Which three status indicators does the NPA Troubleshooter Tool provide when run? (Choose three)
Answer : A, C, E
The NPA (Netskope Private Access) Troubleshooter Tool provides the following status indicators when run:
Steering configuration: This indicates whether the traffic is being correctly steered through the Netskope infrastructure according to the defined policies.
Publisher connectivity: This status shows whether the Netskope Publisher is correctly connected and able to communicate with the Netskope cloud. It ensures that the Publisher, which acts as a gateway, is functioning correctly.
Reachability of the private app: This status verifies if the private application is reachable from the Netskope infrastructure, ensuring that users can access the necessary internal resources.
These indicators help administrators troubleshoot and ensure that the NPA setup is working correctly, providing secure and reliable access to private applications.
Netskope documentation on using the NPA Troubleshooter Tool and the status indicators it provides.
Best practices for troubleshooting NPA connectivity and performance issues.
Click the Exhibit button.
You configured a set of Cloud Firewall policies as shown in the exhibit and changed your Steering Configuration to All Traffic for Group A and Group B. Users in Group A report that they are unable to access a third-party server using TCP port 3389. Referring to the exhibit, which action correctly describes how you would allow these connections without allowing unnecessary access?
Answer : B
The exhibit shows that Group A is allowed only SSH traffic, while Group B is allowed both SSH and RDP traffic. Since users in Group A need access to a third-party server using TCP port 3389 (RDP), you need to create a specific policy to allow this traffic without granting unnecessary access.
Creating an Allow policy using a custom application that includes the destination IP and TCP port 3389 will precisely target the required traffic and ensure that only the necessary connections are permitted. This method avoids broader policy changes that could introduce unnecessary access.
Netskope documentation on creating and managing Cloud Firewall policies.
Best practices for configuring application-specific policies to control network traffic effectively.
In the Tenant III, which two methods would an administrator use to update a File Profile with malicious file hashes? (Choose two)
Answer : A, C
To update a File Profile with malicious file hashes in the Netskope platform, an administrator can use the following methods:
Upload a CSV file of malicious file hashes: Administrators can prepare a CSV file containing the malicious file hashes and upload it to the platform. This method allows for bulk updates of the file profile with multiple hashes at once.
Input a list of malicious file hashes: Administrators can manually input a list of malicious file hashes directly into the platform. This method is useful for adding individual hashes or making small updates to the file profile.
These methods ensure that the file profile is updated with the latest malicious file information, enabling the platform to detect and block known threats effectively.
Netskope documentation on managing File Profiles and updating them with malicious file hashes.
Instructions and best practices for uploading and managing threat intelligence data within the Netskope platform.
You are adding a new tenant administrator in the Admins page. Which additional security measure would you be able to enable for only this new account?
Answer : B
When adding a new tenant administrator in the Admins page, you can enhance the security for the new account by enabling Multi-Factor Authentication (MFA). MFA adds an extra layer of security by requiring the administrator to provide a second form of verification in addition to the password, thus protecting against unauthorized access.
Netskope documentation on user and admin account management, including the configuration and benefits of enabling MFA.
Security best practices guides from Netskope, emphasizing the importance of MFA for enhanced account security.
Which networking function does a SASE solution provide above and beyond an SSE solution?
Answer : D
A SASE (Secure Access Service Edge) solution provides networking functions that go beyond the capabilities of an SSE (Security Service Edge) solution. Specifically, a SASE solution integrates:
Software Defined Wide Area Network (SD-WAN): SD-WAN enhances network performance and efficiency by dynamically routing traffic across the best available paths. It provides greater flexibility, improved application performance, and reduced costs compared to traditional WAN solutions.
In contrast, SSE focuses on security services like Secure Web Gateway, Cloud Access Security Broker, and Data Loss Prevention, but does not include networking functions such as SD-WAN.
Netskope's documentation on SASE and SSE solutions, highlighting the differences and additional functionalities provided by SASE, including SD-WAN.
Detailed explanation of SD-WAN and its integration into SASE solutions.
You are required to present a view of all upload activities completed by users tunneled from the Los Angeles office to cloud storage applications.
Which two basic filters would you use on the SkopeIT Applications page to satisfy this requirement? (Choose two.)
Answer : A, B
To present a view of all upload activities completed by users tunneled from the Los Angeles office to cloud storage applications, the following two basic filters should be used on the SkopeIT Applications page:
Activity: This filter will allow you to specify the type of activity, in this case, 'upload.'
Access Method: This filter will help to specify the method of access, which is necessary to filter activities that are tunneled.
These filters combined will provide a comprehensive view of the required activities. For further details, please refer to the Netskope documentation on setting up and using filters in SkopeIT Applications.
The Netskope deployment for your organization is deployed in CASB-only mode. You want to view dropbox.com traffic but do not see it when using SkopeIT.
In this scenario, what are two reasons for this problem? (Choose two.)
Answer : A, B
In a CASB-only deployment of Netskope, there could be several reasons why Dropbox.com traffic is not visible in SkopeIT:
Certificate Pinning:
The Dropbox Web application might be using certificate pinning, which means it only accepts specific certificates for its connections. This can prevent the traffic from being steered to the Netskope tenant because the proxy's certificate might not match the pinned certificate.
Configuration of Dropbox Domains:
If the Dropbox domains are not properly configured to be steered to the Netskope tenant, then the traffic will bypass the Netskope inspection and will not be visible in SkopeIT. Ensuring that the domains are configured correctly is essential for the traffic to be captured and analyzed by Netskope.
'Certificate pinning prevents the interception of traffic by requiring that the presented certificate matches a known good certificate. This can interfere with traffic steering in CASB deployments.'.
'Proper configuration of application domains is necessary to ensure traffic is steered to the Netskope tenant for inspection and visibility.'.