• ホーム
  • ブログ
  • PDF問題(2023年最新)実際のNetskope NSK100試験問題 [Q22-Q46]

PDF問題(2023年最新)実際のNetskope NSK100試験問題 [Q22-Q46]

Share

PDF問題(2023年最新)実際のNetskope NSK100試験問題

問題集返金保証付きのNSK100問題集には90%オフされます

質問 # 22
Which two cloud security and infrastructure enablement technologies does Secure Access Service Edge (SASE) combine into its unified platform? (Choose two.)

  • A. Unified Threat Management (UTM)
  • B. Distributed Denial of Service Protection (DDoS)
  • C. Cloud Access Security Broker (CASB)
  • D. Zero Trust Network Access (ZTNA)

正解:C、D

解説:
Explanation
Secure Access Service Edge (SASE) is a cloud-based architecture that combines various cloud security and infrastructure enablement technologies into a unified platform that delivers security and networking services from the edge of the network. Two of these technologies are Zero Trust Network Access (ZTNA) and Cloud Access Security Broker (CASB). ZTNA is a technology that provides secure access to private applications without exposing them to the internet or using VPNs. It uses identity-based policies and encryption to grant granular access to authorized users and devices, regardless of their location or network. CASB is a technology that provides visibility and control over cloud applications (SaaS) used by users and devices. It uses API connections or inline proxies to inspect and enforce policies on data and activities in cloud applications, such as data loss prevention, threat protection, or compliance. Distributed Denial of Service Protection (DDoS) and Unified Threat Management (UTM) are not technologies that SASE combines into its unified platform, although they may be related or integrated with some of its components. References: [SASE], [ZTNA],
[CASB].


質問 # 23
When using an out-of-band API connection with your sanctioned cloud service, what are two capabilities available to the administrator? (Choose two.)

  • A. to find sensitive content
  • B. to block uploads
  • C. to quarantine malware
  • D. to allow real-time access

正解:A、C

解説:
Explanation
When using an out-of-band API connection with your sanctioned cloud service, two capabilities available to the administrator are: to quarantine malware and to find sensitive content. An out-of-band API connection is a method of integrating Netskope with your cloud service provider using the APIs exposed by the cloud service.
This allows Netskope to access the data that is already stored in the cloud service and perform retrospective inspection and enforcement ofpolicies. One capability that the administrator can use with an out-of-band API connection is to quarantine malware. This means that Netskope can scan the files in the cloud service for malware, ransomware, phishing, and other threats, and move them to a quarantine folder or delete them if they are found to be malicious. Another capability that the administrator can use with an out-of-band API connection is to find sensitive content. This means that Netskope can scan the files in the cloud service for sensitive data, such as personal information, intellectual property, or regulated data, and apply data loss prevention (DLP) policies to protect them. For example, Netskope can encrypt, redact, or watermark the files that contain sensitive content, or notify the administrator or the file owner about the exposure. References: Netskope API ProtectionReal-time Control and Data Protection via Out-of-Band API


質問 # 24
You want to use an out-of-band API connection into your sanctioned Microsoft 365 OneDrive for Business application to find sensitive content, enforce near real-time policy controls, and quarantine malware.
In this scenario, which primary function in the Netskope platform would you use to connect your application to Netskope?

  • A. DLP forensics
  • B. SaaS API-enabled Protection
  • C. laaS API-enabled Protection
  • D. Risk Insights

正解:B

解説:
Explanation
SaaS API-enabled Protection is a primary function in the Netskope platform that allows customers to connect their sanctioned SaaS applications to Netskope using out-of-band API connections. This enables customers to find sensitive content, enforce near real-time policycontrols, and quarantine malware in their SaaS applications without affecting user experience or performance. If you want to use an out-of-band API connection into your sanctioned Microsoft 365 OneDrive for Business application to achieve these goals, you should use SaaS API-enabled Protection as the primary function in the Netskope platform. DLP forensics, Risk Insights, and IaaS API-enabled Protection are not primary functions in the Netskope platform that can be used to connect your application to Netskope. References: [Netskope SaaS API-enabled Protection].


質問 # 25
There is a DLP violation on a file in your sanctioned Google Drive instance. The file is in a deleted state. You need to locate information pertaining to this DLP violation using Netskope. In this scenario, which statement is correct?

