Netskope NSK200リアル試験問題保証付き更新された問題集
検証済み!合格できるNSK200試験一発合格保証付き
質問 # 53
Review the exhibit.
You are at the Malware Incident page. A virus was detected by the Netskope Heuristics Engine. Your security team has confirmed that the virus was a test data file You want to allow the security team to use this file Referring to the exhibit, which two statements are correct? (Choose two.)
- A. Click the "Add To File Filter button to add the IOC to a file list.
- B. Create a malware detection profile and update the file hash list with the IOC.
- C. Contact the CrowdStrike administrator to have the file marked as safe.
- D. Click the ''Lookup VirusTotal" button to verify if this IOC is a false positive.
正解:A、D
解説:
To allow the security team to use the test data file that was detected as a virus by the Netskope Heuristics Engine, the following two steps are correct:
* Click the "Add To File Filter" button to add the IOC to a file list. This will exclude the file from future malware scans and prevent false positive alerts. The file list can be managed in the Settings > File Filter page1.
* Click the "Lookup VirusTotal" button to verify if this IOC is a false positive. This will open a new tab with the VirusTotal report for the file hash. VirusTotal is a service that analyzes files and URLs for viruses, worms, trojans, and other kinds of malicious content. The report will show how many antivirus engines detected the file as malicious and provide additional information about the file2.
https://docs.netskope.com/en/netskope-help/admin-console/incidents/
質問 # 54
You have created a specific Skope IT application events query and want to have the query automatically run and display the results every time you log into your tenant.
Which two statements are correct in this scenario? (Choose two.)
- A. Add your Skope IT query to a custom watchlist.
- B. Export a custom Skope IT watchlist to a report and then schedule it to run daily.
- C. Add the Watchlist widget from the library to your home page.
- D. Save a custom Skope IT watchlist, then manage filters and share with others.
正解:A、D
解説:
Adding a Skope IT query to a custom watchlist allows the query to be saved and easily accessed. Saving the watchlist and managing filters also lets you customize it further and share it with others in your organization if needed.
質問 # 55
Your customer is concerned aboutmalware in their AWS S3 buckets. What two actions would help with this scenario? (Choose two.)
- A. Create a threatprofile to quarantine malware in their AWS S3 buckets.
- B. Create a real-time policy to block malware uploads to their AWS instances.
- C. Enable Threat Protection (Malware Scan) for all of their AWS instances to Identify malware.
- D. Create an API protection policy to quarantine malware in their AWS S3 buckets.
正解:C、D
解説:
Explanation
To help the customer with the scenario of malware in their AWS S3 buckets, two actions that would help are B: Enable Threat Protection (Malware Scan) for all of their AWS instances to identify malware and C. Create an API protection policy to quarantine malware in their AWS S3 buckets. Threat Protection (Malware Scan) is a feature that allows you to scan files in your cloud services, such as AWS S3, for malware using Netskope's advanced threat protection engine. You can enable Threat Protection (Malware Scan) for all of your AWS instances in the Netskope tenant by going to Settings > Cloud Services > AWS > Threat Protection and selecting the Enable Malware Scan option1. This will help you identify malware in your AWS S3 buckets and generate alerts for further action. An API protection policy is a rule that specifies the actions and notifications that Netskope applies to the data that is already resident in your cloud services, such as AWS S3, based on various criteria. You can create an API protection policy to quarantine malware in your AWS S3 buckets by going to Policies > API Protection > New Policy and selecting the AWS service, the Malware Scan data identifier, and the Quarantine action in the policy page2. This will help you isolate malware in your AWS S3 buckets and prevent it from spreading or being accessed by unauthorized users. Therefore, options B and C are correct andthe other options are incorrect. References: Threat Protection (Malware Scan) - Netskope Knowledge Portal, Add a Policy for API Protection - Netskope Knowledge Portal
質問 # 56
The risk team at your company has determined that traffic from the sales team to a custom Web application should not be inspected by Netskope. All other traffic to the Web application should continue to be inspected.
In this scenario, how would you accomplish this task?
- A. Create a Do Not Decrypt Policy using User Group and Domain in the policy page.
- B. Create a Do Not Decrypt Policy using Destination IP and Application in the policy page.
- C. Create a Do Not Decrypt Policy using Application in the policy page and a Steering Exception for Group
- D. Create a Do Not Decrypt Policy using Source IP and Application in the policy page.
