Cisco®
CompTIA
Checkpoint
ISC
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
ISC2
Splunk®
Scrum
All Vendors
  2. Home
  3. Exams
  4. Netskope
  5. NSK101

Free NSK101 Exam Braindumps (page: 16)

Page 15 of 34
PDF with 129 Questions

You want to block access to sites that use self-signed certificates.
Which statement is true in this scenario?

  1. Certificate-related settings apply globally to the entire customer tenant.
  2. Certificate-related settings apply to each individual steering configuration level.
  3. Certificate-related settings apply to each individual client configuration level.
  4. Self-signed certificates must be changed to a publicly trusted CA signed certificate.

Answer(s): B

Explanation:

The statement that is true in this scenario is: Certificate-related settings apply to each individual steering configuration level. Certificate-related settings are the options that allow you to configure how Netskope handles SSL/TLS certificates for encrypted web traffic. For example, you can choose whether to allow or block self-signed certificates, expired certificates, revoked certificates, etc. You can also choose whether to enable SSL decryption for specific domains or categories. Certificate- related settings apply to each individual steering configuration level, which means that you can have different settings for different types of traffic or devices. For example, you can have one steering configuration for managed devices and another one for unmanaged devices, and apply different certificate-related settings for each one. This allows you to customize your security policies based on your needs and preferences.


Reference:

Netskope SSL DecryptionNetskope Steering Configuration



How do you provision users to your customer's Netskope tenant? (Choose two.)

  1. Use Microsoft Intune.
  2. Use the AD Connector.
  3. Use SCIM.
  4. Use the Directory Importer.

Answer(s): B,D

Explanation:

To provision users to your customer's Netskope tenant, two methods that you can use are: use the AD Connector and use SCIM. The AD Connector is a tool that allows you to synchronize users and groups from your Active Directory (AD) domain to your Netskope tenant. The AD Connector runs as a Windows service on a machine that has access to your AD domain controller. The AD Connector periodically queries your AD domain for any changes in users and groups and updates them in your Netskope tenant accordingly. The AD Connector also supports filtering users and groups based on attributes or organizational units (OUs). SCIM stands for System for Cross-domain Identity Management, which is a standard protocol for managing user identities across different applications and services. SCIM allows you to provision users and groups from your identity provider (IdP), such as Azure AD or Okta, to your Netskope tenant using APIs. SCIM also supports creating, updating, deleting, and searching users and groups in your Netskope tenant based on your IdP's configuration.


Reference:

Netskope AD ConnectorUser Provisioning with Azure AD



When would an administrator need to use a tombstone file?

  1. You use a tombstone file when a policy causes a file download to be blocked.
  2. You use a tombstone file when a policy causes a publicly shared file to be encrypted.
  3. You use a tombstone file when the policy causes a file to be moved to quarantine.
  4. You use a tombstone file when a policy causes a file to be moved to legal hold.

Answer(s): C

Explanation:

A tombstone file is a placeholder file that replaces the original file when it is moved to quarantine by a Netskope policy. The tombstone file contains information about the original file, such as its name, size, type, owner, and the reason why it was quarantined. The tombstone file also provides a link to the Netskope UI where the administrator or the file owner can view more details about the incident and take appropriate actions, such as restoring or deleting the file. The purpose of using a tombstone file is to preserve the metadata and location of the original file, as well as to notify the users about the quarantine action and how to access the file if needed.


Reference:

Threat Protection - Netskope Knowledge PortalNetskope threat protection - Netskope



You have an issue with the Netskope client connecting to the tenant.

In this scenario, what are two ways to collect the logs from the client machine? (Choose two.)

  1. from the Netskope client Ul About page
  2. from the command line using the nsdiag command
  3. from the Netskope client system tray icon
  4. from the Netskope client Ul Configuration page

Answer(s): A,B

Explanation:

To collect the logs from the client machine when you have an issue with the Netskope client connecting to the tenant, two ways that you can use are: from the Netskope client UI About page and from the command line using the nsdiag command. From the Netskope client UI About page, you can click on the "Collect Logs" button to generate a zip file containing all the relevant logs and configuration files from the client machine. You can then send this zip file to Netskope support for troubleshooting. From the command line, you can use the nsdiag command with various options to collect different types of logs and diagnostic information from the client machine. For example, you can use nsdiag -l to collect all logs, nsdiag -c to collect configuration files, nsdiag -t to collect traffic statistics, etc. You can also use nsdiag -h to see all available options and usage instructions. You can then send the output files to Netskope support for troubleshooting.


Reference:

Netskope Client Configuration overviewInstall and Test the Client - Netskope Knowledge Portal






Post your Comments and Discuss Netskope NSK101 exam with other Community members:

Exam Discussions & Posts