  • A. You can find DLP violations under the Incidents dashboard.
  • B. You must create a forensic profile so that an incident is created.
  • C. You can find DLP violations under Forensic profiles.
  • D. DLP incidents for a file are not visible when the file is deleted.

正解:A

解説:
Explanation
To locate information pertaining to a DLP violation on a file in your sanctioned Google Drive instance, you can use the Incidents dashboard in Netskope. The Incidents dashboard provides a comprehensive view of all the incidents that have occurred in your cloud environment, such as DLP violations, malware infections, anomalous activities, etc. You can filter the incidents by various criteria, such as app name, incident type, severity, user name, etc. You can also drill down into each incident to see more details, such as file name, file path, file owner, file size, file type, etc. The Incidents dashboard can show DLP violations for files that are in a deleted state, as long as they are still recoverable from the trash bin of the app. If the file is permanently deleted from the app, then the incident will not be visible in the dashboard. References: Netskope Incidents Dashboard


質問 # 26
You are required to mitigate malicious scripts from being downloaded into your corporate devices every time a user goes to a website. Users need to access websites from a variety of categories, including new websites.
Which two actions would help you accomplish this task while allowing the user to work? (Choose two.)

  • A. Block known bad websites and enable RBI to uncategorized domains.
  • B. Allow the user to browse uncategorized domains but restrict edit activities.
  • C. Allow a limited amount of domains and block everything else.
  • D. Block malware detected on download activity for all remaining categories.

正解:A、D

解説:
Explanation
To mitigate malicious scripts from being downloaded into your corporate devices every time a user goes to a website, you need to use Netskope's threat protection features to block or isolate potentially harmful web traffic. Two actions that would help you accomplish this task while allowing the user to work are: block malware detected on download activity for all remaining categories and block known bad websites and enable RBI to uncategorized domains. The first action will prevent any files that contain malware from being downloaded to your devices from any website category, except those that are explicitly allowed or excluded by your policies. The second action will prevent any websites that are classified as malicious or phishing by Netskope from being accessed by your users and enable Remote Browser Isolation (RBI) to uncategorized domains, which are domains that have not been assigned a category by Netskope. RBI is a feature that allows users to browse websites in a virtual browser hosted in the cloud, without exposing their devices to any scripts or content from the website. Allowing the user to browse uncategorized domains but restrict edit activities or allowing a limited amount of domains and block everything else are not effective actions, as they may either limit the user's productivity or expose them to unknown risks. References: [Netskope Threat Protection],
[Netskope Remote Browser Isolation].


質問 # 27
When would an administrator need to use a tombstone file?

  • A. You use a tombstone file when a policy causes a file to be moved to legal hold.
  • B. You use a tombstone file when a policy causes a file download to be blocked.
  • C. You use a tombstone file when a policy causes a publicly shared file to be encrypted.
  • D. You use a tombstone file when the policy causes a file to be moved to quarantine.

正解:D

解説:
Explanation
A tombstone file is a placeholder file that replaces the original file when it is moved to quarantine by a Netskope policy. The tombstone file contains information about the original file, such as its name, size, type, owner, and the reason why it was quarantined. The tombstone file also provides a link to the Netskope UI where the administrator or the file owner can view more details about the incident and take appropriate actions, such as restoring or deleting the file. The purpose of using a tombstone file is to preserve the metadata and location of the original file, as well as to notify the users about the quarantine action and how to access the file if needed. References: Threat Protection - Netskope Knowledge PortalNetskope threat protection - Netskope


質問 # 28
What is a benefit that Netskope instance awareness provides?

  • A. It prevents movement of corporate sensitive data to a personal Dropbox account.
  • B. It differentiates between an IT managed Google Drive instance versus a personal Dropbox account.
  • C. It differentiates between an IT managed Google Drive instance versus a personal Google Drive instance.
  • D. It prevents the user from copying information from a corporate email and pasting the information into a GitHub repository.

