Netskope NCCSA NSK100リアル試験問題と無料最新回答2024年08月30日 [Q23-Q48]

Share

Netskope NCCSA NSK100リアル試験問題と無料最新回答2024年08月30日

NSK100究極な学習ガイド


Netskope NSK100 認定試験の出題範囲:

トピック出題範囲
トピック 1
  • Netskope プラットフォームの概念の基本
  • Netskope プラットフォームのトラブルシューティング
トピック 2
  • クラウド サービス モデルの共通概念
  • サービス リクエストに使用されるログ ファイルの収集
トピック 3
  • Web セキュリティの概念
  • 基本的な管理タスク
トピック 4
  • Netskope プラットフォーム管理
  • クラウド セキュリティ リスク管理
  • 軽減
トピック 5
  • クラウド セキュリティの概念
  • TLS 復号化関連の問題
トピック 6
  • ポリシー関連の構成ミス
  • 機能とアーキテクチャ上の利点
トピック 7
  • Cloud Confidence Index (CCI)
  • 共通の業界コンプライアンス標準を使用したクラウド リスクの特定
トピック 8
  • トラフィックステアリングの概念
  • 基本構成要素

 

質問 # 23
What are two fundamental differences between the inline and API implementation of the Netskope platform?
(Choose two.)

  • A. The inline implementation can effectively block a transaction in both sanctioned and unsanctioned applications.
  • B. The API implementation can be used with both sanctioned and unsanctioned applications.
  • C. The API implementation can only be used with sanctioned applications.
  • D. The inline implementation can only effectively block a transaction in sanctioned applications.

正解:A、C

解説:
Explanation
The inline and API implementation of the Netskope platform are two different ways of connecting cloud applications to Netskope for inspection and policy enforcement. Two fundamental differences between them are: The API implementation can only be used with sanctioned applications, which are applications that are approved and authorized by the organization for business use. The API implementation relies on using out-of-band API connections to access data and events from these applications and apply near real-time policies. The inline implementation can effectively block a transaction in both sanctioned and unsanctioned applications, which are applications that are not approved or authorized by the organization for business use.
The inline implementation relies on using in-band proxy or reverse-proxy connections to intercept traffic to and from these applications and apply real-time policies. The API implementation can be used with both sanctioned and unsanctioned applications and the inline implementation can only effectively block a transaction in sanctioned applications are not true statements, as they contradict the actual capabilities and limitations of each implementation method. References: [Netskope SaaS API-enabled Protection], [Netskope Inline CASB].


質問 # 24
You are working with traffic from applications with pinned certificates. In this scenario, which statement is correct?

  • A. An exception should be added to the steering configuration.
  • B. The domains used by applications with pinned certificates should be allowed in an inline policy.
  • C. The domains used by certificate-pinned applications should be added to the authentication bypass list.
  • D. Traffic with pinned certificates should be blocked.

正解:A

解説:
Explanation
When working with traffic from applications with pinned certificates, you should add an exception to the steering configuration to bypass them. Pinned certificates are a security technique that prevents man-in-the-middle attacks by validating the server certificates against a hardcoded list of certificates in the application. If you try to intercept or inspect the traffic from such applications, they will reject the connection or display an error message. Therefore, you should add the domains used by certificate-pinned applications as exceptions in your steering configuration, so that they are not steered to Netskope for analysis and enforcement. References: Certificate Pinned ApplicationsCreating a Steering Configuration


質問 # 25
There is a DLP violation on a file in your sanctioned Google Drive instance. The file is in a deleted state. You need to locate information pertaining to this DLP violation using Netskope. In this scenario, which statement is correct?

  • A. You must create a forensic profile so that an incident is created.
  • B. DLP incidents for a file are not visible when the file is deleted.
  • C. You can find DLP violations under Forensic profiles.
  • D. You can find DLP violations under the Incidents dashboard.

正解:D

解説:
Explanation
To locate information pertaining to a DLP violation on a file in your sanctioned Google Drive instance, you can use the Incidents dashboard in Netskope. The Incidents dashboard provides a comprehensive view of all the incidents that have occurred in your cloud environment, such as DLP violations, malware infections, anomalous activities, etc. You can filter the incidents by various criteria, such as app name, incident type, severity, user name, etc. You can also drill down into each incident to see more details, such as file name, file path, file owner, file size, file type, etc. The Incidents dashboard can show DLP violations for files that are in a deleted state, as long as they are still recoverable from the trash bin of the app. If the file is permanently deleted from the app, then the incident will not be visible in the dashboard. References: Netskope Incidents Dashboard


質問 # 26
Which two statements are correct about DLP Incidents in the Netskope platform? (Choose two.)

