NSK100問題集で2023年最新のNetskope NSK100試験問題 [Q34-Q53]

Share

NSK100問題集で2023年最新のNetskope NSK100試験問題

無料で使えるNSK100ブレーン問題集でダウンロード(NSK100テスト問題集無料更新された)

質問 # 34
What is the limitation of using a legacy proxy compared to Netskope's solution?

  • A. Legacy on-premises solutions fail to provide protection for traffic from on-premises users.
  • B. Netskope architecture requires on-premises components.
  • C. Legacy solutions offer higher performance and scalability for corporate and remote users.
  • D. To enforce policies, traffic needs to traverse back through a customer's on-premises security stack.

正解:D

解説:
Explanation
A limitation of using a legacy proxy compared to Netskope's solution is that to enforce policies, traffic needs to traverse back through a customer's on-premises security stack. This creates latency, bandwidth, and scalability issues for remote users and cloud applications. Netskope's solution, on the other hand, leverages a cloud-native architecture that provides high-performance and scalable inspection of traffic from any location and device. References: [Netskope Architecture Overview]


質問 # 35
A customer asks you to create several real-time policies. Policy A generates alerts when any user downloads, uploads, or shares files on a cloud storage application. Policy B blocks users from downloading files from any operating system (OS) other than Mac or Windows for cloud storage. In this case, policy A is least restrictive and policy B is more restrictive.
Which statement is correct in this scenario?

  • A. These two policies would actually not work together.
  • B. Policy B is implemented before policy A.
  • C. Policy A is implemented before policy B.
  • D. The policy order is not important; policies are independent of each other.

正解:B

解説:
Explanation
In this scenario, policy B is more restrictive than policy A, as it blocks users from downloading files from any OS other than Mac or Windows for cloud storage, while policy A only generates alerts when any user downloads, uploads, or shares files on a cloud storage application. Therefore, policy B should be implemented before policy A, as the policy order determines the order of evaluation and enforcement of the policies. If policy A is implemented before policy B, then policy B will never be triggered, as policy A will match all the download activities for cloud storage and generate alerts. The policy order is important; policies are not independent of each other, as they may have overlapping or conflicting conditions and actions. These two policies would actually work together, as long as they are ordered correctly. References: Netskope Security Cloud Operation & Administration (NSCO&A) - Classroom Course, Module 5: Real-Time Policies, Lesson 3:
Policy Order.


質問 # 36
You are creating a real-time policy for cloud applications.
In addition to users, groups, and organizational units, which two source criteria would support this scenario?
(Choose two.)

  • A. browser version
  • B. access method
  • C. protocol version
  • D. device classification

正解:B、D

解説:
Explanation
When creating a real-time policy for cloud applications, you can use access method and device classification as source criteria, in addition to users, groups, and organizational units. Access method refers to how the user accesses the cloud application, such as browser, sync client, mobile app, etc. Device classification refers to the type of device used by the user, such as managed or unmanaged, Windows or Mac, etc. These criteria can help you define granular policies based on different scenarios and risks. References: [Creating Real-Time Policies for Cloud Applications]


質問 # 37
What are two uses for deploying a Netskope Virtual Appliance? (Choose two.)

  • A. as an endpoint for Netskope Private Access (NPA)
  • B. as a log parser to discover in-use cloud applications
  • C. as a Secure Forwarder to steer traffic
  • D. as a local reverse-proxy to secure a SaaS application

正解:A、C

解説:
Explanation
A Netskope Virtual Appliance is a software-based appliance that can be deployed on-premises or in the cloud to provide various functions and features for the Netskope Security Cloud platform. One use for deploying a Netskope Virtual Appliance is as an endpoint for Netskope Private Access (NPA), which is a service that allows users to securely access private applications without exposing them to the internet or using VPNs.
Another use for deploying a Netskope Virtual Appliance is as a Secure Forwarder to steer traffic from on-premises devices or networks to the Netskope platform for inspection and policy enforcement. Using a Netskope Virtual Appliance as a local reverse-proxy to secure a SaaS application or as a log parser to discover in-use cloud applications are not valid uses, as these functions are performed by other components of the Netskope Security Cloud platform, such as the Cloud Access Security Broker (CASB) or the Cloud XD engine. References: Netskope Security Cloud Operation & Administration (NSCO&A) - Classroom Course, Module 2: Architecture Overview; [Netskope Private Access]; [Netskope Secure Forwarder].


質問 # 38
What are two pillars of CASB? (Choose two.)

