Netskope NSK200 NCCSI Exam Practice Test Instant Access

Question 1

Review the exhibit.

Given the information shown below:

- for PCI data uploads, you want to provide no notification,

- for PHI data uploads, you want to allow users to proceed by clicking OK,

- for GDPR data uploads, you want to provide block notification,

- if none of the above matches, you want to provide no notification.

You want to reduce the number of policies by combining multiple DLP profiles Into one policy.

Referring to the exhibit, which two statements are true? (Choose two.)

AYou must open a support ticket to enable the Advanced Policies feature.

BYou must check the 'set action for each profile' flag.

CYou can have only one action if you use multiple DLP profiles in the same policy.

DYou can apply a unique action to each profile In the same policy.

Answer : B, D

Question 2

You are currently migrating users away from a legacy proxy to the Netskope client in the company's corporate offices. You have deployed the client to a pilot group; however, when the client attempts to connect to Netskope, it fails to establish a tunnel.

In this scenario, what would cause this problem?

AThe legacy proxy is intercepting SSL/TLS traffic to Netskope.

BThe corporate firewall is blocking UDP port 443 to Netskope.

CThe corporate firewall is blocking the Netskope EPoT address.

DThe client cannot reach dns.google for EDNS resolution.

Answer : B

The corporate firewall blocking UDP port 443 to Netskope could cause tunnel establishment failures. Netskope clients rely on this port for secure tunneling (via DTLS), so ensuring UDP port 443 is open is essential for connectivity. Additionally, legacy proxies intercepting traffic could also disrupt the SSL/TLS traffic necessary for the Netskope tunnel.

Question 3

You are configuring GRE tunnels from a Palo Alto Networks firewall to a Netskope tenant with the Netskope for Web license enabled. Your tunnel is up as seen from the Netskope dashboard. You are unable to ping hosts behind the Netskope gateway.

Which two statements are true about this scenario? (Choose two.)

AYou need to call support to enable the GRE POP selection feature.

BNetskope only supports Web traffic through the tunnel.

CYou can only ping the probe IP provided by Netskope.

DThere is no client installed on the source hosts in your network.

Answer : B, C

Netskope's GRE tunneling supports only web traffic, which means ICMP traffic (ping) is not supported for hosts behind the Netskope gateway. You may, however, ping the probe IP provided by Netskope to test connectivity, as this IP is designated for diagnostics.

Question 4

You have created a specific Skope IT application events query and want to have the query automatically run and display the results every time you log into your tenant.

Which two statements are correct in this scenario? (Choose two.)

AAdd the Watchlist widget from the library to your home page.

BExport a custom Skope IT watchlist to a report and then schedule it to run daily.

CSave a custom Skope IT watchlist, then manage filters and share with others.

DAdd your Skope IT query to a custom watchlist.

Answer : C, D

Adding a Skope IT query to a custom watchlist allows the query to be saved and easily accessed. Saving the watchlist and managing filters also lets you customize it further and share it with others in your organization if needed.

Question 5

With Netskope DLP, which feature would be used to detect keywords such as "Confidential" or "Access key"?

ARegular Expression

BExact Match

CFingerprint Classification

DDictionary

Answer : D

The Dictionary feature in Netskope DLP is designed to detect specific keywords or phrases, such as 'Confidential' or 'Access key.' By using a pre-defined list of sensitive terms, the Dictionary feature enables policy enforcement based on the presence of these keywords in data.

Question 6

You want to provide malware protection for all cloud storage applications.

In this scenario, which action would accomplish this task?

ACreate a real-time threat protection policy with a category of Cloud Storage.

BApply a data protection profile.

CApply a CTEP profile.

DCreate an API threat protection policy with a category of Cloud Storage.

Answer : A

Creating a real-time threat protection policy specifically targeting the 'Cloud Storage' category ensures that all supported cloud storage applications are covered by malware protection. This approach allows real-time scanning and response to malware threats within cloud storage environments.

Question 7

You use Netskope to provide a default Malware Scan profile for use with your malware policies. Also, you want to create a custom malware detection profile.

In this scenario, what are two additional requirements to complete this task? (Choose two.)

AAdd a custom hash list as an allowlist.

BAdd a quarantine profile.

CAdd a remediation profile.

DAdd a custom hash list as a blocklist.

Answer : B, D

To create a custom malware detection profile, adding a quarantine profile ensures that detected threats are appropriately isolated. Additionally, a custom hash list as a blocklist allows you to block specific known malware hashes, further enhancing the customization of the malware detection profile.

Netskope NSK200 Netskope Certified Cloud Security Integrator NCCSI Exam Practice Test