Netskope Certified Cloud Security Integrator NSK200 NCCSI Exam Questions

Page: 1 / 14
Total 93 questions
Question 1

Your organization has three main locations with 30.000 hosts in each location. You are planning to deploy Netskope using iPsec tunnels for security.

What are two considerations to make a successful connection in this scenario? (Choose two.)



Answer : C, D

To deploy Netskope using IPSec tunnels for security in this scenario, two considerations to make a successful connection are C. redundant POPs and D. number of hosts. Redundant POPs are Points of Presence that are geographically distributed data centers that host the Netskope cloud platform. You need to consider redundant POPs to ensure high availability and resiliency of your IPSec tunnels in case of a failure or outage in one of the POPs.You can configure multiple IPSec tunnels from your network to different POPs and use dynamic routing protocols such as BGP to load balance and failover the traffic1. Number of hosts is the number of devices or endpoints that will use the IPSec tunnels to access the cloud services. You need to consider the number of hosts to estimate the bandwidth and throughput requirements of your IPSec tunnels and choose the appropriate POPs that can handle the traffic volume.You can use the Netskope Bandwidth Calculator tool to estimate the bandwidth and throughput based on the number of hosts, locations, and cloud services2. Therefore, options C and D are correct and the other options are incorrect.Reference:IPSec - Netskope Knowledge Portal,Netskope Bandwidth Calculator


Question 2

Your customer is migrating all of their applications over to Microsoft 365 and Azure. They have good practices and policies in place (or their inline traffic, but they want to continuously detect reconfigurations and enforce compliance standards.

Which two solutions would satisfy their requirements? (Choose two.)



Answer : A, D

To continuously detect and enforce compliance standards for their Microsoft 365 and Azure applications, the customer needs to use Netskope SaaS Security Posture Management (SSPM) and Netskope Continuous Security Assessment (CSA). Netskope SSPM allows the customer to monitor, assess, and act on security, permission, and access related issues in their SaaS environment, such as Microsoft 365. Netskope SSPM continuously checks security posture by comparing SaaS app settings with security policies and industry benchmarks (CIS, PCI-DSS, NIST, HIPAA, CSA, GDPR, AIPCA, ISO, and more).It also provides visibility and control over third-party apps that are connected to the managed apps1. Netskope CSA allows the customer to discover, audit, and remediate misconfigurations in their IaaS environment, such as Azure. Netskope CSA continuously monitors and audits cloud configurations against industry standards, CIS benchmarks, and regulatory frameworks.It also provides real-time inline protection to secure public clouds from threats and data loss2. Therefore, options A and D are correct and the other options are incorrect.Reference:SaaS Security Posture Management - Netskope,Public Cloud Security Solutions - Netskope


Question 3

Review the exhibit.

You are at the Malware Incident page. A virus was detected by the Netskope Heuristics Engine. Your security team has confirmed that the virus was a test data file You want to allow the security team to use this file

Referring to the exhibit, which two statements are correct? (Choose two.)



Answer : A, C

To allow the security team to use the test data file that was detected as a virus by the Netskope Heuristics Engine, the following two steps are correct:

Click the ''Add To File Filter'' button to add the IOC to a file list. This will exclude the file from future malware scans and prevent false positive alerts.The file list can be managed in the Settings > File Filter page1.

Click the ''Lookup VirusTotal'' button to verify if this IOC is a false positive. This will open a new tab with the VirusTotal report for the file hash. VirusTotal is a service that analyzes files and URLs for viruses, worms, trojans, and other kinds of malicious content.The report will show how many antivirus engines detected the file as malicious and provide additional information about the file2.

https://docs.netskope.com/en/netskope-help/admin-console/incidents/


Question 4

You are given an MD5 hash of a file suspected to be malware by your security incident response team. They ask you to offer insight into who has encountered this file and from where was the threat initiated. In which two Skope IT events tables would you search to find the answers to these questions? (Choose two.)



Answer : A, C

To find the answers to the questions posed by the security incident response team, you need to search in the Application Events and Alerts tables in Skope IT. The Application Events table shows the details of the cloud application activities performed by the users, such as upload, download, share, etc.You can filter the Application Events table by the MD5 hash of the file to find out who has encountered this file and from which cloud service it was downloaded1. The Alerts table shows the details of the policy violations triggered by the users, such as DLP, threat protection, anomaly detection, etc.You can filter the Alerts table by the MD5 hash of the file to find out if this file was detected as malware by Netskope and what action was taken2. Therefore, options A and C are correct and the other options are incorrect.Reference:Application Events - Netskope Knowledge Portal,Alerts - Netskope Knowledge Portal


Question 5

Review the exhibit.

Given the information shown below:

- for PCI data uploads, you want to provide no notification,

- for PHI data uploads, you want to allow users to proceed by clicking OK,

- for GDPR data uploads, you want to provide block notification,

- if none of the above matches, you want to provide no notification.

You want to reduce the number of policies by combining multiple DLP profiles Into one policy.

Referring to the exhibit, which two statements are true? (Choose two.)



Answer : B, D


Question 6

You want the ability to perform automated remediation of misconfigurations on GitHub, Microsoft 365, Salesforce, ServiceNow, and Zoom.



Answer : D

Netskope SaaS Security Posture Management (SSPM) is designed to automate the detection and remediation of security misconfigurations across SaaS applications, including GitHub, Microsoft 365, Salesforce, ServiceNow, and Zoom. SSPM provides visibility into and correction of misconfigurations to protect corporate data in cloud applications.


Question 7

Your company wants to deploy Netskope using a tunnel because you have a mixture of device operating systems. You also do not want to enable encryption because you want to maximize bandwidth.



Answer : D

GRE tunnels are the optimal choice in this scenario. GRE is a commonly used, non-encrypted tunneling protocol that supports a variety of device operating systems, and it offers efficient bandwidth usage without encryption overhead, which aligns with the company's requirements.


Page:    1 / 14   
Total 93 questions