正解:C

解説:
Explanation
A benefit that Netskope instance awareness provides is that it differentiates between an IT managed Google Drive instance versus a personal Google Drive instance. Instance awareness is a feature in the Netskope platform that allows you to define and identify different instances of the same cloud application based on the domain name or URL. For example, you can define an instance for your IT managed Google Drive instance (such as drive.google.com/a/yourcompany.com) and another instance for your personal Google Drive instance (such as drive.google.com). This way, you can differentiate between them and apply different policies and actions based on the instance. This can help you prevent data leakage, enforce compliance, or improve visibility for your cloud application activities. Preventing movement of corporate sensitive data to a personal Dropbox account, preventing the user from copying information from a corporate email and pasting it into a GitHub repository, or differentiating between an IT managed Google Drive instance versus an IT managed Box instance are not benefits that Netskope instance awareness provides, as they are either unrelated or irrelevant to the instance awareness feature. References: Netskope Security Cloud Operation & Administration (NSCO&A) - Classroom Course, Module 5: Real-Time Policies, Lesson 4: App Instances.


質問 # 29
You need to block all users from uploading data files into risky collaboration applications. Which element must you configure within Netskope's CASB to accomplish this task?

  • A. real-time policy
  • B. DLP Rule
  • C. DLP Profile
  • D. block notification

正解:A

解説:
Explanation
A real-time policy is a type of policy in Netskope's CASB that allows you to control the actions that users can perform on cloud applications in real time. You can use a real-time policy to block all users from uploading data files into risky collaboration applications by specifying the following elements: the application category (such as Collaboration), the activity (such as Upload), the file type (such as Data), the risk level (such as High or Very High), and the action (such as Block). A DLP rule, a DLP profile, and a block notification are not sufficient to accomplish this task, as they are either sub-components or outcomes of a real-time policy. References: Netskope Security Cloud Operation & Administration (NSCO&A) - Classroom Course, Module 5: Real-Time Policies, Lesson 1: Real-Time Policy Overview and Lesson 2: Real-Time Policy Configuration.


質問 # 30
What are two characteristics ofNetskope's Private Access Solution? (Choose two.)

  • A. It provides protection for private applications.
  • B. It acts as a cloud-based firewall.
  • C. It provides access to private applications.
  • D. It requires on-premises hardware.

正解:A、C

解説:
Explanation
Netskope's Private Access Solution is a service that allows users to securely access private applications without exposing them to the internet or using VPNs. It provides protection for private applications by encrypting the traffic, enforcing granular policies, and preventing data exfiltration. It also provides access to private applications by creating a secure tunnel between the user's device and the application's server, regardless of their location or network. It does not act as a cloud-based firewall, as it does not filter or block traffic based on ports or protocols. Itdoes not require on-premises hardware, as it is a cloud-native solution that leverages Netskope's global network of points of presence (POPs). References: [Netskope Private Access].


質問 # 31
You need to provide a quick view under the Skope IT Applications page showing only risky shadow IT cloud applications being used.
In this scenario, which two filter combinations would you use to accomplish this task? (Choose two.)

  • A. CCL = High. Under Research
  • B. User Device Type = Windows Device
  • C. CCL = Medium. Low, Poor
  • D. Sanctioned = No

正解:C、D

解説:
Explanation
To provide a quick view under the Skope IT Applications page showing only risky shadow IT cloud applications being used, you can use two filter combinations: Sanctioned = No and CCL = Medium, Low, Poor. The Sanctioned filter allows you to select whether you want to see only sanctioned or unsanctioned apps in your organization. Sanctioned apps are those that are approved and managed by your IT department, while unsanctioned apps are those that are used without authorization or oversight by your employees. Shadow IT refers to the use ofunsanctioned apps that may pose security or compliance risks for your organization. The CCL filter allows you to select the Cloud Confidence Level (CCL) ratings of the apps you want to see. The CCL rating is a measure of how enterprise-ready a cloud app is based on various criteria such as security, auditability, business continuity, etc. The CCL rating ranges from Excellent to Poor, with Excellent being the most secure and compliant and Poor being the least. Risky cloud apps are those that have a low CCL rating, such as Medium, Low, or Poor. By applying these two filters, you can narrow down the list of apps to only those that are unsanctioned and have a low CCL rating, which indicates that they are risky shadow IT cloud applications being used in your organization. References: SkopeIT ApplicationsNetskope Cloud Confidence Index


質問 # 32
How do you provision users to your customer's Netskope tenant? (Choose two.)

  • A. Use SCIM.
  • B. Use the AD Connector.
  • C. Use the Directory Importer.
  • D. Use Microsoft Intune.