  • A. cloud native
  • B. visibility
  • C. compliance
  • D. SASE

正解:B、C

解説:
Explanation
Two pillars of CASB are visibility and compliance. CASB stands for Cloud Access Security Broker, which is a solution that provides visibility and control over cloud services and web traffic, as well as data and threat protection for cloud users and devices. Visibility is thecapability to identify all cloud services in use and assess their risk factors, such as security, auditability, business continuity, etc. Compliance is the capability to ensure that cloud services and data meet the regulatory standards and policies of the organization or industry, such as GDPR, HIPAA, PCI DSS, etc. References: What Is a Cloud Access Security Broker (CASB)? | MicrosoftCASB Guide: What are the 4 Pillars of CASB? - Security Service Edge


質問 # 39
Which two traffic steering configurations are supported by Netskope? (Choose two.)

  • A. all Web traffic including cloud applications
  • B. Web traffic only
  • C. browser isolation traffic only
  • D. cloud applications only

正解:A、D

解説:
Explanation
The two traffic steering configurations that are supported by Netskope are cloud applications only and all Web traffic including cloud applications. These configurations allow you to control what kind of traffic gets steered to Netskope for real-time deep analysis and what kind of traffic gets bypassed. You can choose one of these options for both on-premises and off-premises scenarios, depending on your network environment and security needs. You can also create exceptions for specific domains, IP addresses, or certificate-pinned applications that you want to bypass or steer regardless of the configuration option. References: Steering ConfigurationCreating a Steering Configuration


質問 # 40
Which two cloud security and infrastructure enablement technologies does Secure Access Service Edge (SASE) combine into its unified platform? (Choose two.)

  • A. Distributed Denial of Service Protection (DDoS)
  • B. Zero Trust Network Access (ZTNA)
  • C. Unified Threat Management (UTM)
  • D. Cloud Access Security Broker (CASB)

正解:B、D

解説:
Explanation
Secure Access Service Edge (SASE) is a cloud-based architecture that combines various cloud security and infrastructure enablement technologies into a unified platform that delivers security and networking services from the edge of the network. Two of these technologies are Zero Trust Network Access (ZTNA) and Cloud Access Security Broker (CASB). ZTNA is a technology that provides secure access to private applications without exposing them to the internet or using VPNs. It uses identity-based policies and encryption to grant granular access to authorized users and devices, regardless of their location or network. CASB is a technology that provides visibility and control over cloud applications (SaaS) used by users and devices. It uses API connections or inline proxies to inspect and enforce policies on data and activities in cloud applications, such as data loss prevention, threat protection, or compliance. Distributed Denial of Service Protection (DDoS) and Unified Threat Management (UTM) are not technologies that SASE combines into its unified platform, although they may be related or integrated with some of its components. References: [SASE], [ZTNA],
[CASB].


質問 # 41
You want to block access to sites that use self-signed certificates. Which statement is true in this scenario?

  • A. Self-signed certificates must be changed to a publicly trusted CA signed certificate.
  • B. Certificate-related settings apply to each individual client configuration level.
  • C. Certificate-related settings apply globally to the entire customer tenant.
  • D. Certificate-related settings apply to each individual steering configuration level.

正解:D

解説:
Explanation
The statement that is true in this scenario is: Certificate-related settings apply to each individual steering configuration level. Certificate-related settings are the options that allow you to configure how Netskope handles SSL/TLS certificates for encrypted web traffic. For example, you can choose whether to allow or block self-signed certificates, expired certificates, revoked certificates, etc. You can also choose whether to enable SSL decryption for specific domains or categories. Certificate-related settings apply to each individual steering configuration level, which means that you can have different settings for different types of traffic or devices. For example, you can have one steering configuration for managed devices and another one for unmanaged devices, and apply different certificate-related settings for each one. This allows you to customize your security policies based on your needs and preferences. References: Netskope SSL DecryptionNetskope Steering Configuration


質問 # 42
You are working with traffic from applications with pinned certificates. In this scenario, which statement is correct?

  • A. An exception should be added to the steering configuration.
  • B. Traffic with pinned certificates should be blocked.
  • C. The domains used by certificate-pinned applications should be added to the authentication bypass list.
  • D. The domains used by applications with pinned certificates should be allowed in an inline policy.

正解:A

解説:
Explanation
When working with traffic from applications with pinned certificates, you should add an exception to the steering configuration to bypass them. Pinned certificates are a security technique that prevents man-in-the-middle attacks by validating the server certificates against a hardcoded list of certificates in the application. If you try to intercept or inspect the traffic from such applications, they will reject the connection or display an error message. Therefore, you should add the domains used by certificate-pinned applications as exceptions in your steering configuration, so that they are not steered to Netskope for analysis and enforcement. References: Certificate Pinned ApplicationsCreating a Steering Configuration


質問 # 43
You need to provide a quick view under the Skope IT Applications page showing only risky shadow IT cloud applications being used.
In this scenario, which two filter combinations would you use to accomplish this task? (Choose two.)

