Netskope NSK200 NCCSI Exam Practice Test Instant Access

Question 1

Your customer has deployed the Netskope client to secure their Web traffic. Recently, they have enabled Cloud Firewall (CFW) to secure all outbound traffic for their endpoints. Through a recent acquisition, they must secure all outbound traffic at several remote offices where they have access to the local security stack (routers and firewalls). They cannot install the Netskope client.

AThey can configure Reverse Proxy integrated with their IdP.

BThey can deploy Netskope's DPOP to steer the targeted traffic to the Netskope Security Cloud.

CThey can use IPsec and GRE tunnels with Cloud Firewall.

DThey can secure the targeted outbound traffic using Netskope's Cloud Threat Exchange (CTE).

Answer : C

The correct solution is to use IPsec and GRE tunnels with Cloud Firewall. Netskope Cloud Firewall supports secure tunneling methods such as IPsec and GRE, enabling companies to steer traffic to the Netskope Security Cloud without requiring the Netskope client. This is particularly useful when endpoint installation of the client is not feasible, such as in remote offices where network infrastructure like routers and firewalls are available.

Question 2

Your company wants to know if there has been any unusual user activity. In the UI, you go to Skope IT -> Alerts.

Which two types of alerts would you filter to find this information? (Choose two.)

AAlert type = uba

BAlert type = anomaly

CAlert type = malware

DAlert type = policy

Answer : A, B

To identify unusual user activity, filter alerts by 'uba' (User Behavior Analytics) and 'anomaly.' UBA and anomaly alerts highlight deviations from typical user behavior, which are indicators of unusual or potentially risky activities.

Question 3

A city uses many types of forms, including permit applications. These forms contain personal and financial information of citizens. Remote employees download these forms and work directly with the citizens to complete them. The city wants to be able to identify and monitor the specific forms and block the employees from downloading completed forms.

Which feature would you use to accomplish this task?

Aexact data match (EDM)

Bregular expressions (regex)

Cdocument fingerprinting

Doptical character recognition (OCR)

Answer : C

To identify and monitor the specific forms used by the city and block the employees from downloading completed forms, you need to use document fingerprinting. Document fingerprinting is a feature that allows you to create a unique signature for a document based on its content and structure.You can then use this signature to match other documents that are similar or identical to the original document3.You can create a document fingerprinting profile in Netskope by uploading a sample document or selecting one from your cloud services4.You can then use this profile in your data protection policies to apply actions such as block, alert, or quarantine to the documents that match the fingerprint5. Therefore, option C is correct and the other options are incorrect.Reference:Document Fingerprinting - Netskope Knowledge Portal,Create a Document Fingerprinting Profile - Netskope Knowledge Portal,Add a Policy for Data Protection - Netskope Knowledge Portal

Question 4

Which statement describes how Netskope's REST API, v1 and v2, handles authentication?

ABoth REST API v1 and v2 require the use of tokens to make calls to the API

BNeither REST API v1 nor v2 require the use of tokens.

CREST API v2 requires the use of a token to make calls to the API. while API vl does not.

DREST API v1 requires the use of a token to make calls to the API. while API v2 does not.

Answer : A

The statement that describes how Netskope's REST API, v1 and v2, handles authentication is A. Both REST API v1 and v2 require the use of tokens to make calls to the API. A token is a unique string that identifies the user or application that is making the API request.The token must be included in the HTTP header of every API call as an authorization parameter1.The token can be generated from the Netskope UI or from the Netskope Platform API2.The token can also be revoked or refreshed as needed3. Therefore, option A is correct and the other options are incorrect.Reference:REST API v1 Overview - Netskope Knowledge Portal,Netskope Platform API Endpoints for REST API v1 - Netskope Knowledge Portal,REST API v2 Overview - Netskope Knowledge Portal

Question 5

Your organization has three main locations with 30.000 hosts in each location. You are planning to deploy Netskope using iPsec tunnels for security.

What are two considerations to make a successful connection in this scenario? (Choose two.)