正解:B、C

解説:
Explanation
To provision users to your customer's Netskope tenant, two methods that you can use are: use the AD Connector and use SCIM. The AD Connector is a tool that allows you to synchronize users and groups from your Active Directory (AD) domain to your Netskope tenant. The AD Connector runs as a Windows service on a machine that has access to your AD domain controller. The AD Connector periodically queries your AD domain for any changes in users and groups and updates them in your Netskope tenant accordingly. The AD Connector also supports filtering users and groups based on attributes or organizational units (OUs). SCIM stands for System for Cross-domain Identity Management, which is a standard protocol for managing user identities across different applications and services. SCIM allows you to provision users and groups from your identity provider (IdP), such as Azure AD or Okta, to your Netskope tenant using APIs. SCIM also supports creating, updating, deleting, and searching users and groups in your Netskope tenant based on your IdP's configuration. References: Netskope AD ConnectorUser Provisioning with Azure AD


質問 # 33
What are two fundamental differences between the inline and API implementation of the Netskope platform?
(Choose two.)

  • A. The inline implementation can effectively block a transaction in both sanctioned and unsanctioned applications.
  • B. The inline implementation can only effectively block a transaction in sanctioned applications.
  • C. The API implementation can only be used with sanctioned applications.
  • D. The API implementation can be used with both sanctioned and unsanctioned applications.

正解:A、C

解説:
Explanation
The inline and API implementation of the Netskope platform are two different ways of connecting cloud applications to Netskope for inspection and policy enforcement. Two fundamental differences between them are: The API implementation can only be used with sanctioned applications, which are applications that are approved and authorized by the organization for business use. The API implementation relies on using out-of-band API connections to access data and events from these applications and apply near real-time policies. The inline implementation can effectively block a transaction in both sanctioned and unsanctioned applications, which are applications that are not approved or authorized by the organization for business use.
The inline implementation relies on using in-band proxy or reverse-proxy connections to intercept traffic to and from these applications and apply real-time policies. The API implementation can be used with both sanctioned and unsanctioned applications and the inline implementation can only effectively block a transaction in sanctioned applications are not true statements, as they contradict the actual capabilities and limitations of each implementation method. References: [Netskope SaaS API-enabled Protection], [Netskope Inline CASB].


質問 # 34
You need to create a service request ticket for a client-related issue using the Netskope client Ul. In this scenario, you generate the client logs by right-clicking on the system tray icon and choosing

  • A. Troubleshoot
  • B. Help
  • C. Configuration
  • D. Save logs

正解:A

解説:
Explanation
To create a service request ticket for a client-related issue using the Netskope client UI, you need to generate the client logs by right-clicking on the system tray icon and choosing Troubleshoot. This will open a window where you can select the option to Save Logs, which will create a zip file containing the client logs. You can then attach this file to your service request ticket and provide any relevant details about the issue. Choosing Save logs, Configuration, or Help will not generate the client logs, as they perform different functions, such as saving the current configuration, opening the settings menu, or opening the help page. References: [Netskope Client Troubleshooting].


質問 # 35
What are two primary advantages of Netskope's Secure Access Service Edge (SASE) architecture? (Choose two.

  • A. Endpoint Detection and Response (EDR)
  • B. no on-premises hardware required for policy enforcement
  • C. Bayesian spam filtering
  • D. single management console

正解:B、D

解説:
Explanation
Two primary advantages of Netskope's Secure Access Service Edge (SASE) architecture are: no on-premises hardware required for policy enforcement and single management console. Netskope's SASE architecture delivers network and security services as cloud-based services that can be accessed from any location and device. This eliminates the need for on-premises hardware appliances such as firewalls, proxies, VPNs, etc., that are costly to maintain and scale. Netskope's SASE architecture also provides a single management console that allows administrators to configure and monitor all the network and security services from one place. This simplifies IT operations and reduces complexity and overhead. References: Netskope SASEWhat is SASE?


質問 # 36
Which three statements are correct about Netskope's NewEdge Security Cloud Network Infrastructure?
(Choose three.)

  • A. It simplifies the administrator's job by limiting access to pre-defined availability zones.
  • B. It is a private security cloud network that is massively over provisioned, highly elastic, and built for scale.
  • C. It takes advantage of the public cloud by deploying security services on Google Cloud Platform.
  • D. It includes direct peering with Microsoft and Google in every data center.
  • E. It delivers a single, unified network with no surcharges or reliance on public cloud infrastructure or virtual PoPs.

