New Year Sale Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: pass65

NSK200 Netskope Certified Cloud Security Integrator (NCCSI) Questions and Answers

Questions 4

Your learn is asked to Investigate which of the Netskope DLP policies are creating the most incidents. In this scenario, which two statements are true? (Choose two.)

Options:

A.

The Skope IT Applications tab will list the top five DLP policies.

B.

You can see the top Ave DLP policies triggered using the Analyze feature

C.

You can create a report using Reporting or Advanced Analytics.

D.

The Skope IT Alerts tab will list the top five DLP policies.

Buy Now
Questions 5

Recently your company implemented Zoom for collaboration purposes and you are attempting to inspect the traffic with Netskope. Your initial attempt reveals that you are not seeing traffic from the Zoom client that is used by all users. You must ensure that this traffic is visible to Netskope.

In this scenario, which two steps must be completed to satisfy this requirement? (Choose two.)

Options:

A.

Create a steering exception for Zoom to ensure traffic is reaching Netskope.

B.

Create a Do Not Decrypt SSL policy for the Zoom application suite.

C.

Remove the Zoom certificate-pinned application from the default steering configuration.

D.

Remove the default steering exception for the Web Conferencing Category.

Buy Now
Questions 6

What is the purpose of the file hash list in Netskope?

Options:

A.

It configures blocklist and allowlist entries referenced in the custom Malware Detection profiles.

B.

It is used to allow and block URLs.

C.

It provides the file types that Netskope can inspect.

D.

It provides Client Threat Exploit Prevention (CTEP).

Buy Now
Questions 7

Review the exhibit.

NSK200 Question 7

Your company uses Google as the corporate collaboration suite; however, corporate policy restricts the use of personal Google services. The exhibit provides a partially completed policy to ensure that users cannot log into their personal account.

What should be added to achieve the desired outcome in this scenario?

Options:

A.

Google Gmail app

B.

User Constraint

C.

DLP profile

D.

Device classification

Buy Now
Questions 8

You use Netskope to provide a default Malware Scan profile for use with your malware policies. Also, you want to create a custom malware detection profile.

In this scenario, what are two additional requirements to complete this task? (Choose two.)

Options:

A.

Add a custom hash list as an allowlist.

B.

Add a quarantine profile.

C.

Add a remediation profile.

D.

Add a custom hash list as a blocklist.

Buy Now
Questions 9

Your organization has a homegrown cloud application. You are required to monitor the activities that users perform on this cloud application such as logins, views, and downloaded files. Unfortunately, it seems Netskope is unable to detect these activities by default.

How would you accomplish this goal?

Options:

A.

Enable access to the application with Netskope Private Access.

B.

Ensure that the cloud application is added as a steering exception.

C.

Ensure that the application is added to the SSL decryption policy.

D.

Create a new cloud application definition using the Chrome extension.

Buy Now
Questions 10

Your company has many users that are remote and travel often. You want to provide the greatest visibility into their activities, even while traveling. Using Netskope. which deployment method would be used in this scenario?

Options:

A.

Use proxy chaining.

B.

Use a Netskope client.

C.

Use an IPsec tunnel.

D.

Use a GRE tunnel.

Buy Now
Questions 11

Review the exhibit.

NSK200 Question 11

What is the purpose of the configuration page shown Ii the exhibit?

Options:

A.

to provision a Netskope client using SCCM

B.

to allow users to authenticate against the proxy

C.

to onboard Active Directory users to a Netskope tenant

D.

to enforce administrative role-based access

Buy Now
Questions 12

While most Web and SaaS traffic is decrypted for inspection, you are asked to prevent a certain host on the network from SSL decryption for privacy purposes.

Options:

A.

Create a steering exception for the host.

B.

Create a Real-time Protection policy, select the host, and choose to block SSL decryption.

C.

Create a Source Network Location for a Do Not Decrypt SSL policy.

D.

Add the host to the certificate-pinned application list.

Buy Now
Questions 13

You want to provide malware protection for all cloud storage applications.

In this scenario, which action would accomplish this task?

Options:

A.

Create a real-time threat protection policy with a category of Cloud Storage.

B.

Apply a data protection profile.

C.

Apply a CTEP profile.

D.

Create an API threat protection policy with a category of Cloud Storage.

Buy Now
Questions 14

Your IT organization is migrating its user directory services from Microsoft Active Directory to a cloud-based Identity Provider (IdP) solution, Azure AD. You are asked to adapt the Netskope user provisioning process to work with this new cloud-based IdP.

Options:

A.

Directory Importer

B.

Microsoft GPO

C.

SCIMApp

D.

Manual Import

Buy Now
Questions 15

You discover the ongoing use of the native Dropbox client in your organization. Although Dropbox is not a corporate-approved application, you do not want to prevent the use of Dropbox. You do, however, want to ensure visibility into its usage.

Options:

A.

Change Windows and Mac steering exception actions to use Tunnel mode and set Netskope as the source IP address for SSO services.

B.

Modify the existing tenant steering exception configuration to block the Dropbox native application to force users to use the Dropbox website.

C.

Remove all Dropbox entries from the tenant steering SSL configuration entirely.

D.

Create a new tenant steering exception type of Destination Locations that contains the Dropbox application.

Buy Now
Questions 16

You want to prevent a document stored in Google Drive from being shared externally with a public link.

