Netskope Certified Cloud Security Administrator Exam NSK101 NCCSA Exam Practice Test

Page: 1 / 14
Total 129 questions
Question 1

A customer wants to receive e-mail alerts whenever Netskope publishes an incident involving a specific service, or if Netskope publishes information regarding planned maintenance. Which two Netskope sites allow an administrator to subscribe to service notifications? (Choose two.)



Answer : A, D

Administrators can subscribe to service notifications, including incidents and planned maintenance, through the following Netskope sites:

https://notify.netskope.com: This site provides notifications about incidents and maintenance updates. Administrators can subscribe to receive email alerts whenever there are updates involving specific services or planned maintenance.

https://trust.netskope.com: This site offers detailed information about Netskope's operational status, including any incidents, planned maintenance, and security updates. Administrators can subscribe to receive notifications and stay informed about the service status.


Netskope documentation and support articles on subscribing to service notifications and updates.

Netskope's service notification and operational status sites providing subscription options for alerts and updates.

Question 2

You want to see the actual data that caused the policy violation within a DLP Incident view.

In this scenario, which profile must be set up?



Answer : B

DLP Incident View:

To see the actual data that caused a policy violation within a DLP incident, detailed logging and data capture are required.

Forensics Profile:

A Forensics Profile in Netskope is designed to capture and store detailed information about policy violations, including the actual data that triggered the incident.

It provides a comprehensive view of the incident for investigation and compliance purposes.

Setup Process:

Navigate to the DLP settings in the Netskope admin console.

Configure a Forensics Profile to capture detailed logs and data for policy violations.

Ensure that this profile is associated with the relevant DLP policies.

Reference:

For detailed configuration steps, refer to the Netskope documentation on setting up Forensics Profiles for DLP incidents.


Question 3

What are two fundamental differences between the inline and API implementation of the Netskope platform? (Choose two.)



Answer : B, C

The inline and API implementation of the Netskope platform are two different ways of connecting cloud applications to Netskope for inspection and policy enforcement. Two fundamental differences between them are: The API implementation can only be used with sanctioned applications, which are applications that are approved and authorized by the organization for business use. The API implementation relies on using out-of-band API connections to access data and events from these applications and apply near real-time policies. The inline implementation can effectively block a transaction in both sanctioned and unsanctioned applications, which are applications that are not approved or authorized by the organization for business use. The inline implementation relies on using in-band proxy or reverse-proxy connections to intercept traffic to and from these applications and apply real-time policies. The API implementation can be used with both sanctioned and unsanctioned applications and the inline implementation can only effectively block a transaction in sanctioned applications are not true statements, as they contradict the actual capabilities and limitations of each implementation method.Reference:[Netskope SaaS API-enabled Protection], [Netskope Inline CASB].


Question 4

Which two functions are available for both inline and API protection? (Choose two.)



Answer : B, C

Netskope provides both inline and API protection for cloud applications and web traffic. Inline protection refers to the real-time inspection and enforcement of policies on the traffic between users and cloud applications, using Netskope's inline proxy mode. API protection refers to the retrospective inspection and enforcement of policies on the data that is already stored in cloud applications, using Netskope's API connectors. Two functions that are available for both inline and API protection are threat protection and DLP. Threat protection is the capability to detect and block malware, ransomware, phishing, and other cyber threats that may compromise cloud data or users. DLP is the capability to detect and protect sensitive data, such as personal information, intellectual property, or regulated data, that may be exposed or leaked through cloud applications.Reference:Netskope Inline Proxy ModeNetskope API ProtectionNetskope Threat ProtectionNetskope DLP Engine


Question 5

Which two common security frameworks are used today to assess and validate a vendor's security practices? (Choose two.)



Answer : B, C

The Building Security in Maturity Model (BSIMM) is a framework that measures and compares the security activities of different organizations. It helps organizations to assess their current security practices and identify areas for improvement. ISO 27001 is an international standard that specifies the requirements for establishing, implementing, maintaining, and improving an information security management system. It helps organizations to manage their information security risks and demonstrate their compliance with best practices. Data Science Council of America (DASCA) is not a security framework, but a credentialing body for data science professionals. NIST Cybersecurity Framework (NIST CSF) is a security framework, but it is not commonly used to assess and validate a vendor's security practices, as it is more focused on improving the cybersecurity of critical infrastructure sectors in the United States.Reference:[BSIMM], [ISO 27001], [DASCA], [NIST CSF].


Question 6

You determine that a business application uses non-standard HTTPS ports. You want to steer all HTTPS traffic for this application and have visibility and control over user activities.

Which action will allow you to accomplish this task?



Answer : C

Identify Non-standard HTTPS Ports:

Determine the specific non-standard HTTPS ports used by the business application.

Create a Steering Exception:

Navigate to the Netskope admin console.

Go to the steering configuration section and create a new steering exception.

Specify the domain of the business application and include the non-standard HTTPS ports.

This exception will ensure that traffic to this application is steered correctly for inspection and control.

Configure Non-standard Ports in the Steering Configuration:

Go to the steering configuration settings.

Add the identified non-standard HTTPS ports to ensure that all traffic using these ports is captured and inspected.

This ensures comprehensive visibility and control over the user activities on the application.

Reference:

For more details on steering configurations and managing exceptions, refer to the Netskope documentation on steering traffic and configuring non-standard ports.


Question 7

Which two traffic steering configurations are supported by Netskope? (Choose two.)



Answer : B, C

The two traffic steering configurations that are supported by Netskope are cloud applications only and all Web traffic including cloud applications. These configurations allow you to control what kind of traffic gets steered to Netskope for real-time deep analysis and what kind of traffic gets bypassed. You can choose one of these options for both on-premises and off-premises scenarios, depending on your network environment and security needs. You can also create exceptions for specific domains, IP addresses, or certificate-pinned applications that you want to bypass or steer regardless of the configuration option.Reference:Steering ConfigurationCreating a Steering Configuration


Page:    1 / 14   
Total 129 questions