正解:B、D、E

解説:
Explanation
Netskope's NewEdge Security Cloud Network Infrastructure is a global network that powers the Netskope Security Cloud, providing real-time inline and out-of-band API-driven services for cloud and web security.
Three statements that are correct about Netskope's NewEdge Security Cloud Network Infrastructure are:
It includes direct peering with Microsoft and Google in every data center. This means that Netskope has established high-speed, low-latency connections with these major cloud service providers, ensuring optimal performance and user experience for their customers. Direct peering also reduces the risk of network congestion, packet loss, or routing issues that may affect the quality of service.
It is a private security cloud network that is massively over provisioned, highly elastic, and built for scale. This means that Netskope owns and operates its own network infrastructure, without relying on third-party providers or public cloud platforms. Netskope has invested over $150 million to build the world's largest and fastest security private cloud, with data centers in more than 65 regions and growing.
Netskope can dynamically scale its network capacity and resources to meet the growing demand and traffic volume of its customers, without compromising on security or performance.
It delivers a single, unified network with no surcharges or reliance on public cloud infrastructure or virtual PoPs. This means that Netskope provides a consistent and transparent network service to its customers, regardless of their location or device. Netskope does not charge any additional fees or hidden costs for accessing its network services, unlike some other providers that may impose surcharges based on geography or bandwidth usage. Netskope also does not use virtual points of presence (PoPs) that are hosted on public cloud platforms, which may introduce latency, complexity, or security risks.
References: Netskope NewEdgeNetskope NewEdge Data SheetNetskope SASE


質問 # 37
Which two controls are covered by Netskope's security platform? (Choose two.)

  • A. EDR
  • B. VPN
  • C. ZTNA
  • D. CASB

正解:C、D

解説:
Explanation
Netskope's security platform covers two controls: ZTNA and CASB. ZTNA stands for Zero Trust Network Access, which is a solution that provides secure and granular access to private applications without exposing them to the internet or requiring VPNs. CASB stands for Cloud Access Security Broker, which is a solution that provides visibility and control over cloud services and web traffic, as well as data and threat protection for cloud users and devices. References: Netskope PlatformNetskope ZTNANetskope CASB


質問 # 38
You have applied a DLP Profile to block all Personally Identifiable Information data uploads to Microsoft 365 OneDrive. DLP Alerts are not displayed and no OneDrive-related activities are displayed in the Skope IT App Events table.
In this scenario, what are two possible reasons for this issue? (Choose two.)

  • A. The Cloud Storage category is in the Steering Configuration as an exception.
  • B. The destination domain is excluded from decryption in the decryption policy.
  • C. A Netskope POP is not in your local country and therefore DLP policies cannot be applied.
  • D. DLP policies do not apply when using IPsec as a steering option.

正解:A、B

解説:
Explanation
If the Cloud Storage category is in the Steering Configuration as an exception, then Netskope will not steer any traffic to or from cloud storage applications, such as Microsoft 365 OneDrive, to its platform. This means that Netskope will not be able to inspect or apply any policies to this traffic, including DLP policies. Similarly, if the destination domain is excluded from decryption in the decryption policy, then Netskope will not decrypt any traffic to or from that domain, such as onedrive.com. This means that Netskope will not be able to inspect or apply any policies to this traffic, including DLP policies. The location of the Netskope POP or the use of IPsec as a steering option do not affect the application of DLP policies, as long as Netskope can steer and decrypt the relevant traffic. References: Netskope Security Cloud Operation & Administration (NSCO&A) - Classroom Course, Module 3: Steering Configuration, Lesson 1: Steering Options and Lesson 2: Exceptions; Module 4: Decryption Policy, Lesson 1: Decryption Policy Overview and Lesson 2: Decryption Policy Configuration.
https://www.bsimm.com/ : https://www.iso.org/isoiec-27001-information-security.html :
https://www.dasca.org/ : https://www.nist.gov/cyberframework


質問 # 39
What are two CASB inline interception use cases? (Choose two.)

