentiate between an enterprise Google Drive instance vs. an enterprise Box instance
You want to enable Netskope to gain visibility into your users' cloud application activities in an inline mode. In this scenario, which two deployment methods would match your inline use case? (Choose two.)
Use a forward proxy.
Use an API connector
Use a log parser.
Use a reverse proxy.
Which two cloud security and infrastructure enablement technologies does Secure Access Service Edge (SASE) combine into its unified platform? (Choose two.)
Distributed Denial of Service Protection (DDoS)
Zero Trust Network Access (ZTNA)
Cloud Access Security Broker (CASB)
Unified Threat Management (UTM)