正解:A
解説:
To prevent traffic from the sales team to a custom Web application from being inspected by Netskope, you need to create a Do Not Decrypt Policy using User Group and Domain in the policy page. A Do Not Decrypt Policy allows you to specify the traffic you want to leave encrypted and not further analyzed by Netskope via the Real-time Protection policies3. You can use the User Group criteria to match the sales team members and the Domain criteria to match the custom Web application. This way, only the traffic from the sales team to the custom Web application will be exempted from decryption, while all other traffic to the Web application will continue to be inspected.
質問 # 57
Your company asks you to use Netskope to integrate with Endpoint Detection and Response (EDR) vendors suchas CrowdStrike. In this scenario,what is a requirement for a successful Integration and sharing of threat data?
- A. custom log parser
- B. API Client ID
- C. user endpoint
- D. device classification
正解:B
解説:
Explanation
To integrate Netskope with EDR vendors such as CrowdStrike and share threat data, a requirement for a successful integration is A. API Client ID. An API Client ID is a unique identifier that is used to authenticate and authorize requests to the EDR vendor's API. You need to obtain an API Client ID from the EDR vendor and enter it in the Netskope tenant settings under Threat Protection > Integration. This will allow Netskope to communicate with the EDR vendor and exchange threat intelligence and remediation actions1. Therefore, option A is correct and the other options are incorrect. References: Integrating CrowdStrike for EDR - Netskope Knowledge Portal
質問 # 58
Your company needs to keep quarantined files that have been triggered by a DLP policy. In this scenario, which statement Is true?
- A. The files are stofed remotely In your data center assigned In the Quarantine profile.
- B. The files are stored In the Cloud provider assigned In the Quarantine profile.
- C. The files are stored In the Netskope data center assigned in the Quarantine profile.
- D. The files are stored on the administrator console PC assigned In the Quarantine profile.
正解:C
解説:
When a policy flags a file to be quarantined, that file is placed in a quarantine folder and a tombstone file is put in the original location in its place. The quarantine folder is located in the Netskope data center assigned in the Quarantine profile. The Quarantine profile is configured in Settings > Threat Protection > API-enabled Protection. The quarantined file is zipped and protected with a password to prevent users from inadvertently downloading the file. Netskope then notifies the admin specified in the profile1. Therefore, option B is correct and the other options are incorrect. References: Quarantine - Netskope Knowledge Portal, Threat Protection - Netskope Knowledge Portal
質問 # 59
Which object would be selected when creating a Malware Detection profile?
- A. User profile
- B. DLP profile
- C. File profile
- D. Domain profile
正解:C
解説:
A file profile is an object that contains a list of file hashes that can be used to create a malware detection profile. A file profile can be configured as an allowlist or a blocklist, depending on whether the files are known to be benign or malicious. A file profile can be created in the Settings > File Profile page1. A malware detection profile is a set of rules that define how Netskope handles malware incidents. A malware detection profile can be created in the Policies > Threat Protection > Malware Detection Profiles page2. To create a malware detection profile, one needs to select a file profile as an allowlist or a blocklist, along with the Netskope malware scan option. The other options are not objects that can be selected when creating a malware detection profile.
質問 # 60
You want to reduce false positives by only triggering policies when contents of your customer database are uploaded to Dropbox. Your maximum database size is 2 MB. In this scenario, what are two ways to accomplish this task? (Choose two.)
- A. Use a Netskope virtual appliance to create an exact match hash.
- B. Use the Netskope client to upload the .csv export to the Netskope management plane DLP container.
- C. Send the .csv export to Netskope using a support ticket with the subject, "create exact match hash".
- D. Upload the .csv export lo the Netskope tenant DLP rules section to create an exact match hash.