Options:

A.

Quarantine

B.

Threat Protection policy

C.

API Data Protection policy

D.

Real-time Protection policy

Buy Now
Questions 17

You have created a specific Skope IT application events query and want to have the query automatically run and display the results every time you log into your tenant.

Which two statements are correct in this scenario? (Choose two.)

Options:

A.

Add the Watchlist widget from the library to your home page.

B.

Export a custom Skope IT watchlist to a report and then schedule it to run daily.

C.

Save a custom Skope IT watchlist, then manage filters and share with others.

D.

Add your Skope IT query to a custom watchlist.

Buy Now
Questions 18

Netskope is being used as a secure Web gateway. Your organization's URL list changes frequently. In this scenario, what makes It possible for a mass update of the URL list in the Netskope platform?

Options:

A.

REST API v2

B.

Assertion Consumer Service URL

C.

Cloud Threat Exchange

D.

SCIM provisioning

Buy Now
Questions 19

Your organization has three main locations with 30.000 hosts in each location. You are planning to deploy Netskope using iPsec tunnels for security.

What are two considerations to make a successful connection in this scenario? (Choose two.)

Options:

A.

browsers in use

B.

operating systems

C.

redundant POPs

D.

number of hosts

Buy Now
Questions 20

You are using the Netskope DLP solution. You notice flies containing test data for credit cards are not triggering DLP events when uploaded to Dropbox. There are corresponding page events. Which two scenarios would cause this behavior? (Choose two.)

Options:

A.

The Netskope client Is not steering Dropbox traffic.

B.

The DLP rule has the severity threshold set to a value higher than the number of occurrences.

C.

The credit card numbers in your test data are Invalid 16-dlglt numbers.

D.

There is no API protection configured for Dropbox.

Buy Now
Questions 21

You are comparing the behavior of Netskope's Real-time Protection policies to API Data Protection policies. In this Instance, which statement is correct?

Options:

A.

All real-time policies are enforced, regardless of sequential order, while API policies are analyzed sequentially from top to bottom and stop once a policy Is matched.

B.

Both real-time and API policies are analyzed sequentially from top to bottom and stop once a policy Is matched.

C.

All API policies are enforced, regardless of sequential order, while real-time policies are analyzed sequentially from top to bottom and stop once a policy Is matched.

D.

Both real-time and API policies are all enforced, regardless of sequential order.

Buy Now
Questions 22

You are creating an API token to allow a DevSecOps engineer to create and update a URL list using REST API v2. In this scenario, which privilege(s) do you need to create in the API token?

Options:

A.

Provide read and write access for the "/events" endpoint.

B.

Provide read and write access for the "/urllist" endpoint.

C.

Provide only read access for the "/urllist" endpoint.

D.

Provide only write access for the "/urllist" endpoint.

Buy Now
Questions 23

Review the exhibit.

NSK200 Question 23

A security analyst needs to create a report to view the top five categories of unsanctioned applications accessed in the last 90 days. Referring to the exhibit, what are two data collections in Advanced Analytics that would be used to create this report? (Choose two.)

Options:

A.

Alerts

B.

Application Events

C.

Page Events

D.

Network Events

Buy Now
Questions 24

You are configuring GRE tunnels from a Palo Alto Networks firewall to a Netskope tenant with the Netskope for Web license enabled. Your tunnel is up as seen from the Netskope dashboard. You are unable to ping hosts behind the Netskope gateway.

Which two statements are true about this scenario? (Choose two.)

Options:

A.

You need to call support to enable the GRE POP selection feature.

B.

Netskope only supports Web traffic through the tunnel.

C.

You can only ping the probe IP provided by Netskope.

D.

There is no client installed on the source hosts in your network.

Buy Now
Questions 25

Review the exhibit.

NSK200 Question 25

You are asked to create a new role that allows analysts to view Events and Reports while providing user privacy. You need to avoid directly exposing identities and user location information.

Which three fields must you obfuscate in this scenario? (Choose three.)

Options:

A.

User IPs

B.

User names

C.

App names, URLs, and destination IPs

D.

File and object names

E.

Source location information

Buy Now
Questions 26

Your customer has some managed Windows-based endpoints where they cannot add any clients or agents. For their users to have secure access to their SaaS application, you suggest that the customer use Netskope's Explicit Proxy.

Which two configurations are supported for this use case? (Choose two.)

Options:

A.

Endpoints can be configured to directly use the Netskope proxy.

B.

Endpoints must have separate steering configurations in the tenant settings.

C.

Endpoints must be configured in the device section of the tenant to interoperate with all proxies.

D.

Endpoints can be configured to use a Proxy Auto Configuration (PAC) file.

Buy Now
Questions 27

With Netskope DLP, which feature would be used to detect keywords such as "Confidential" or "Access key"?

Options:

A.

Regular Expression

B.

Exact Match

C.

Fingerprint Classification

D.

Dictionary

Buy Now
Exam Code: NSK200
Exam Name: Netskope Certified Cloud Security Integrator (NCCSI)
Last Update: Dec 21, 2024
Questions: 93

PDF + Testing Engine

$57.75  $164.99

Testing Engine

$43.75  $124.99
buy now NSK200 testing engine

PDF (Q&A)

$36.75  $104.99
buy now NSK200 pdf