  • A. CCL = High. Under Research
  • B. Sanctioned = No
  • C. User Device Type = Windows Device
  • D. CCL = Medium. Low, Poor

正解:B、D

解説:
Explanation
To provide a quick view under the Skope IT Applications page showing only risky shadow IT cloud applications being used, you can use two filter combinations: Sanctioned = No and CCL = Medium, Low, Poor. The Sanctioned filter allows you to select whether you want to see only sanctioned or unsanctioned apps in your organization. Sanctioned apps are those that are approved and managed by your IT department, while unsanctioned apps are those that are used without authorization or oversight by your employees. Shadow IT refers to the use ofunsanctioned apps that may pose security or compliance risks for your organization. The CCL filter allows you to select the Cloud Confidence Level (CCL) ratings of the apps you want to see. The CCL rating is a measure of how enterprise-ready a cloud app is based on various criteria such as security, auditability, business continuity, etc. The CCL rating ranges from Excellent to Poor, with Excellent being the most secure and compliant and Poor being the least. Risky cloud apps are those that have a low CCL rating, such as Medium, Low, or Poor. By applying these two filters, you can narrow down the list of apps to only those that are unsanctioned and have a low CCL rating, which indicates that they are risky shadow IT cloud applications being used in your organization. References: SkopeIT ApplicationsNetskope Cloud Confidence Index


質問 # 44
What is a benefit that Netskope instance awareness provides?

  • A. It prevents the user from copying information from a corporate email and pasting the information into a GitHub repository.
  • B. It differentiates between an IT managed Google Drive instance versus a personal Google Drive instance.
  • C. It differentiates between an IT managed Google Drive instance versus a personal Dropbox account.
  • D. It prevents movement of corporate sensitive data to a personal Dropbox account.

正解:B

解説:
Explanation
A benefit that Netskope instance awareness provides is that it differentiates between an IT managed Google Drive instance versus a personal Google Drive instance. Instance awareness is a feature in the Netskope platform that allows you to define and identify different instances of the same cloud application based on the domain name or URL. For example, you can define an instance for your IT managed Google Drive instance (such as drive.google.com/a/yourcompany.com) and another instance for your personal Google Drive instance (such as drive.google.com). This way, you can differentiate between them and apply different policies and actions based on the instance. This can help you prevent data leakage, enforce compliance, or improve visibility for your cloud application activities. Preventing movement of corporate sensitive data to a personal Dropbox account, preventing the user from copying information from a corporate email and pasting it into a GitHub repository, or differentiating between an IT managed Google Drive instance versus an IT managed Box instance are not benefits that Netskope instance awareness provides, as they are either unrelated or irrelevant to the instance awareness feature. References: Netskope Security Cloud Operation & Administration (NSCO&A) - Classroom Course, Module 5: Real-Time Policies, Lesson 4: App Instances.


質問 # 45
Which two statements describe a website categorized as a domain generated algorithm (DGA)? (Choose two.)

  • A. The website is used to hide a command-and-control server.
  • B. The website is used for domain registration.
  • C. The domain contains malicious algorithms.
  • D. The domain was created by a program.

正解:A、D

解説:
Explanation
Two statements that describe a website categorized as a domain generated algorithm (DGA) are: The website is used to hide a command-and-control server and the domain was created by a program. A domain generated algorithm (DGA) is a technique used by cyber attackers to generate new domain names and IP addresses for malware's command and control servers. Executed in a manner that seems random, it makes it nearly impossible for threat hunters to detect and contain the attack. A command-and-control server is a server that communicates with malware installed on infected machines and sends commands or updates to them. A program is a piece of software that performs a specific task or function. A domain generated algorithm is implemented by a program that runs on the attacker's machine or the malware itself, and produces a large number of domain names based on some logic, such as date, time, seed, dictionary, etc. References: Domain generation algorithmAmong cyber-attack techniques, what is a DGA?


質問 # 46
Why would you want to define an App Instance?