正解:A、D
解説:
To reduce false positives by only triggering policies when contents of your customer database are uploaded to Dropbox, you can use two methods: Upload the .csv export to the Netskope tenant DLP rules section to create an exact match hash. This is a method that allows you to upload a file containing structured data, such as a customer database, to the Netskope tenant and generate a hash of the data. The hash is then used to match the data in the cloud traffic and trigger DLP policies. This method is suitable for files that are less than 10 MB in size. To upload the file, you need to go to Policies > Data Protection > DLP Rules and click on Exact Match Hashes. Then you can select the file from your local system and upload it. Use a Netskope virtual appliance to create an exact match hash. This is a method that allows you to create a file containing structured data, such as a customer database, and upload it to the Netskope cloud using a virtual appliance. The virtual appliance encrypts the file before uploading it and generates a hash of the data. The hash is then used to match the data in the cloud traffic and trigger DLP policies. This method is suitable for files that are larger than 10 MB in size. To create the file, you need to follow a specific format and save it as a .csv file. To upload the file, you need to use the request dlp-pdd upload command on the virtual appliance CLI. The other options are not valid methods for this task. You cannot use the Netskope client to upload the .csv export to the Netskope management plane DLP container, as this is not a supported feature of the client. You cannot send the .csv export to Netskope using a support ticket with the subject, "create exact match hash", as this is not a secure or efficient way of creating an exact match hash. References: Create an Exact Match Hash from the UI1, Create an Exact Match Hash from a Virtual Appliance2
質問 # 61
Review the exhibit.
You are asked to create a DLP profile that will ensure that the data shown in the exhibit cannot be uploaded to a user's personal Google Drive.
What must be used to accomplish this task?
- A. document fingerprinting
- B. optical character recognition
- C. ML image classifier
- D. INTL-PAN-Name rule
正解:B
解説:
Explanation
To create a DLP profile that will ensure that the data shown in the exhibit cannot be uploaded to a user's personal Google Drive, you need to use optical character recognition (OCR). OCR is a feature that allows you to detect and extract text from images and scanned documents. You can use OCR in your DLP profiles to identify sensitive data that is embedded or hidden in images1. In the exhibit, we can see that the data is a credit card number, which is a type of sensitive data that can be easily identified by OCR. You can create a DLP profile that uses OCR and matches the credit card number data identifier or a custom regex expression. You can then apply an action such as block, alert, or quarantine to prevent the data from being uploaded to Google Drive2. Therefore, option C is correct and the other options are incorrect. References: Optical Character Recognition (OCR) - Netskope Knowledge Portal, Add a Policy for Data Protection - Netskope Knowledge Portal
質問 # 62
You are integrating Netskope tenant administration with an external identity provider. You need to implement role-based access control. Which two statements are true about this scenario? (Choose two.)
- A. Once integrated with IdP. you must append the "locallogin" URL to log in using IdP
- B. You do not need to define the administrators locally in the Netskope tenant after It Is integrated with IdP.
- C. You need to define the administrators locally in the Netskope tenant.
- D. The roles you want to assign must be present in the Netskope tenant.
正解:C、D
解説:
To implement role-based access control when integrating Netskope tenant administration with an external identity provider (IdP), two statements that are true about this scenario are A. The roles you want to assign must be present in the Netskope tenant and C. You need to define the administrators locally in the Netskope tenant. Role-based access control (RBAC) is a feature that allows you to assign different levels of permissions and access to the Netskope tenant based on the user's role. You can use RBAC to integrate Netskope tenant administration with an external IdP such as Azure AD or Okta and delegate administrative tasks to different users or groups1. To do this, you need to ensure that the roles you want to assign are present in the Netskope tenant. You can use the predefined roles such as SYSADMIN, AUDITOR, or OPERATOR, or create custom roles with specific privileges2. You also need to define the administrators locally in the Netskope tenant by creating local user accounts and assigning them roles. You can use the same email address as the IdP user account for the local user account3. Therefore, options A and C are correct and the other options are incorrect. References: Role-Based Access Control - Netskope Knowledge Portal, Roles - Netskope Knowledge Portal, Integrate with Azure AD - Netskope Knowledge Portal
質問 # 63
Your company asks you to use Netskope to integrate with Endpoint Detection and Response (EDR) vendors such as Crowdstrike.
Which two requirements are needed for a successful integration and sharing of threat data? (Choose two.)
- A. API Client ID
- B. Remediation profile
- C. Custom log parser
- D. Device classification
正解:A、B
解説:
Integrating with EDR vendors like Crowdstrike requires an API Client ID for authentication and data sharing.
A remediation profile is also necessary to define automated actions that can be taken when threats are detected, ensuring effective response to endpoint threats.
質問 # 64
You want to allow both the user identities and groups to be imported in the Netskope platform. Which two methods would satisfy this requirement? (Choose two.)