  • A. An incident can have one or more DLP violations.
  • B. An incident can be associated to one or more DLP policies.
  • C. An incident can be assigned to one or more administrators.
  • D. An incident can be associated to one or more DLP rules.

正解:A、D

解説:
Explanation
Two statements that are correct about DLP Incidents in the Netskope platform are: An incident can have one or more DLP violations and an incident can be associated to one or more DLP rules. A DLP violation occurs when a file or object matches a DLP rule used in a DLP profile. A DLP rule defines the criteria for detecting sensitive data, such as keywords, regular expressions, fingerprints, machine learning classifiers, etc. A DLP profile is a collection of DLP rules that can be applied to a policy. An incident is a record of a file or object that triggered a DLP policy violation. An incident can have multiple violations if the file or object matches multiple DLP rules from different profiles. An incident can also be associated to multiple DLP rules if the file or object matches more than one rule from the same profile. References: About DLPDLP Profiles


質問 # 27
You need to block all users from uploading data files into risky collaboration applications. Which element must you configure within Netskope's CASB to accomplish this task?

  • A. real-time policy
  • B. DLP Rule
  • C. block notification
  • D. DLP Profile

正解:A

解説:
Explanation
A real-time policy is a type of policy in Netskope's CASB that allows you to control the actions that users can perform on cloud applications in real time. You can use a real-time policy to block all users from uploading data files into risky collaboration applications by specifying the following elements: the application category (such as Collaboration), the activity (such as Upload), the file type (such as Data), the risk level (such as High or Very High), and the action (such as Block). A DLP rule, a DLP profile, and a block notification are not sufficient to accomplish this task, as they are either sub-components or outcomes of a real-time policy. References: Netskope Security Cloud Operation & Administration (NSCO&A) - Classroom Course, Module 5: Real-Time Policies, Lesson 1: Real-Time Policy Overview and Lesson 2: Real-Time Policy Configuration.


質問 # 28
You need to create a service request ticket for a client-related issue using the Netskope client Ul. In this scenario, you generate the client logs by right-clicking on the system tray icon and choosing

  • A. Save logs
  • B. Troubleshoot
  • C. Help
  • D. Configuration

正解:B

解説:
Explanation
To create a service request ticket for a client-related issue using the Netskope client UI, you need to generate the client logs by right-clicking on the system tray icon and choosing Troubleshoot. This will open a window where you can select the option to Save Logs, which will create a zip file containing the client logs. You can then attach this file to your service request ticket and provide any relevant details about the issue. Choosing Save logs, Configuration, or Help will not generate the client logs, as they perform different functions, such as saving the current configuration, opening the settings menu, or opening the help page. References: [Netskope Client Troubleshooting].


質問 # 29
You want to deploy Netskope's zero trust network access (ZTNA) solution, NPA. In this scenario, which action would you perform to accomplish this task?

  • A. Enable Steer all Private Apps in your existing steering configuration(s) from the admin console.
  • B. Configure SCIM to exchange identity information and attributes with your applications.
  • C. Set up a reverse proxy using SAML and an identity provider.
  • D. Create an OAuth identity access control between your users and your applications.

正解:A

解説:
Explanation
To deploy Netskope's zero trust network access (ZTNA) solution, NPA, you need to enable Steer all Private Apps in your existing steering configuration(s) from the admin console. This will allow you to create private app profiles and assign them to your applications. NPA will then provide secure and granular access to your applications without exposing them to the internet or requiring VPNs. References: [Netskope Private Access (NPA) Deployment Guide]


質問 # 30
Which two traffic steering configurations are supported by Netskope? (Choose two.)