  • A. to differentiate between an enterprise Google Drive instance vs. a personal Google Drive instance
  • B. to enable the instance_id attribute in the advanced search field when using query mode
  • C. to differentiate between an enterprise Google Drive instance vs. an enterprise Box instance
  • D. to create an API Data Protection Policy for a personal Box instance

正解:A

解説:
Explanation
An App Instance is a feature in the Netskope platform that allows you to define and identify different instances of the same cloud application based on the domain name or URL. For example, you can define an App Instance for your enterprise Google Drive instance (such as drive.google.com/a/yourcompany.com) and another App Instance for your personal Google Drive instance (such as drive.google.com). This way, you can differentiate between them and apply different policies and actions based on the App Instance. You would want to define an App Instance to achieve this level of granularity and control over your cloud application activities. Creating an API Data Protection Policy for a personal Box instance, enabling the instance_id attribute in the advanced search field, or differentiating between an enterprise Google Drive instance vs. an enterprise Box instance are not valid reasons to define an AppInstance, as they are either unrelated or irrelevant to the App Instance feature. References: Netskope Security Cloud Operation & Administration (NSCO&A) - Classroom Course, Module 5: Real-Time Policies, Lesson 4: App Instances.


質問 # 47
Exhibit

Which portion of the interface shown in the exhibit allows an administrator to set severity, assign ownership, track progress, and perform forensic analysis with excerpts of violating content?

  • A. Reports -> New Report
  • B. Incidents -> DLP
  • C. API-enabled Protection -> Inventory
  • D. Skope IT-> Alerts

正解:B

解説:
Explanation
The portion of the interface shown in the exhibit that allows an administrator to set severity, assign ownership, track progress, and perform forensic analysis with excerpts of violating content is Incidents -> DLP. The Incidents dashboard provides a comprehensive view of all the incidents that have occurred in your cloud environment, such as DLP violations, malware infections, anomalous activities, etc. You can filter the incidents by various criteria, such as app name, incident type, severity, user name, etc. You can also drill down into each incident to see more details, such as file name, file path, file owner, file size, file type, etc. You can also assign an owner to an incident, change its status and severity, add notes or comments, and view the excerpts of the violating content that triggered the DLP policy. References: Netskope Incidents Dashboard


質問 # 48
There is a DLP violation on a file in your sanctioned Google Drive instance. The file is in a deleted state. You need to locate information pertaining to this DLP violation using Netskope. In this scenario, which statement is correct?

  • A. You can find DLP violations under the Incidents dashboard.
  • B. You can find DLP violations under Forensic profiles.
  • C. DLP incidents for a file are not visible when the file is deleted.
  • D. You must create a forensic profile so that an incident is created.

正解:A

解説:
Explanation
To locate information pertaining to a DLP violation on a file in your sanctioned Google Drive instance, you can use the Incidents dashboard in Netskope. The Incidents dashboard provides a comprehensive view of all the incidents that have occurred in your cloud environment, such as DLP violations, malware infections, anomalous activities, etc. You can filter the incidents by various criteria, such as app name, incident type, severity, user name, etc. You can also drill down into each incident to see more details, such as file name, file path, file owner, file size, file type, etc. The Incidents dashboard can show DLP violations for files that are in a deleted state, as long as they are still recoverable from the trash bin of the app. If the file is permanently deleted from the app, then the incident will not be visible in the dashboard. References: Netskope Incidents Dashboard


質問 # 49
You want to take into account some recent adjustments to CCI scoring that were made in your Netskope tenant.
In this scenario, which two CCI aspects in the Ul would be used in a real-time protection policy? (Choose two.)

  • A. GDPR Readiness
  • B. App Tag
  • C. CCL
  • D. App Score

正解:B、D

解説:
Explanation
To take into account some recent adjustments to CCI scoring that were made in your Netskope tenant, you can use the App Tag and App Score aspects in the UI to create a real-time protection policy. The App Tag is a label that indicates the level of enterprise readiness of a cloud app based on its CCI score. The App Score is a numerical value that represents the CCI score of a cloud app based on various criteria such as security, auditability, and business continuity. You can use these aspects to filter cloud apps by their CCI ratings and apply policies accordingly. For example, you can create a policy that blocks access to cloud apps with an App Tag of Poor or an App Score below 50. References: Netskope Cloud Confidence IndexCreating Real-Time Policies for Cloud Applications


質問 # 50
Which three security controls are offered by the Netskope Cloud platform? (Choose three.)