- A. Use Bulk Upload with a CSV file.
- B. Use Manual Entries.
- C. Use Directory Importer.
- D. Use System for Cross-domain Identity Management (SCIM).
正解:A、D
解説:
To allow both the user identities and groups to be imported in the Netskope platform, you can use either the System for Cross-domain Identity Management (SCIM) method or the Bulk Upload with a CSV file method.
Both of these methods allow for the import of user identities and groups from different identity providers (IdPs) that support SCIM or CSV formats. The SCIM method is recommended for large-scale deployments, as it automates the exchange of user identity information across apps for user provisioning. The CSV method is recommended for small-scale deployments, as it allows for manual upload of user details in a comma- separated values file. The other methods are not suitable for this requirement. The Manual Entries method does not allow for the import of groups, only user emails. The Directory Importer method does not import users and groups directly into the Netskope platform, but rather connects to an Active Directory or LDAP server and periodically fetches user and group information.
References: Provisioning Users for Netskope Client2, SCIM Integration3, Bulk Upload via CSV file
質問 # 65
After deploying the Netskope client to a number of devices, users report that the Client status indicates
"Admin Disabled". User and gateway information is displayed correctly in the client configuration dialog Why are clients installing in an "Admin Disabled" state in this scenario?
- A. All devices were previously disabled by the administrator.
- B. The user's account has no mail ID attribute In Active Directory.
- C. The user's identity is not synchronized to Netskope.
- D. The user's password was incorrect during enrollment.
正解:A
解説:
Explanation
The Netskope client can be disabled by the administrator from the Netskope console. This is useful for troubleshooting or maintenance purposes. When the client is disabled by the administrator, it shows the status as "Admin Disabled" and does not apply any policies or steer any traffic. The user cannot enable the client unless the administrator enables it from the console. The other options are not valid reasons for the client to be in an "Admin Disabled" state. References: Netskope Client Status 1, Enable or Disable Netskope Client 2
質問 # 66
What is the purpose of the filehash list in Netskope?
- A. It configures blocklist and allowlist entries referenced in the custom Malware Detection profiles.
- B. It providesClient Threat Exploit Prevention (CTEP).
- C. It is used to allow and block URLs.
- D. It provides the file types that Netskope can inspect.
正解:A
解説:
Explanation
The purpose of the file hash list in Netskope is to configure blocklist and allowlist entries referenced in the custom Malware Detection profiles. A file hash list is a collection of MD5 or SHA-256 hashes that represent files that you want to allow or block in your organization. You can create a file hash list when adding a file profile and use it as an allowlist or blocklist for files in your organization1. You can then select the file hash list when creating a Malware Detection profile2.
質問 # 67
Review the exhibit.
You receive a service request from a user who indicates that theirNetskope client is in a disabled state. The exhibit shows an excerpt (rom the affected client nsdebuglog.log.
What is the problem in this scenario?
- A. Custom installation parameters are incorrectly specified
- B. User authentication failed during IdP-based enrollment.
- C. The user's account has not been provisioned into Netskope.
- D. The Netskope client connection is being decrypted.
正解:D
解説:
Explanation
The problem in this scenario is that the Netskope client connection is being decrypted by a network security device. This is evident from the log message "ERROR SSL certificate verification failed: self signed certificate in certificate chain". This means that the Netskope client is receiving a certificate that is not issued by Netskope, but by a device that is intercepting and decrypting the traffic between the client and the Netskope cloud. This can cause the client to fail to download the required configuration and remain in a disabled state1.
Therefore, option B is correct and the other options are incorrect. References: Troubleshooting Netskope Client - Netskope Knowledge Portal, Using Netskope Client - Netskope Knowledge Portal
質問 # 68
......
Netskope NSK200 認定試験の出題範囲:
| トピック | 出題範囲 |
|---|---|
| トピック 1 |
|
| トピック 2 |
|
| トピック 3 |
|
| トピック 4 |
|
| トピック 5 |
|
今すぐダウンロード!リアルNetskope NSK200試験問題集テストエンジン試験問題:https://www.jpntest.com/shiken/NSK200-mondaishu
無料NSK200サンプル問題には100%カバー率リアル試験問題:https://drive.google.com/open?id=1gyWizA6PUSjhrbUp8huQn8CuoHWI9yic