  • A. browser isolation traffic only
  • B. cloud applications only
  • C. Web traffic only
  • D. all Web traffic including cloud applications

正解:B、D

解説:
Explanation
The two traffic steering configurations that are supported by Netskope are cloud applications only and all Web traffic including cloud applications. These configurations allow you to control what kind of traffic gets steered to Netskope for real-time deep analysis and what kind of traffic gets bypassed. You can choose one of these options for both on-premises and off-premises scenarios, depending on your network environment and security needs. You can also create exceptions for specific domains, IP addresses, or certificate-pinned applications that you want to bypass or steer regardless of the configuration option. References: Steering ConfigurationCreating a Steering Configuration


質問 # 31
How do you provision users to your customer's Netskope tenant? (Choose two.)

  • A. Use Microsoft Intune.
  • B. Use the AD Connector.
  • C. Use the Directory Importer.
  • D. Use SCIM.

正解:B、C

解説:
Explanation
To provision users to your customer's Netskope tenant, two methods that you can use are: use the AD Connector and use SCIM. The AD Connector is a tool that allows you to synchronize users and groups from your Active Directory (AD) domain to your Netskope tenant. The AD Connector runs as a Windows service on a machine that has access to your AD domain controller. The AD Connector periodically queries your AD domain for any changes in users and groups and updates them in your Netskope tenant accordingly. The AD Connector also supports filtering users and groups based on attributes or organizational units (OUs). SCIM stands for System for Cross-domain Identity Management, which is a standard protocol for managing user identities across different applications and services. SCIM allows you to provision users and groups from your identity provider (IdP), such as Azure AD or Okta, to your Netskope tenant using APIs. SCIM also supports creating, updating, deleting, and searching users and groups in your Netskope tenant based on your IdP's configuration. References: Netskope AD ConnectorUser Provisioning with Azure AD


質問 # 32
You consume application infrastructure (middleware) capabilities by a third-party provider. What is the cloud service model that you are using in this scenario?

  • A. DaaS
  • B. MaaS
  • C. SaaS
  • D. PaaS

正解:D

解説:
Explanation
If you consume application infrastructure (middleware) capabilities by a third-party provider, then the cloud service model that you are using in this scenario is PaaS, which stands for Platform as a Service. PaaS is a cloud service model that provides customers with a platform to develop, run, and manage applications without having to deal with the underlying infrastructure or software. PaaS typically includes middleware capabilities such as databases, web servers, development tools, integration services, etc., that customers can use to build and deploy their applications faster and easier. MaaS, DaaS, and SaaS are not cloud service models that match this scenario, as they stand for different types of services. MaaS stands for Monitoring as a Service, which is a service that provides customers with tools to monitor and manage their cloud resources and performance.
DaaS stands for Desktop as a Service, which is a service that provides customers with virtual desktops that they can access from any device or location. SaaS stands for Software as a Service, which is a service that provides customers with software applications that they can use over the internet without installing or maintaining them. References: [PaaS], [MaaS], [DaaS], [SaaS].


質問 # 33
Which two cloud security and infrastructure enablement technologies does Secure Access Service Edge (SASE) combine into its unified platform? (Choose two.)

  • A. Zero Trust Network Access (ZTNA)
  • B. Unified Threat Management (UTM)
  • C. Distributed Denial of Service Protection (DDoS)
  • D. Cloud Access Security Broker (CASB)

正解:A、D

解説:
Explanation
Secure Access Service Edge (SASE) is a cloud-based architecture that combines various cloud security and infrastructure enablement technologies into a unified platform that delivers security and networking services from the edge of the network. Two of these technologies are Zero Trust Network Access (ZTNA) and Cloud Access Security Broker (CASB). ZTNA is a technology that provides secure access to private applications without exposing them to the internet or using VPNs. It uses identity-based policies and encryption to grant granular access to authorized users and devices, regardless of their location or network. CASB is a technology that provides visibility and control over cloud applications (SaaS) used by users and devices. It uses API connections or inline proxies to inspect and enforce policies on data and activities in cloud applications, such as data loss prevention, threat protection, or compliance. Distributed Denial of Service Protection (DDoS) and Unified Threat Management (UTM) are not technologies that SASE combines into its unified platform, although they may be related or integrated with some of its components. References: [SASE], [ZTNA],
[CASB].


質問 # 34
A customer wants to detect misconfigurations in their AWS cloud instances.
In this scenario, which Netskope feature would you recommend to the customer?

