CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. Netskope
  5. NSK200

Free NSK200 Exam Braindumps (page: 2)

Page 1 of 16
PDF with 93 Questions

To which three event types does Netskope's REST API v2 provide access? (Choose three.)

  1. application
  2. alert
  3. client
  4. infrastructure
  5. user

Answer(s): A,B,D

Explanation:

Netskope's REST API v2 provides access to various event types via URI paths. The event types include application, alert, infrastructure, audit, incident, network, and page. These event types can be used to retrieve data from Netskope's cloud security platform. The event types client and user are not supported by the REST API v2.


Reference:

REST API v2 Overview, Cribl Netskope Events and Alerts Integration, REST API Events and Alerts Response Descriptions



Review the exhibit.



Your company uses Google as the corporate collaboration suite; however, corporate policy restricts the use of personal Google services. The exhibit provides a partially completed policy to ensure that users cannot log into their personal account.

What should be added to achieve the desired outcome in this scenario?

  1. Google Gmail app
  2. User Constraint
  3. DLP profile
  4. Device classification

Answer(s): B

Explanation:

In order to restrict users from logging into their personal Google accounts, the policy should include a user constraint. This will ensure that only users with corporate accounts can access the corporate collaboration suite. The user constraint can be added by selecting the "User" option in the "Source" field and then choosing the appropriate user group or identity provider. The other options are not relevant for this scenario.


Reference:

[Creating a Policy to Block Personal Google Services], [Policy Creation], [User Constraint]



You have deployed a development Web server on a public hosting service using self-signed SSL certificates. After some troubleshooting, you determined that when the Netskope client is enabled, you are unable to access the Web server over SSL. The default Netskope tenant steering configuration is in place.

In this scenario, which two settings are causing this behavior? (Choose two.)

  1. SSL pinned certificates are blocked.
  2. Untrusted root certificates are blocked.
  3. Incomplete certificate trust chains are blocked.
  4. Self-signed server certificates are blocked.

Answer(s): B,D

Explanation:

The default Netskope tenant steering configuration blocks untrusted root certificates and self-signed server certificates. These settings are intended to prevent man-in-the-middle attacks and ensure the validity of the SSL connection. However, they also prevent the access to the development Web server that uses self-signed SSL certificates. To allow access to the Web server, the settings need to be changed or an exception needs to be added for the Web server domain.



Your customer currently only allows users to access the corporate instance of OneDrive using SSO with the Netskope client. The users are not permitted to take their laptops when vacationing, but sometimes they must have access to documents on OneDrive when there is an urgent request. The customer wants to allow employees to remotely access OneDrive from unmanaged devices while enforcing DLP controls to prohibit downloading sensitive files to unmanaged devices.

Which steering method would satisfy the requirements for this scenario?

  1. Use a reverse proxy integrated with their SSO.
  2. Use proxy chaining with their cloud service providers integrated with their SSO.
  3. Use a forward proxy integrated with their SSO.
  4. Use a secure forwarder integrated with an on-premises proxy.

Answer(s): A

Explanation:

A reverse proxy integrated with their SSO would satisfy the requirements for this scenario. A reverse proxy intercepts requests from users to cloud apps and applies policies based on user identity, device posture, app, and data context. It can enforce DLP controls to prohibit downloading sensitive files to unmanaged devices. It can also integrate with the customer's SSO provider to authenticate users and allow access only to the corporate instance of OneDrive. The other steering methods are not suitable for this scenario because they either require the Netskope client or do not provide granular control over cloud app activities.






Post your Comments and Discuss Netskope NSK200 exam with other Community members:

NSK200 Discussions & Posts