NSK300試験無料問題集（62題）「Netskope Certified Cloud Security Architect 認定」

出題：1

Your client is an NG-SWG customer. They are going to use the Explicit Proxy over Tunnel (EPoT) steering method. They have a specific list of domains that they do not want to steer to the Netskope Cloud.
What would accomplish this task''

A. Create a real-time policy with a bypass action.

B. Define exceptions in the Netskope steering configuration

C. Use an SSL decryption policy.

D. Define exception domains in the PAC file.

正解：D 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：2

You are troubleshooting an issue with users who are unable to reach a financial SaaS application when their traffic passes through Netskope. You determine that this is because of IP restrictions in place with the SaaS vendor. You are unable to add Netskope's IP ranges at this time, but need to allow the traffic.
How would you allow this traffic?

A. Use Explicit Proxy Over Tunnel (EPoT) so the traffic will egress from the corporate data center.

B. Use Cloud Explicit Proxy so the traffic will egress from the corporate data center

C. Use NPAto implement Source IP anchonng so the traffic will egress from the corporate data center.

D. Use an IPsec tunnel to forward traffic so it will egress from the corporate data center

正解：B 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：3

Your company purchased Netskope's Next Gen Secure Web Gateway You are working with your network administrator to create GRE tunnels to send traffic to Netskope Your network administrator has set up the tunnel, keepalives. and a policy-based route on your corporate router to send all HTTP and HTTPS traffic to Netskope. You want to validate that the tunnel is configured correctly and that traffic is flowing.
In this scenario, which two statements are correct? (Choose two.)

A. You can verify that the tunnel is up in the Netskope Trust portal at https://trust netskope.com/.

B. You can verify that the tunnel is up and receiving traffic in the Netskope Ul under Settings > Security Cloud Platform > GRE.

C. You can use your local router or network device to verify that keepalives are being received and traffic is flowing to Netskope.

D. You must use your own monitoring tools to verify that the tunnel is up.

正解：B,C 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：4

Review the exhibit.
You work for a medical insurance provider. You have Netskope Next Gen Secure Web Gateway deployed to all managed user devices with limited block policies. Your manager asks that you begin blocking Cloud Storage applications that are not HIPAA compliant Prior to implementing this policy, you want to verity that no business or departmental applications would be blocked by this policy.
Referring to the exhibit, which query would you use in the Edit Widget window to narrow down the results?

A. Cloud Confidence Compliance neq HIPAA and Cloud Confidence Category is Cloud Storage

B. app-ccl-compliance-cert neq 'HIPAA' and category eq 'Cloud Storage'

C. SELECT application WHERE 'HIPAA' NOT IN app-cci-compliance AND WHERE 'Cloud Storage' IN category

D. app-compliance does not contain HIPAA and category must equal Cloud Storage

正解：B 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：5

You are implementing a solution to deploy Netskope for machine traffic in an AWS account across multiple VPCs. You want to deploy the least amount of tunnels while providing connectivity for all VPCs.
How would you accomplish this task?

A. Use IPsec tunnels from the AWS Transit Gateway.

B. Use IPsec tunnels from the AWS Virtual Private Gateway.

C. Use GRE tunnels from the AWS Transit Gateway.

D. Use GRE tunnels from the AWS Virtual Private Gateway

正解：A 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：6

You have enabled CASB traffic steering using the Netskope Client, but have not yet enabled a Real-time Protection policy. What is the default behavior of the traffic in this scenario?

A. Traffic will be allowed, but not logged.

B. Traffic will be blocked, but not logged.

C. Traffic will be allowed and logged.

D. Traffic will be blocked and logged.

正解：C 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

NSK300試験無料問題集「Netskope Certified Cloud Security Architect 認定」