  • A. Netskope Cloud Security Posture Management (CSPM)
  • B. Netskope Secure Web Gateway (SWG)
  • C. Netskope Advanced DLP and Threat Protection
  • D. Netskope SaaS Security Posture Management (SSPM)

正解:A

解説:
Explanation
If a customer wants to detect misconfigurations in their AWS cloud instances, the Netskope feature that I would recommend to them is Netskope Cloud Security Posture Management (CSPM). Netskope CSPM is a service that provides continuous assessment and remediation of public cloud deployments for risks, threats, and compliance issues. Netskope CSPM leverages the APIs available from AWS and other cloud service providers to scan the cloud infrastructure for misconfigurations, such as insecure permissions, open ports, unencrypted data, etc. Netskope CSPM also provides security posture policies, profiles, and rules that can be customized to match the customer's security standards and best practices. Netskope CSPM can also alert, report, or remediate the misconfigurations automatically or manually. References: Netskope CSPMCloud Security Posture Management


質問 # 35
What are two CASB inline interception use cases? (Choose two.)

  • A. scanning Dropbox for credit card information
  • B. using the Netskope steering client to provide user alerts when sensitive information is posted in Slack
  • C. blocking file uploads to a personal Box account
  • D. running a retroactive scan for data at rest in Google Drive

正解:B、C

解説:
Explanation
CASB inline interception use cases are scenarios where you need to apply real-time policies and actions on the traffic between users and cloud applications. For example, you may want to block file uploads to a personal Box account to prevent data leakage or exfiltration. You can use Netskope's inline proxy mode to intercept and inspect the traffic between users and Box, and apply granular policies based on user identity, device type, app instance, file metadata, etc. You can also use Netskope's inline proxy mode to provide user alerts when sensitive information is posted in Slack. For example, you may want to warn users when they share credit card numbers or social security numbers in Slack channels or messages. You can use Netskope's steering client to redirect the traffic between users and Slack to Netskope's inline proxy for inspection and enforcement. You can also use Netskope's DLP engine to detect sensitive data patterns and apply actions such as alerting or blocking. References: Netskope Inline Proxy ModeNetskope Steering Client [Netskope DLP Engine]


質問 # 36
According to Netskope. what are two preferred methods to report a URL miscategorization? (Choose two.)

  • A. Use the URL Lookup page in the dashboard.
  • B. Use www.netskope.com/url-lookup.
  • C. Email [email protected].
  • D. Tag Netskope on Twitter.

正解:A、B

解説:
Explanation
According to Netskope, two preferred methods to report a URL miscategorization are: use www.netskope.com/url-lookup and use the URL Lookup page in the dashboard. The first method allows you to visit www.netskope.com/url-lookup in your browser and enter any URL that you want to check or report for miscategorization. You will see the current category assigned by Netskope for that URL and you can submit a request to change it if you think it is incorrect. The second method allows you to use the URL Lookup page in the dashboard of your Netskope platform tenant and enter any URL that you want to check or report for miscategorization. You will see the current category assigned by Netskope for that URL and you can submit a request to change it if you think it is incorrect. Emailing [email protected] or tagging Netskope on Twitter are not preferred methods to report a URL miscategorization, as they are not designed for this purpose and may not be as efficient or effective as using the dedicated tools provided by Netskope. References: [Netskope URL Lookup], Netskope Security Cloud Operation & Administration (NSCO&A) - Classroom Course, Module 8: Skope IT, Lesson 2: Page Events.


質問 # 37
What are two reasons why legacy solutions, such as on-premises firewalls and proxies, fail to secure the data and data access compared to Netskope Secure Web Gateway? (Choose two.)

  • A. The users accessing this data are not in one central place.
  • B. Legacy solutions do not meet compliance standards.
  • C. Legacy solutions are unable to see the user who is trying to access the application.
  • D. The applications where the data resides are no longer in one central location.

正解:A、D

解説:
Explanation
Legacy solutions, such as on-premises firewalls and proxies, fail to secure the data and data access compared to Netskope Secure Web Gateway because they are designed for a perimeter-based security model, where the applications and the users are both within the corporate network. However, with the rise of cloud computing and remote work, this model is no longer valid. The applications where the data resides are no longer in one central location, but distributed across multiple cloud services and regions. The users accessing this data are not in one central place, but working from anywhere, on any device. Legacy solutions cannot provide adequate visibility and control over this dynamic and complex environment, resulting in security gaps and performance issues. Netskope Secure Web Gateway, on the other hand, leverages a cloud-native architecture that provides high-performance and scalable inspection of traffic from any location and device, as well as granular policies and advanced threat and data protection for web and cloud applications. References: Netskope Architecture OverviewNetskope Next Gen SWG


質問 # 38
A customer wants to detect misconfigurations in their AWS cloud instances.
In this scenario, which Netskope feature would you recommend to the customer?

