Page: 1
/ 14
Total 129 questions
Netskope NSK101 Netskope Certified Cloud Security Administrator Exam NCCSA Exam Practice Test
Question 1
You are setting up a real-time threat protection policy for patient zero to block previously unseen files until a benign verdict is produced by the Netskope Threat Protection Service. In this scenario, which two policy parameters must you configure? (Choose two)
Answer : A, D
To set up a real-time threat protection policy for patient zero to block previously unseen files until a benign verdict is produced by the Netskope Threat Protection Service, you need to configure the following parameters:
Block Action: This action ensures that any previously unseen file is blocked until it has been analyzed and a verdict has been reached. By blocking the file, the policy prevents potential threats from entering the network until they are deemed safe.
Remediation Profile: This profile defines the actions to be taken when a threat is detected. It includes configuring the alerts and responses (such as notifying administrators) when a file is blocked. This ensures that there is a process in place for handling detected threats and that appropriate measures are taken.
Netskope Threat Protection documentation detailing the setup of real-time threat protection policies.
Configuration guides for policy actions and remediation profiles in the Netskope platform.
Question 2
Click the Exhibit button.
A user is uploading a file containing PCI-DSS data to the corporate Google Drive instance. You notice that the upload is not blocked by the policy shown in the exhibit. Which statement is correct in this scenario?
Answer : C
In the exhibit, a user is uploading a file containing PCI-DSS data to the corporate Google Drive instance. Despite the policy that blocks DLP (Data Loss Prevention) uploads being active, the upload is not blocked. This indicates that the policy is not applied in the correct order.
Netskope applies policies in a top-down manner. If there are multiple policies that could apply to an action, the order in which the policies are evaluated is crucial. In this case, another policy might be allowing the upload before the DLP policy can block it. Ensuring that the DLP policy is higher in the order can resolve this issue.
Netskope policy configuration and enforcement documentation.
Details on how Netskope processes and applies policies based on their order in the policy list.
Question 3
A customer wants to receive e-mail alerts whenever Netskope publishes an incident involving a specific service, or if Netskope publishes information regarding planned maintenance. Which two Netskope sites allow an administrator to subscribe to service notifications? (Choose two.)
Answer : A, D
Administrators can subscribe to service notifications, including incidents and planned maintenance, through the following Netskope sites:
Netskope documentation and support articles on subscribing to service notifications and updates.
Netskope's service notification and operational status sites providing subscription options for alerts and updates.
Question 4
You are required to restrict cloud users from uploading data to any risky cloud storage service as defined by the Cloud Confidence Index. In the Netskope platform, which two policy elements would enable you to implement this control? (Choose two)
Answer : B, D
To restrict cloud users from uploading data to risky cloud storage services as defined by the Cloud Confidence Index (CCI) in the Netskope platform, you would use the following policy elements:
Category: This policy element allows you to define and restrict actions based on the category of the cloud application. For example, you can categorize cloud storage services and create policies that restrict uploads to any application that falls under this category.
Cloud Confidence Level: This policy element leverages the Cloud Confidence Index (CCI), which rates the risk level of cloud applications. By using the Cloud Confidence Level, you can create policies that restrict uploads to applications with a low confidence level, thereby preventing data uploads to risky cloud storage services.
Using the Netskope Knowledge Portal documentation, specifically under policy configuration and enforcement, which details how to use categories and Cloud Confidence Level in policy creation.
Postman collection and API documentation that describes the usage of these elements in the Netskope API.
Question 5
Click the Exhibit button.
The exhibit shows security rules that are part of which component of the Netskope platform?
Answer : D
The exhibit displays rules related to detecting compromised accounts, data exfiltration, and malicious insiders. These types of activities are typically analyzed and detected through user behavior analytics, which involves monitoring and analyzing the behavior of users to identify anomalies that may indicate security incidents or threats.
Behavior Analytics is a component of the Netskope platform that focuses on identifying potential security risks based on user behavior. This includes monitoring for compromised accounts, data exfiltration, and identifying malicious insiders. These analytics help in proactively identifying and mitigating threats by analyzing patterns and anomalies in user activities.
The exhibit showing rules related to compromised accounts, data exfiltration, and malicious insiders aligns with the capabilities provided by Behavior Analytics.
Documentation from the Netskope Knowledge Portal on the behavior analytics capabilities supports this identification.
Question 6
In which two scenarios would you use SD-WAN technology? (Choose two.)
Answer : B, D
SD-WAN technology is used in the following scenarios:
To optimize utilization and performance across multiple Internet connections:
SD-WAN allows organizations to aggregate multiple Internet connections and optimize traffic flow based on application requirements and network conditions. This improves overall network performance and ensures efficient use of available bandwidth.
To replace dedicated MPLS connections with multiple broadband WAN and mobile options:
SD-WAN provides the flexibility to use a mix of broadband, LTE, and other connectivity options to replace traditional MPLS circuits. This can significantly reduce costs and improve agility in network deployment and management.
Netskope Knowledge Portal: SD-WAN Integration
Netskope Knowledge Portal: Benefits of SD-WAN
Question 7
You are required to create a policy that will notify and allow users to log into their personal Google Drive instance.
Which two policy components must be configured to enforce this use case? (Choose two.)
Answer : B, C
To create a policy that will notify and allow users to log into their personal Google Drive instance, you need to configure the following components:
Steering Exception:
This component allows you to create exceptions for specific traffic. In this case, you will configure a steering exception to allow traffic to personal Google Drive instances. This ensures that the policy correctly routes the traffic to the appropriate destination without being blocked or filtered incorrectly.
User Alert:
A User Alert component will be configured to notify users when they attempt to log into their personal Google Drive. This alert can provide information about the policy and any actions the user may need to take. It helps in enforcing the policy by informing users about the specific conditions or restrictions.
Netskope Knowledge Portal: Configuring Steering Exceptions
Netskope Knowledge Portal: Creating User Alerts
All Official Question Types