Abrowsers in use

Boperating systems

Credundant POPs

Dnumber of hosts

Answer : C, D

To deploy Netskope using IPSec tunnels for security in this scenario, two considerations to make a successful connection are C. redundant POPs and D. number of hosts. Redundant POPs are Points of Presence that are geographically distributed data centers that host the Netskope cloud platform. You need to consider redundant POPs to ensure high availability and resiliency of your IPSec tunnels in case of a failure or outage in one of the POPs.You can configure multiple IPSec tunnels from your network to different POPs and use dynamic routing protocols such as BGP to load balance and failover the traffic1. Number of hosts is the number of devices or endpoints that will use the IPSec tunnels to access the cloud services. You need to consider the number of hosts to estimate the bandwidth and throughput requirements of your IPSec tunnels and choose the appropriate POPs that can handle the traffic volume.You can use the Netskope Bandwidth Calculator tool to estimate the bandwidth and throughput based on the number of hosts, locations, and cloud services2. Therefore, options C and D are correct and the other options are incorrect.Reference:IPSec - Netskope Knowledge Portal,Netskope Bandwidth Calculator

Question 6

Recently your company implemented Zoom for collaboration purposes and you are attempting to inspect the traffic with Netskope. Your initial attempt reveals that you are not seeing traffic from the Zoom client that is used by all users. You must ensure that this traffic is visible to Netskope.

In this scenario, which two steps must be completed to satisfy this requirement? (Choose two.)

ACreate a steering exception for Zoom to ensure traffic is reaching Netskope.

BCreate a Do Not Decrypt SSL policy for the Zoom application suite.

CRemove the Zoom certificate-pinned application from the default steering configuration.

DRemove the default steering exception for the Web Conferencing Category.

Answer : C, D

To ensure that the traffic from the Zoom client is visible to Netskope, you need to remove the Zoom certificate-pinned application from the default steering configuration and remove the default steering exception for the Web Conferencing Category. A certificate-pinned application is an application that validates the server certificates against the hardcoded ones in the application. This is a security technique used to prevent man-in-the-middle attacks and secure access to the application.By default, Netskope bypasses the traffic from certificate-pinned applications and does not decrypt or inspect it3.Zoom is one of the predefined certificate-pinned applications that Netskope supports4.To enable Netskope to inspect the traffic from Zoom, you need to remove it from the steering configuration that applies to your users5. Additionally, you need to remove the default steering exception for the Web Conferencing Category, which includes Zoom and other similar applications.A steering exception is a rule that specifies the traffic that you want to bypass Netskope and go directly to the destination6. By removing this exception, you allow Netskope to steer and analyze the traffic from web conferencing applications. Therefore, options C and D are correct and the other options are incorrect.Reference:Certificate Pinned Applications - Netskope Knowledge Portal,Certificate Pinned App (CPA) - The Netskope Community,Steering Configuration - Netskope Knowledge Portal,Steering Exceptions - Netskope Knowledge Portal

Question 7

Review the exhibit.

You want to discover new cloud applications in use within an organization.

Referring to the exhibit, which three methods would accomplish this task? (Choose three.)

ASet up API-enabled Protection instances for SaaS applications.

BDeploy an On-Premises Log Parser (OPLP).

CUse forward proxy steering methods to direct cloud traffic to Netskope

DView 'All Apps' within the Cloud Confidence Index (CCI) In the Netskope Ul.

EUpload firewall or proxy logs directly into the Netskope platform.

Answer : B, C, E

To discover new cloud applications in use within an organization, three methods that would accomplish this task are B. Deploy an On-Premises Log Parser (OPLP), C. Use forward proxy steering methods to direct cloud traffic to Netskope, and E. Upload firewall or proxy logs directly into the Netskope platform. An On-Premises Log Parser (OPLP) is a software component that allows you to parse logs from your on-premises firewall or proxy devices and send them to the Netskope cloud for analysis and reporting.You can deploy an OPLP on a Linux server in your network and configure it to connect to your log sources and upload logs periodically or in real time3. A forward proxy steering method is a way of directing your web traffic from your users' devices or browsers to the Netskope cloud for inspection and policy enforcement.You can use forward proxy steering methods such as PAC file, VPN, or inline proxy to steer traffic to Netskope and discover new cloud applications in use4. Uploading firewall or proxy logs directly into the Netskope platform is a way of manually sending logs from your log sources to the Netskope cloud for analysis and reporting.You can upload firewall or proxy logs directly into the Netskope platform by going to SkopeIT > Settings > Log Upload > New Log Upload and selecting the log source type, file format, log file, and time zone5. Therefore, options B, C, and E are correct and the other options are incorrect.Reference:On-Premises Log Parser - Netskope Knowledge Portal,Traffic Steering - Netskope Knowledge Portal,Upload Firewall or Proxy Logs Directly into the Platform - Netskope Knowledge Portal

Netskope Certified Cloud Security Integrator NSK200 NCCSI Exam Practice Test