  • A. Netskope Cloud Security Posture Management (CSPM)
  • B. Netskope Secure Web Gateway (SWG)
  • C. Netskope Advanced DLP and Threat Protection
  • D. Netskope SaaS Security Posture Management (SSPM)

正解:A

解説:
Explanation
If a customer wants to detect misconfigurations in their AWS cloud instances, the Netskope feature that I would recommend to them is Netskope Cloud Security Posture Management (CSPM). Netskope CSPM is a service that provides continuous assessment and remediation of public cloud deployments for risks, threats, and compliance issues. Netskope CSPM leverages the APIs available from AWS and other cloud service providers to scan the cloud infrastructure for misconfigurations, such as insecure permissions, open ports, unencrypted data, etc. Netskope CSPM also provides security posture policies, profiles, and rules that can be customized to match the customer's security standards and best practices. Netskope CSPM can also alert, report, or remediate the misconfigurations automatically or manually. References: Netskope CSPMCloud Security Posture Management


質問 # 39
In which scenario would you use a SAML reverse proxy?

  • A. When the API-enabled protection exceeds the Cloud App API usage limits and cannot be used anymore.
  • B. When the organization wants to perform inline inspection of cloud application traffic for roaming users that do not have the Netskope agent installed.
  • C. When PAC files or explicit proxies can be used to steer traffic to the Netskope platform.
  • D. When there are multiple SAML IdPs in use and the SAML reverse proxy can help federate them all together.

正解:D

解説:
Explanation
A SAML reverse proxy is a service that acts as an intermediary between a SAML service provider (SP) and one or more SAML identity providers (IdPs). It can perform various functions, such as authentication, authorization, load balancing, caching, etc. One scenario where you would use a SAML reverse proxy is when there are multiple SAML IdPs in use and the SAML reverse proxy can help federate them all together. For example, suppose you have an internal application that needs to authenticate users from different domains or organizations, each with their own SAML IdP. Instead of configuring the application to trust each IdP separately, you can use a SAML reverse proxy to act as a single SP for the application and a single IdP for the users. The SAML reverse proxy can then redirect the users to their respective IdPs for authentication and relay the SAML assertions back to the application. This way, you can simplify the integration and management of multiple SAML IdPs and provide a seamless user experience. References: SAML Reverse ProxyWhat is application proxy & SAML SSO?


質問 # 40
A company is attempting to steer traffic to Netskope using GRE tunnels. They notice that after the initial configuration, users cannot access external websites from their browsers.
What are three probable causes for this issue? (Choose three.)

  • A. The route map was applied to the wrong router interface.
  • B. The configured GRE peer in the Netskope platform is incorrect.
  • C. The pre-shared key for the GRE tunnel is incorrect.
  • D. Netskope does not support GRE tunnels.
  • E. The corporate firewall might be blocking GRE traffic.

正解:A、B、E

解説:
Explanation
In this scenario, there are three probable causes for the issue of users not being able to access external websites from their browsers after attempting to steer traffic to Netskope using GRE tunnels. One cause is that the configured GRE peer in the Netskope platform is incorrect, which means that the Netskope POP that is supposed to receive the GRE traffic from the customer's network is not matching the IP address of the customer's router that is sending the GRE traffic. This will result in a failure to establish a GRE tunnel between the customer and Netskope. Another cause is that the corporate firewall might be blocking GRE traffic, which means that the firewall rules are not allowing the GRE protocol (IP protocol number 47) or the UDP port 4789 (for VXLAN encapsulation) to pass through. This will result in a failure to send or receive GRE packets between the customer and Netskope. A third cause is that the route map was applied to the wrong router interface, which means that the configuration that specifies which traffic should be steered to Netskope using GRE tunnels was not applied to the correct interface on the customer's router. This will result in a failure to steer the desired traffic to Netskope. The pre-shared key for the GRE tunnel is incorrect is not a probable cause for this issue, as GRE tunnelsdo not use pre-shared keys for authentication or encryption.
Netskope does support GRE tunnels, so this is not a cause for this issue either. References: [Netskope Secure Forwarder], Netskope Security Cloud Operation & Administration (NSCO&A) - Classroom Course, Module
3: Steering Configuration, Lesson 3: Secure Forwarder.


