11.11 Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: 70special

Netskope NSK200 Netskope Certified Cloud Security Integrator (NCCSI) Exam Practice Test

Page: 1 / 9
Total 93 questions

Netskope Certified Cloud Security Integrator (NCCSI) Questions and Answers

Testing Engine

  • Product Type: Testing Engine
$36  $119.99

PDF Study Guide

  • Product Type: PDF Study Guide
$31.5  $104.99
Question 1

Review the exhibit.

You are at the Malware Incident page. A virus was detected by the Netskope Heuristics Engine. Your security team has confirmed that the virus was a test data file You want to allow the security team to use this file

Referring to the exhibit, which two statements are correct? (Choose two.)

Options:

A.

Click the "Add To File Filter button to add the IOC to a file list.

B.

Contact the CrowdStrike administrator to have the file marked as safe.

C.

Click the ''Lookup VirusTotal" button to verify if this IOC is a false positive.

D.

Create a malware detection profile and update the file hash list with the IOC.

Question 2

A company allows their users to access OneDrive on their managed laptops. It is against corporate policy to upload any documents to their personal OneDrive. The company needs to enforce this policy to protect their customer’s sensitive data.

What are two ways to enforce this policy? (Choose two.)

Options:

A.

Create DLP policies to block the upload of all the identified documents.

B.

Create DLP policies to allow document uploading only to the corporate OneDrive instance.

C.

Create a new application instance for the corporate OneDrive.

D.

Fingerprint all the documents to have a catalog of all the documents that the company needs to protect.

Question 3

You want to prevent a document stored in Google Drive from being shared externally with a public link. What would you configure in Netskope to satisfy this requirement?

Options:

A.

Threat Protection policy

B.

API Data Protection policy

C.

Real-time Protection policy

D.

Quarantine

Question 4

You have created a specific Skope IT application events query and want to have the query automatically run and display the results every time you log into your tenant.

Which two statements are correct in this scenario? (Choose two.)

Options:

A.

Add the Watchlist widget from the library to your home page.

B.

Export a custom Skope IT watchlist to a report and then schedule it to run daily.

C.

Save a custom Skope IT watchlist, then manage filters and share with others.

D.

Add your Skope IT query to a custom watchlist.

Question 5

Your organization has a homegrown cloud application. You are required to monitor the activities that users perform on this cloud application such as logins, views, and downloaded files. Unfortunately, it seems Netskope is unable to detect these activities by default.

How would you accomplish this goal?

Options:

A.

Enable access to the application with Netskope Private Access.

B.

Ensure that the cloud application is added as a steering exception.

C.

Ensure that the application is added to the SSL decryption policy.

D.

Create a new cloud application definition using the Chrome extension.

Question 6

You want to provide malware protection for all cloud storage applications.

In this scenario, which action would accomplish this task?

Options:

A.

Create a real-time threat protection policy with a category of Cloud Storage.

B.

Apply a data protection profile.

C.

Apply a CTEP profile.

D.

Create an API threat protection policy with a category of Cloud Storage.

Question 7

Your company wants to deploy Netskope using a tunnel because you have a mixture of device operating systems. You also do not want to enable encryption because you want to maximize bandwidth.

Options:

A.

explicit proxy

B.

IPsec

C.

proxy chaining

D.

GRE

Question 8

Your company needs to keep quarantined files that have been triggered by a DLP policy. In this scenario, which statement Is true?

Options:

A.

The files are stofed remotely In your data center assigned In the Quarantine profile.

B.

The files are stored In the Netskope data center assigned in the Quarantine profile.

C.

The files are stored In the Cloud provider assigned In the Quarantine profile.

D.

The files are stored on the administrator console PC assigned In the Quarantine profile.

Question 9

Netskope is being used as a secure Web gateway. Your organization's URL list changes frequently. In this scenario, what makes It possible for a mass update of the URL list in the Netskope platform?

Options:

A.

REST API v2

B.

Assertion Consumer Service URL

C.

Cloud Threat Exchange

D.

SCIM provisioning

Question 10

Your company has Microsoft Azure ADFS set up as the Identity Provider (idP). You need to deploy the Netskope client to all company users on Windows laptops without user intervention.

In this scenario, which two deployment options would you use? (Choose two.)

Options:

A.

Deploy the Netskope client with SCCM.

B.

Deploy the Netskope client with Microsoft GPO.

C.

Deploy the Netskope client using IdP.

D.

Deploy the Netskope client using an email Invitation.

Question 11

An engineering firm is using Netskope DLP to identify and block sensitive documents, including schematics and drawings. Lately, they have identified that when these documents are blocked, certain employees may be taking screenshots and uploading them. They want to block any screenshots from being uploaded.

Which feature would you use to satisfy this requirement?

Options:

A.

exact data match (EDM)

B.

document fingerprinting

C.

ML image classifier

D.

optical character recognition (OCR)

Question 12

The risk team at your company has determined that traffic from the sales team to a custom Web application should not be inspected by Netskope. All other traffic to the Web application should continue to be inspected. In this scenario, how would you accomplish this task?

Options:

A.

Create a Do Not Decrypt Policy using User Group and Domain in the policy page.

B.

Create a Do Not Decrypt Policy using Application in the policy page and a Steering Exception for Group

C.

Create a Do Not Decrypt Policy using Destination IP and Application in the policy page.

D.

Create a Do Not Decrypt Policy using Source IP and Application in the policy page.

Question 13

Your company asks you to use Netskope to integrate with Endpoint Detection and Response (EDR) vendors such as CrowdStrike. In this scenario, what is a requirement for a successful Integration and sharing of threat data?

Options:

A.

