CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. Netskope
  5. NSK101

Free NSK101 Exam Braindumps (page: 13)

Page 13 of 34
PDF with 129 Questions

You want to prevent Man-in-the-Middle (MITM) attacks on an encrypted website or application. In this scenario, which method would you use?

  1. Use a stronger encryption algorithm.
  2. Use certificate pinning.
  3. Use a proxy for the connection.
  4. Use a weaker encryption algorithm.

Answer(s): B

Explanation:

To prevent Man-in-the-Middle (MITM) attacks on an encrypted website or application, one method that you can use is certificate pinning. Certificate pinning is a technique that restricts which certificates are considered valid for a particular website or application, limiting risk. Instead of allowing any trusted certificate to be used, operators "pin" the certificate authority (CA) issuer(s), public keys or even end-entity certificates of their choice. Certificate pinning helps to prevent MITM attacks by validating the server certificates against a hardcoded list of certificates in the website or application. If an attacker tries to intercept or modify the traffic using a fraudulent or compromised certificate, it will be rejected by the website or application as invalid, even if it is signed by a trusted CA.


Reference:

Certificate pinning - IBMCertificate and Public Key Pinning | OWASP Foundation



Exhibit



Which portion of the interface shown in the exhibit allows an administrator to set severity, assign ownership, track progress, and perform forensic analysis with excerpts of violating content?

  1. Skope IT-> Alerts
  2. Incidents -> DLP
  3. API-enabled Protection -> Inventory
  4. Reports -> New Report

Answer(s): B

Explanation:

The portion of the interface shown in the exhibit that allows an administrator to set severity, assign ownership, track progress, and perform forensic analysis with excerpts of violating content is Incidents -> DLP. The Incidents dashboard provides a comprehensive view of all the incidents that have occurred in your cloud environment, such as DLP violations, malware infections, anomalous activities, etc. You can filter the incidents by various criteria, such as app name, incident type, severity, user name, etc. You can also drill down into each incident to see more details, such as file name, file path, file owner, file size, file type, etc. You can also assign an owner to an incident, change its status and severity, add notes or comments, and view the excerpts of the violating content that triggered the DLP policy.


Reference:

Netskope Incidents Dashboard



What are two primary advantages of Netskope's Secure Access Service Edge (SASE) architecture? (Choose two.

  1. no on-premises hardware required for policy enforcement
  2. Bayesian spam filtering
  3. Endpoint Detection and Response (EDR)
  4. single management console

Answer(s): A,D

Explanation:

Two primary advantages of Netskope's Secure Access Service Edge (SASE) architecture are: no on- premises hardware required for policy enforcement and single management console. Netskope's SASE architecture delivers network and security services as cloud-based services that can be accessed from any location and device. This eliminates the need for on-premises hardware appliances such as firewalls, proxies, VPNs, etc., that are costly to maintain and scale. Netskope's SASE architecture also provides a single management console that allows administrators to configure and monitor all the network and security services from one place. This simplifies IT operations and reduces complexity and overhead.


Reference:

Netskope SASEWhat is SASE?



Click the Exhibit button.

Referring to the exhibit, which statement accurately describes the difference between Source IP (Egress) and Source IP (User) address?

  1. Source IP (Egress) is the IP address of the destination Web server while Source IP (User) is the IP address assigned to your network.
  2. Source IP (Egress) is the IP address assigned to the endpoint host IP address while Source IP (User) is the public IP address of your Internet edge router.
  3. You must always leave the source IP fields blank and configure the user identity as a source criteria.
  4. Source IP (Egress) is the public IP address of your Internet edge router while Source IP (User) is the address assigned to the endpoint.

Answer(s): D

Explanation:

The statement that accurately describes the difference between Source IP (Egress) and Source IP (User) address is: Source IP (Egress) is the public IP address of your Internet edge router while Source IP (User) is the address assigned to the endpoint. Source IP (Egress) is the IP address that is visible to external networks when you send traffic from your network to the Internet. It is usually the IP address of your Internet edge router or gateway that performs NAT (Network Address Translation). Source IP (User) is the IP address that is assigned to your endpoint device, such as a laptop or a smartphone, within your network. It is usually a private IP address that is not routable on the Internet. You can use these two criteria to filter traffic based on where it originates from within your network or outside your network.


Reference:

Source Address / Source Port vs Destination Address / Destination PortHow to explain Source IP Address, Destination IP Address & Service in easy way



Page 13 of 34



Post your Comments and Discuss Netskope NSK101 exam with other Community members:

Flash commented on August 25, 2024
Can we pass the exams by only using the free dumps my exam was scheduled on 28 of august
Anonymous
upvote