質問 # 41
What are two pillars of CASB? (Choose two.)

  • A. visibility
  • B. compliance
  • C. cloud native
  • D. SASE

正解:A、B

解説:
Explanation
Two pillars of CASB are visibility and compliance. CASB stands for Cloud Access Security Broker, which is a solution that provides visibility and control over cloud services and web traffic, as well as data and threat protection for cloud users and devices. Visibility is thecapability to identify all cloud services in use and assess their risk factors, such as security, auditability, business continuity, etc. Compliance is the capability to ensure that cloud services and data meet the regulatory standards and policies of the organization or industry, such as GDPR, HIPAA, PCI DSS, etc. References: What Is a Cloud Access Security Broker (CASB)? | MicrosoftCASB Guide: What are the 4 Pillars of CASB? - Security Service Edge


質問 # 42
You need to provide a quick view under the Skope IT Applications page showing only risky shadow IT cloud applications being used.
In this scenario, which two filter combinations would you use to accomplish this task? (Choose two.)

  • A. CCL = High. Under Research
  • B. CCL = Medium. Low, Poor
  • C. User Device Type = Windows Device
  • D. Sanctioned = No

正解:B、D

解説:
Explanation
To provide a quick view under the Skope IT Applications page showing only risky shadow IT cloud applications being used, you can use two filter combinations: Sanctioned = No and CCL = Medium, Low, Poor. The Sanctioned filter allows you to select whether you want to see only sanctioned or unsanctioned apps in your organization. Sanctioned apps are those that are approved and managed by your IT department, while unsanctioned apps are those that are used without authorization or oversight by your employees. Shadow IT refers to the use ofunsanctioned apps that may pose security or compliance risks for your organization. The CCL filter allows you to select the Cloud Confidence Level (CCL) ratings of the apps you want to see. The CCL rating is a measure of how enterprise-ready a cloud app is based on various criteria such as security, auditability, business continuity, etc. The CCL rating ranges from Excellent to Poor, with Excellent being the most secure and compliant and Poor being the least. Risky cloud apps are those that have a low CCL rating, such as Medium, Low, or Poor. By applying these two filters, you can narrow down the list of apps to only those that are unsanctioned and have a low CCL rating, which indicates that they are risky shadow IT cloud applications being used in your organization. References: SkopeIT ApplicationsNetskope Cloud Confidence Index


質問 # 43
What are two primary advantages of Netskope's Secure Access Service Edge (SASE) architecture? (Choose two.

  • A. no on-premises hardware required for policy enforcement
  • B. Bayesian spam filtering
  • C. single management console
  • D. Endpoint Detection and Response (EDR)

正解:A、C

解説:
Explanation
Two primary advantages of Netskope's Secure Access Service Edge (SASE) architecture are: no on-premises hardware required for policy enforcement and single management console. Netskope's SASE architecture delivers network and security services as cloud-based services that can be accessed from any location and device. This eliminates the need for on-premises hardware appliances such as firewalls, proxies, VPNs, etc., that are costly to maintain and scale. Netskope's SASE architecture also provides a single management console that allows administrators to configure and monitor all the network and security services from one place. This simplifies IT operations and reduces complexity and overhead. References: Netskope SASEWhat is SASE?


質問 # 44
Your company asks you to obtain a detailed list of all events from the last 24 hours for a specific user. In this scenario, what are two methods to accomplish this task? (Choose two.)

  • A. Export the data from Skope IT Alerts.
  • B. Use the Netskope reporting engine.
  • C. Export the data from Skope IT Application Events.
  • D. Use the Netskope REST API.

