CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. Netskope
  5. NSK101

Free NSK101 Exam Braindumps (page: 4)

Page 4 of 34
PDF with 129 Questions

You are required to mitigate malicious scripts from being downloaded into your corporate devices every time a user goes to a website. Users need to access websites from a variety of categories, including new websites.

Which two actions would help you accomplish this task while allowing the user to work? (Choose two.)

  1. Allow the user to browse uncategorized domains but restrict edit activities.
  2. Block malware detected on download activity for all remaining categories.
  3. Block known bad websites and enable RBI to uncategorized domains.
  4. Allow a limited amount of domains and block everything else.

Answer(s): B,C

Explanation:

To mitigate malicious scripts from being downloaded into your corporate devices every time a user goes to a website, you need to use Netskope's threat protection features to block or isolate potentially harmful web traffic. Two actions that would help you accomplish this task while allowing the user to work are: block malware detected on download activity for all remaining categories and block known bad websites and enable RBI to uncategorized domains. The first action will prevent any files that contain malware from being downloaded to your devices from any website category, except those that are explicitly allowed or excluded by your policies. The second action will prevent any websites that are classified as malicious or phishing by Netskope from being accessed by your users and enable Remote Browser Isolation (RBI) to uncategorized domains, which are domains that have not been assigned a category by Netskope. RBI is a feature that allows users to browse websites in a virtual browser hosted in the cloud, without exposing their devices to any scripts or content from the website. Allowing the user to browse uncategorized domains but restrict edit activities or allowing a limited amount of domains and block everything else are not effective actions, as they may either limit the user's productivity or expose them to unknown risks.


Reference:

[Netskope Threat Protection], [Netskope Remote Browser Isolation].



A customer asks you to create several real-time policies. Policy A generates alerts when any user downloads, uploads, or shares files on a cloud storage application. Policy B blocks users from downloading files from any operating system (OS) other than Mac or Windows for cloud storage. In this case, policy A is least restrictive and policy B is more restrictive.

Which statement is correct in this scenario?

  1. Policy A is implemented before policy B.
  2. Policy B is implemented before policy A.
  3. The policy order is not important; policies are independent of each other.
  4. These two policies would actually not work together.

Answer(s): B

Explanation:

In this scenario, policy B is more restrictive than policy A, as it blocks users from downloading files from any OS other than Mac or Windows for cloud storage, while policy A only generates alerts when any user downloads, uploads, or shares files on a cloud storage application. Therefore, policy B should be implemented before policy A, as the policy order determines the order of evaluation and enforcement of the policies. If policy A is implemented before policy B, then policy B will never be triggered, as policy A will match all the download activities for cloud storage and generate alerts. The policy order is important; policies are not independent of each other, as they may have overlapping or conflicting conditions and actions. These two policies would actually work together, as long as they are ordered correctly.


Reference:

Netskope Security Cloud Operation & Administration (NSCO&A) - Classroom Course, Module 5: Real-Time Policies, Lesson 3: Policy Order.



A company is attempting to steer traffic to Netskope using GRE tunnels. They notice that after the initial configuration, users cannot access external websites from their browsers.

What are three probable causes for this issue? (Choose three.)

  1. The pre-shared key for the GRE tunnel is incorrect.
  2. The configured GRE peer in the Netskope platform is incorrect.
  3. The corporate firewall might be blocking GRE traffic.
  4. The route map was applied to the wrong router interface.
  5. Netskope does not support GRE tunnels.

Answer(s): B,C,D

Explanation:

In this scenario, there are three probable causes for the issue of users not being able to access external websites from their browsers after attempting to steer traffic to Netskope using GRE tunnels. One cause is that the configured GRE peer in the Netskope platform is incorrect, which means that the Netskope POP that is supposed to receive the GRE traffic from the customer's network is not matching the IP address of the customer's router that is sending the GRE traffic. This will result in a failure to establish a GRE tunnel between the customer and Netskope. Another cause is that the corporate firewall might be blocking GRE traffic, which means that the firewall rules are not allowing the GRE protocol (IP protocol number 47) or the UDP port 4789 (for VXLAN encapsulation) to pass through. This will result in a failure to send or receive GRE packets between the customer and Netskope.
A third cause is that the route map was applied to the wrong router interface, which means that the configuration that specifies which traffic should be steered to Netskope using GRE tunnels was not applied to the correct interface on the customer's router. This will result in a failure to steer the desired traffic to Netskope. The pre-shared key for the GRE tunnel is incorrect is not a probable cause for this issue, as GRE tunnels do not use pre-shared keys for authentication or encryption. Netskope does support GRE tunnels, so this is not a cause for this issue either.


Reference:

[Netskope Secure Forwarder], Netskope Security Cloud Operation & Administration (NSCO&A) - Classroom Course, Module 3: Steering Configuration, Lesson 3: Secure Forwarder.



What are two fundamental differences between the inline and API implementation of the Netskope platform? (Choose two.)

  1. The API implementation can be used with both sanctioned and unsanctioned applications.
  2. The API implementation can only be used with sanctioned applications.
  3. The inline implementation can effectively block a transaction in both sanctioned and unsanctioned applications.
  4. The inline implementation can only effectively block a transaction in sanctioned applications.

Answer(s): B,C

Explanation:

The inline and API implementation of the Netskope platform are two different ways of connecting cloud applications to Netskope for inspection and policy enforcement. Two fundamental differences between them are: The API implementation can only be used with sanctioned applications, which are applications that are approved and authorized by the organization for business use. The API implementation relies on using out-of-band API connections to access data and events from these applications and apply near real-time policies. The inline implementation can effectively block a transaction in both sanctioned and unsanctioned applications, which are applications that are not approved or authorized by the organization for business use. The inline implementation relies on using in-band proxy or reverse-proxy connections to intercept traffic to and from these applications and apply real-time policies. The API implementation can be used with both sanctioned and unsanctioned applications and the inline implementation can only effectively block a transaction in sanctioned applications are not true statements, as they contradict the actual capabilities and limitations of each implementation method.


Reference:

[Netskope SaaS API-enabled Protection], [Netskope Inline CASB].



Page 4 of 34



Post your Comments and Discuss Netskope NSK101 exam with other Community members:

Flash commented on August 25, 2024
Can we pass the exams by only using the free dumps my exam was scheduled on 28 of august
Anonymous
upvote