  • A. running a retroactive scan for data at rest in Google Drive
  • B. blocking file uploads to a personal Box account
  • C. using the Netskope steering client to provide user alerts when sensitive information is posted in Slack
  • D. scanning Dropbox for credit card information

正解:B、C

解説:
Explanation
CASB inline interception use cases are scenarios where you need to apply real-time policies and actions on the traffic between users and cloud applications. For example, you may want to block file uploads to a personal Box account to prevent data leakage or exfiltration. You can use Netskope's inline proxy mode to intercept and inspect the traffic between users and Box, and apply granular policies based on user identity, device type, app instance, file metadata, etc. You can also use Netskope's inline proxy mode to provide user alerts when sensitive information is posted in Slack. For example, you may want to warn users when they share credit card numbers or social security numbers in Slack channels or messages. You can use Netskope's steering client to redirect the traffic between users and Slack to Netskope's inline proxy for inspection and enforcement. You can also use Netskope's DLP engine to detect sensitive data patterns and apply actions such as alerting or blocking. References: Netskope Inline Proxy ModeNetskope Steering Client [Netskope DLP Engine]


質問 # 40
Exhibit

Which portion of the interface shown in the exhibit allows an administrator to set severity, assign ownership, track progress, and perform forensic analysis with excerpts of violating content?

  • A. Skope IT-> Alerts
  • B. Reports -> New Report
  • C. API-enabled Protection -> Inventory
  • D. Incidents -> DLP

正解:D

解説:
Explanation
The portion of the interface shown in the exhibit that allows an administrator to set severity, assign ownership, track progress, and perform forensic analysis with excerpts of violating content is Incidents -> DLP. The Incidents dashboard provides a comprehensive view of all the incidents that have occurred in your cloud environment, such as DLP violations, malware infections, anomalous activities, etc. You can filter the incidents by various criteria, such as app name, incident type, severity, user name, etc. You can also drill down into each incident to see more details, such as file name, file path, file owner, file size, file type, etc. You can also assign an owner to an incident, change its status and severity, add notes or comments, and view the excerpts of the violating content that triggered the DLP policy. References: Netskope Incidents Dashboard


質問 # 41
A customer wants to detect misconfigurations in their AWS cloud instances.
In this scenario, which Netskope feature would you recommend to the customer?

  • A. Netskope Secure Web Gateway (SWG)
  • B. Netskope Advanced DLP and Threat Protection
  • C. Netskope SaaS Security Posture Management (SSPM)
  • D. Netskope Cloud Security Posture Management (CSPM)

正解:D

解説:
Explanation
If a customer wants to detect misconfigurations in their AWS cloud instances, the Netskope feature that I would recommend to them is Netskope Cloud Security Posture Management (CSPM). Netskope CSPM is a service that provides continuous assessment and remediation of public cloud deployments for risks, threats, and compliance issues. Netskope CSPM leverages the APIs available from AWS and other cloud service providers to scan the cloud infrastructure for misconfigurations, such as insecure permissions, open ports, unencrypted data, etc. Netskope CSPM also provides security posture policies, profiles, and rules that can be customized to match the customer's security standards and best practices. Netskope CSPM can also alert, report, or remediate the misconfigurations automatically or manually. References: Netskope CSPMCloud Security Posture Management


質問 # 42
You are deploying TLS support for real-time Web and SaaS transactions. What are two secure implementation methods in this scenario? (Choose two.)

  • A. Require TLS 1.3 for every server that accepts it.
  • B. Bypass TLS 1.3 because it is not widely adopted.
  • C. Downgrade to TLS 1.2 whenever possible.
  • D. Support TLS 1.2 only when 1.3 is not supported by the server.

正解:A、D

解説:
Explanation
If you are deploying TLS support for real-time Web and SaaS transactions, then you need to use secure implementation methods that ensure the highest level of encryption and security for yourtraffic. Two secure implementation methods in this scenario are: support TLS 1.2 only when 1.3 is not supported by the server and require TLS 1.3 for every server that accepts it. TLS stands for Transport Layer Security, which is a protocol that provides secure communication over the internet by encrypting and authenticating data exchanged between two parties. TLS 1.3 is the latest version of TLS, which offers several improvements over TLS 1.2, such as faster handshake, stronger encryption algorithms, better forward secrecy, and reduced attack surface.
Therefore, it is recommended to use TLS 1.3 whenever possible for real-time Web and SaaS transactions, as it provides better security and performance than TLS 1.2. However, some servers may not support TLS 1.3 yet, so in those cases, it is acceptable to use TLS 1.2 as a fallback option, as it is still considered secure and widely adopted. Bypassing TLS 1.3 because it is not widely adopted or downgrading to TLS 1.2 whenever possible are not secure implementation methods in this scenario, as they would compromise the security and performance of your traffic by using an older or weaker version of TLS than necessary. References: [TLS],
[TLS 1.3].