正解:C、D

解説:
Explanation
In this scenario, there are two methods to obtain a detailed list of all events from the last 24 hours for a specific user. One method is to export the data from Skope IT Application Events, which is a feature in the Netskope platform that allows you to view and analyze all the activities performed by users on cloud applications. You can use filters to narrow down your search by user name, time range, application, activity, and other criteria. You can then export the data to a CSV or JSON file for further analysis or reporting.
Another method is to use the Netskope REST API, which is a programmatic interface that allows you to access and manipulate data from the Netskope platform using HTTP requests. You can use the API to query for events by user name, time range, application, activity, and other parameters. You can then retrieve the data in JSON format for further analysis or integration with other tools. Using the Netskope reporting engine or exporting the data from Skope IT Alerts are not methods to obtain a detailed list of all events from the last 24 hours for a specific user, as they are more suited for generating summary reports or alerts based on predefined criteria or thresholds, rather than granular event data. References: [Netskope Skope IT Application Events],
[Netskope REST API].


質問 # 45
Why would you want to define an App Instance?

  • A. to differentiate between an enterprise Google Drive instance vs. an enterprise Box instance
  • B. to differentiate between an enterprise Google Drive instance vs. a personal Google Drive instance
  • C. to create an API Data Protection Policy for a personal Box instance
  • D. to enable the instance_id attribute in the advanced search field when using query mode

正解:B

解説:
Explanation
An App Instance is a feature in the Netskope platform that allows you to define and identify different instances of the same cloud application based on the domain name or URL. For example, you can define an App Instance for your enterprise Google Drive instance (such as drive.google.com/a/yourcompany.com) and another App Instance for your personal Google Drive instance (such as drive.google.com). This way, you can differentiate between them and apply different policies and actions based on the App Instance. You would want to define an App Instance to achieve this level of granularity and control over your cloud application activities. Creating an API Data Protection Policy for a personal Box instance, enabling the instance_id attribute in the advanced search field, or differentiating between an enterprise Google Drive instance vs. an enterprise Box instance are not valid reasons to define an AppInstance, as they are either unrelated or irrelevant to the App Instance feature. References: Netskope Security Cloud Operation & Administration (NSCO&A) - Classroom Course, Module 5: Real-Time Policies, Lesson 4: App Instances.


質問 # 46
Which two functions are available for both inline and API protection? (Choose two.)

  • A. DLP
  • B. threat protection
  • C. Cloud Security Posture Management (CSPM)
  • D. multi-factor authentication

正解:A、B

解説:
Explanation
Netskope provides both inline and API protection for cloud applications and web traffic. Inline protection refers to the real-time inspection and enforcement of policies on the traffic between users and cloud applications, using Netskope's inline proxy mode. API protection refers to the retrospective inspection and enforcement of policies on the data that is already stored in cloud applications, using Netskope's API connectors. Two functions that are available for both inline and API protection are threat protection and DLP.
Threat protection is the capability to detect and block malware, ransomware, phishing, and other cyber threats that may compromise cloud data or users. DLP is the capability to detect and protect sensitive data, such as personal information, intellectual property, or regulated data, that may be exposed or leaked through cloud applications. References: Netskope Inline Proxy ModeNetskope API ProtectionNetskope Threat ProtectionNetskope DLP Engine


質問 # 47
You want to take into account some recent adjustments to CCI scoring that were made in your Netskope tenant.
In this scenario, which two CCI aspects in the Ul would be used in a real-time protection policy? (Choose two.)

  • A. GDPR Readiness
  • B. App Score
  • C. App Tag
  • D. CCL

正解:B、C

解説:
Explanation
To take into account some recent adjustments to CCI scoring that were made in your Netskope tenant, you can use the App Tag and App Score aspects in the UI to create a real-time protection policy. The App Tag is a label that indicates the level of enterprise readiness of a cloud app based on its CCI score. The App Score is a numerical value that represents the CCI score of a cloud app based on various criteria such as security, auditability, and business continuity. You can use these aspects to filter cloud apps by their CCI ratings and apply policies accordingly. For example, you can create a policy that blocks access to cloud apps with an App Tag of Poor or an App Score below 50. References: Netskope Cloud Confidence IndexCreating Real-Time Policies for Cloud Applications


質問 # 48
......

究極なガイド準備NSK100認定試験Netskope NCCSA:https://jp.fast2test.com/NSK100-premium-file.html


弊社を連絡する

我々は12時間以内ですべてのお問い合わせを答えます。

我々の働いている時間: ( GMT 0:00-15:00 )
月曜日から土曜日まで

サポート: 現在連絡 

English Deutsch 繁体中文 한국어