Cisco®
CompTIA
Checkpoint
ISC
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
ISC2
Splunk®
Scrum
All Vendors
  2. Home
  3. Exams
  4. Netskope
  5. NSK101

Free NSK101 Exam Braindumps (page: 13)

Page 12 of 34
PDF with 129 Questions

A customer wants to detect misconfigurations in their AWS cloud instances.

In this scenario, which Netskope feature would you recommend to the customer?

  1. Netskope Secure Web Gateway (SWG)
  2. Netskope Cloud Security Posture Management (CSPM)
  3. Netskope Advanced DLP and Threat Protection
  4. Netskope SaaS Security Posture Management (SSPM)

Answer(s): B

Explanation:

If a customer wants to detect misconfigurations in their AWS cloud instances, the Netskope feature that I would recommend to them is Netskope Cloud Security Posture Management (CSPM). Netskope CSPM is a service that provides continuous assessment and remediation of public cloud deployments for risks, threats, and compliance issues. Netskope CSPM leverages the APIs available from AWS and other cloud service providers to scan the cloud infrastructure for misconfigurations, such as insecure permissions, open ports, unencrypted data, etc. Netskope CSPM also provides security posture policies, profiles, and rules that can be customized to match the customer's security standards and best practices. Netskope CSPM can also alert, report, or remediate the misconfigurations automatically or manually.


Reference:

Netskope CSPMCloud Security Posture Management



Which two use cases would be considered examples of Shadow IT within an organization? (Choose two.)

  1. a sanctioned Salesforce account used by a contractor to upload non-sensitive data
  2. a sanctioned Wetransfer being used by a corporate user to share sensitive data
  3. an unsanctioned Microsoft 365 OneDrive account being used by a corporate user to upload sensitive data
  4. an unsanctioned Google Drive account used by a corporate user to upload non-sensitive data

Answer(s): C,D

Explanation:

Shadow IT is the term for the unauthorized use of IT resources and functions by employees within an organization. It can include cloud services, software, and hardware that are not approved or managed by the IT department. Two use cases that would be considered examples of shadow IT within an organization are: an unsanctioned Microsoft 365 OneDrive account being used by a corporate user to upload sensitive data and an unsanctioned Google Drive account used by a corporate user to upload non-sensitive data. In both cases, the corporate user is using a personal cloud storage service that is not sanctioned by the organization to store work-related data. This can introduce security risks, such as data leakage, data loss, compliance violations, malware infections, etc. The IT department may not have visibility or control over these cloud services or the data stored in them.


Reference:

What is shadow IT? | CloudflareWhat is Shadow IT? | IBM



In which scenario would you use a SAML reverse proxy?

  1. When the API-enabled protection exceeds the Cloud App API usage limits and cannot be used anymore.
  2. When the organization wants to perform inline inspection of cloud application traffic for roaming users that do not have the Netskope agent installed.
  3. When there are multiple SAML IdPs in use and the SAML reverse proxy can help federate them all together.
  4. When PAC files or explicit proxies can be used to steer traffic to the Netskope platform.

Answer(s): C

Explanation:

A SAML reverse proxy is a service that acts as an intermediary between a SAML service provider (SP) and one or more SAML identity providers (IdPs). It can perform various functions, such as authentication, authorization, load balancing, caching, etc. One scenario where you would use a SAML reverse proxy is when there are multiple SAML IdPs in use and the SAML reverse proxy can help federate them all together. For example, suppose you have an internal application that needs to authenticate users from different domains or organizations, each with their own SAML IdP. Instead of configuring the application to trust each IdP separately, you can use a SAML reverse proxy to act as a single SP for the application and a single IdP for the users. The SAML reverse proxy can then redirect the users to their respective IdPs for authentication and relay the SAML assertions back to the application. This way, you can simplify the integration and management of multiple SAML IdPs and provide a seamless user experience.


Reference:

SAML Reverse ProxyWhat is application proxy & SAML SSO?



You need to provide a quick view under the Skope IT Applications page showing only risky shadow IT cloud applications being used.

In this scenario, which two filter combinations would you use to accomplish this task? (Choose two.)

  1. Sanctioned = No
  2. CCL = High. Under Research
  3. User Device Type = Windows Device
  4. CCL = Medium. Low, Poor

Answer(s): A,D

Explanation:

To provide a quick view under the Skope IT Applications page showing only risky shadow IT cloud applications being used, you can use two filter combinations: Sanctioned = No and CCL = Medium, Low, Poor. The Sanctioned filter allows you to select whether you want to see only sanctioned or unsanctioned apps in your organization. Sanctioned apps are those that are approved and managed by your IT department, while unsanctioned apps are those that are used without authorization or oversight by your employees. Shadow IT refers to the use of unsanctioned apps that may pose security or compliance risks for your organization. The CCL filter allows you to select the Cloud Confidence Level (CCL) ratings of the apps you want to see. The CCL rating is a measure of how enterprise-ready a cloud app is based on various criteria such as security, auditability, business continuity, etc. The CCL rating ranges from Excellent to Poor, with Excellent being the most secure and compliant and Poor being the least. Risky cloud apps are those that have a low CCL rating, such as Medium, Low, or Poor. By applying these two filters, you can narrow down the list of apps to only those that are unsanctioned and have a low CCL rating, which indicates that they are risky shadow IT cloud applications being used in your organization.


Reference:

SkopeIT ApplicationsNetskope Cloud Confidence Index






Post your Comments and Discuss Netskope NSK101 exam with other Community members:

Exam Discussions & Posts