  • A. cloud security posture management
  • B. threat protection
  • C. endpoint anti-malware
  • D. data loss prevention for SMTP
  • E. identity lifecycle management

正解:A、B、D

解説:
Explanation
Three security controls that are offered by the Netskope Cloud platform are: C. cloud security posture management, E. threat protection, and B. data loss prevention for SMTP.
Cloud security posture management is a service that provides continuous assessment and remediation of public cloud deployments for risks, threats, and compliance issues. Netskope CSPM leverages the APIs available from cloud service providers such as AWS, Azure, and GCP to scan the cloud infrastructure for misconfigurations, such as insecure permissions, open ports, unencrypted data, etc. Netskope CSPM also provides security posture policies, profiles, and rules that can be customized to match the security standards and best practices of the organization or industry.
Threat protection is a capability to detect and block malware, ransomware, phishing, and other cyber threats that may compromise cloud data or users. Netskope threat protection uses advanced techniques such as machine learning, sandboxing, threat intelligence, and behavioral analysis to identify and prevent malicious activities in real time.Netskope threat protection also integrates with third-party solutions such as antivirus engines, firewalls, SIEMs, etc., to provide comprehensive defense across the cloud and web1.
Data loss prevention for SMTP is a feature that allows you to protect sensitive data that is sent or received via email. Netskope DLP for SMTP can scan email messages and attachments for predefined or custom data patterns, such as credit card numbers, social security numbers, health records, etc., and apply appropriate actions, such as block, quarantine, encrypt, notify, etc., based on the DLP policies.Netskope DLP for SMTP can also support multiple email domains and routing rules for different groups of users2.


質問 # 51
A customer wants to detect misconfigurations in their AWS cloud instances.
In this scenario, which Netskope feature would you recommend to the customer?

  • A. Netskope Cloud Security Posture Management (CSPM)
  • B. Netskope Advanced DLP and Threat Protection
  • C. Netskope SaaS Security Posture Management (SSPM)
  • D. Netskope Secure Web Gateway (SWG)

正解:A

解説:
Explanation
If a customer wants to detect misconfigurations in their AWS cloud instances, the Netskope feature that I would recommend to them is Netskope Cloud Security Posture Management (CSPM). Netskope CSPM is a service that provides continuous assessment and remediation of public cloud deployments for risks, threats, and compliance issues. Netskope CSPM leverages the APIs available from AWS and other cloud service providers to scan the cloud infrastructure for misconfigurations, such as insecure permissions, open ports, unencrypted data, etc. Netskope CSPM also provides security posture policies, profiles, and rules that can be customized to match the customer's security standards and best practices. Netskope CSPM can also alert, report, or remediate the misconfigurations automatically or manually. References: Netskope CSPMCloud Security Posture Management


質問 # 52
You have applied a DLP Profile to block all Personally Identifiable Information data uploads to Microsoft 365 OneDrive. DLP Alerts are not displayed and no OneDrive-related activities are displayed in the Skope IT App Events table.
In this scenario, what are two possible reasons for this issue? (Choose two.)

  • A. A Netskope POP is not in your local country and therefore DLP policies cannot be applied.
  • B. The Cloud Storage category is in the Steering Configuration as an exception.
  • C. The destination domain is excluded from decryption in the decryption policy.
  • D. DLP policies do not apply when using IPsec as a steering option.

正解:B、C

解説:
Explanation
If the Cloud Storage category is in the Steering Configuration as an exception, then Netskope will not steer any traffic to or from cloud storage applications, such as Microsoft 365 OneDrive, to its platform. This means that Netskope will not be able to inspect or apply any policies to this traffic, including DLP policies. Similarly, if the destination domain is excluded from decryption in the decryption policy, then Netskope will not decrypt any traffic to or from that domain, such as onedrive.com. This means that Netskope will not be able to inspect or apply any policies to this traffic, including DLP policies. The location of the Netskope POP or the use of IPsec as a steering option do not affect the application of DLP policies, as long as Netskope can steer and decrypt the relevant traffic. References: Netskope Security Cloud Operation & Administration (NSCO&A) - Classroom Course, Module 3: Steering Configuration, Lesson 1: Steering Options and Lesson 2: Exceptions; Module 4: Decryption Policy, Lesson 1: Decryption Policy Overview and Lesson 2: Decryption Policy Configuration.
https://www.bsimm.com/ : https://www.iso.org/isoiec-27001-information-security.html :
https://www.dasca.org/ : https://www.nist.gov/cyberframework


質問 # 53
......

検証済みのNSK100問題集と解答で合格保証で試験問題集テストエンジン:https://jp.fast2test.com/NSK100-premium-file.html


弊社を連絡する

我々は12時間以内ですべてのお問い合わせを答えます。

我々の働いている時間: ( GMT 0:00-15:00 )
月曜日から土曜日まで

サポート: 現在連絡 

English Deutsch 繁体中文 한국어