質問 # 43
In which scenario would you use a SAML reverse proxy?

  • A. When the organization wants to perform inline inspection of cloud application traffic for roaming users that do not have the Netskope agent installed.
  • B. When the API-enabled protection exceeds the Cloud App API usage limits and cannot be used anymore.
  • C. When there are multiple SAML IdPs in use and the SAML reverse proxy can help federate them all together.
  • D. When PAC files or explicit proxies can be used to steer traffic to the Netskope platform.

正解:C

解説:
Explanation
A SAML reverse proxy is a service that acts as an intermediary between a SAML service provider (SP) and one or more SAML identity providers (IdPs). It can perform various functions, such as authentication, authorization, load balancing, caching, etc. One scenario where you would use a SAML reverse proxy is when there are multiple SAML IdPs in use and the SAML reverse proxy can help federate them all together. For example, suppose you have an internal application that needs to authenticate users from different domains or organizations, each with their own SAML IdP. Instead of configuring the application to trust each IdP separately, you can use a SAML reverse proxy to act as a single SP for the application and a single IdP for the users. The SAML reverse proxy can then redirect the users to their respective IdPs for authentication and relay the SAML assertions back to the application. This way, you can simplify the integration and management of multiple SAML IdPs and provide a seamless user experience. References: SAML Reverse ProxyWhat is application proxy & SAML SSO?


質問 # 44
Which two use cases would be considered examples of Shadow IT within an organization? (Choose two.)

  • A. an unsanctioned Microsoft 365 OneDrive account being used by a corporate user to upload sensitive data
  • B. an unsanctioned Google Drive account used by a corporate user to upload non-sensitive data
  • C. a sanctioned Wetransfer being used by a corporate user to share sensitive data
  • D. a sanctioned Salesforce account used by a contractor to upload non-sensitive data

正解:A、B

解説:
Explanation
Shadow IT is the term for the unauthorized use of IT resources and functions by employees within an organization. It can include cloud services, software, and hardware that are not approved or managed by the IT department. Two use cases that would be considered examples of shadow IT within an organization are: an unsanctioned Microsoft 365 OneDrive account being used by a corporate user to upload sensitive data and an unsanctioned Google Drive account used by a corporate user to upload non-sensitive data. In both cases, the corporate user is using a personal cloud storage service that is not sanctioned by the organization to store work-related data. This can introduce security risks, such as data leakage, data loss, compliance violations, malware infections, etc. The IT department may not have visibility or control over these cloud services or the data stored in them. References: What is shadow IT? | CloudflareWhat is Shadow IT? | IBM


質問 # 45
You investigate a suspected malware incident and confirm that it was a false alarm.

  • A. In this scenario, how would you prevent the same file from triggering another incident?
  • B. Export the packet capture to a pcap file.
  • C. Add the hash to the file filter.
  • D. Quarantine the file. Look up the hash at the VirusTotal website.

正解:C

解説:
Explanation
A file filter is a list of file hashes that you can use to exclude files from inspection by Netskope. By adding the hash of the file that triggered a false alarm to the file filter, you can prevent it from being scanned again by Netskope and avoid generating another incident. Quarantining the file, exporting the packet capture, or looking up the hash at VirusTotal are not effective ways to prevent the same file from triggering another incident, as they do not affect how Netskope handles the file. References: Netskope Security Cloud Operation & Administration (NSCO&A) - Classroom Course, Module 6: Data Loss Prevention, Lesson 2: File Filters.


質問 # 46
......

更新された2023年12月合格させるNSK100試験リアル練習テスト問題:https://www.passtest.jp/Netskope/NSK100-shiken.html

あなたを合格させる試験には100%確認済みNSK100試験問題:https://drive.google.com/open?id=1zi_pXSIyD_f0mtzDFKiOCHskzaVMLy9x

関するブログ

もっと
NSK100 無料問題集