API Client ID

B.

device classification

C.

custom log parser

D.

user endpoint

Question 14

You are testing policies using the DLP predefined identifier "Card Numbers (Major Networks; all)." No DLP policy hits are observed.

Options:

A.

You must use Netskope API protection.

B.

Your data must have valid credit card numbers.

C.

You must normalize credit card numbers to 16-digit consecutive numbers.

D.

You must use the Netskope client to perform advanced DLP and optical character recognition.

Question 15

You are implementing tenant access security and governance controls for privileged users. You want to start with controls that are natively available within the Netskope Cloud Security Platform and do not require external or third-party integration.

Which three access controls would you use in this scenario? (Choose three.)

Options:

A.

IP allowlisting to control access based upon source IP addresses.

B.

Login attempts to set the number of failed attempts before the admin user is locked out of the Ul.

C.

Applying predefined or custom roles to limit the admin's access to only those functions required for their job.

D.

Multi-factor authentication to verify a user's authenticity.

E.

History-based access control based on past security actions.

Question 16

Your learn is asked to Investigate which of the Netskope DLP policies are creating the most incidents. In this scenario, which two statements are true? (Choose two.)

Options:

A.

The Skope IT Applications tab will list the top five DLP policies.

B.

You can see the top Ave DLP policies triggered using the Analyze feature

C.

You can create a report using Reporting or Advanced Analytics.

D.

The Skope IT Alerts tab will list the top five DLP policies.

Question 17

Which statement describes how Netskope's REST API, v1 and v2, handles authentication?

Options:

A.

Both REST API v1 and v2 require the use of tokens to make calls to the API

B.

Neither REST API v1 nor v2 require the use of tokens.

C.

REST API v2 requires the use of a token to make calls to the API. while API vl does not.

D.

REST API v1 requires the use of a token to make calls to the API. while API v2 does not.

Question 18

Your customer is using a virtual desktop infrastructure (VDI) for their support engineers. Multiple users will be logging into the same device, and they want to detect activities for each user.

Options:

A.

Install Netskope client in default mode and enable DTLS.

B.

Install Netskope client and create a separate steering configuration for each user.

C.

Install Netskope client in peruserconfig mode.

D.

Install Netskope client and create a separate device configuration for each user.

Question 19

You are using Skope IT to analyze and correlate a security incident. You are seeing too many events generated by API policies. You want to filter for logs generated by the Netskope client only.

Options:

A.

Use the access_method filter and select Client from the dropdown menu.

B.

Use the access_method filter and select Tunnel from the dropdown menu.

C.

Use the access_method filter and select Logs from the dropdown menu.

D.

Use query mode and use access_method neq Client.

Question 20

Your company wants to know if there has been any unusual user activity. In the UI, you go to Skope IT -> Alerts.

Which two types of alerts would you filter to find this information? (Choose two.)

Options:

A.

Alert type = uba

B.

Alert type = anomaly

C.

Alert type = malware

D.

Alert type = policy

Question 21

Netskope support advised you to enable DTLS for belter performance. You added firewall rules to allow UDP port 443 traffic. These settings are part of which configuration element when enabled in the Netskope tenant?

Options:

A.

Real-time Protection policies

B.

SSL decryption policies

C.

steering configuration

D.

client configuration

Question 22

Which statement describes a requirement for deploying a Netskope Private Application (NPA) Publisher?

Options:

A.

The publisher must be deployed in a public cloud environment, such as AWS.

B.

The publisher must be deployed in a private data center.

C.

The publisher must be deployed on the network where the private application will be accessed.

D.

The publisher's name must match the name of the application process that it will access.

Question 23

Your customer is migrating all of their applications over to Microsoft 365 and Azure. They have good practices and policies in place (or their inline traffic, but they want to continuously detect reconfigurations and enforce compliance standards.

Which two solutions would satisfy their requirements? (Choose two.)

Options:

A.

Netskope SaaS Security Posture Management

B.

Netskope Cloud Confidence Index

C.

Netskope Risk Insights

D.

Netskope Continuous Security Assessment

Question 24

You have deployed a development Web server on a public hosting service using self-signed SSL certificates. After some troubleshooting, you determined that when the Netskope client is enabled, you are unable to access the Web server over SSL. The default Netskope tenant steering configuration is in place.

In this scenario, which two settings are causing this behavior? (Choose two.)

Options:

A.

SSL pinned certificates are blocked.

B.

Untrusted root certificates are blocked.

C.

Incomplete certificate trust chains are blocked.

D.

Self-signed server certificates are blocked.

Question 25

Review the exhibit.

Your Real-time Protection policy contains some rules with only a browse activity. The exhibit shows a new policy rule.

Where is the correct location to place this rule?

Options:

A.

at the bottom

B.

before browse activity

C.

after browse activity

D.

at the top

Question 26

Review the exhibit.

add log-upload syslogng parserconfig set log-upload syslogng parserconfig 0

logsource <log-source>

You are asked to deploy a virtual appliance OPLP to accept syslog messages directly from the enterprise Palo Alto Networks firewall. You believe that you have configured the OPLP to accept the firewall logs, yet they are not appearing in Risk Insights. Referring to the exhibit, which parser name would be required to complete the new configuration?

Options:

A.

panw-syslog

B.

sfwder

C.

custom-csv

D.

squid

Question 27

You are troubleshooting private application access from a user's computer. The user is complaining that they cannot access the corporate file share; however, the private tunnel seems to be established. You open the npadebuglog.log file in a text editor and cannot find any reference to the private application.

Options:

A.

The absence of npadebuglog.log entries is not significant.

B.

File shares cannot be published using private access.

C.

The user is not added to the required real-time policy.

D.

The user needs to re-authenticate for private applications.

Page: 1 / 9
Total 93 questions