NSK300試験無料問題集（62題）「Netskope Certified Cloud Security Architect 認定」

出題：1

Your company just had a new Netskope tenant provisioned and you are asked to create a secure tenant configuration. In this scenario, which two default settings should you change? {Choose two.)

A. Change Safe Search to Disabled

B. Change the No SNI setting to Block.

C. Change "Disallow concurrent logins by an Admin" to Enabled.

D. Change Untrusted Root Certificate to Block.

正解：C,D 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：2

Review the exhibit.

You are asked to integrate Netskope with Crowdstrike EDR. You added the Remediation profile shown in the exhibit.
Which action will this remediation profile take?

A. The malware will be quarantined.

B. The malware hash will be added as an IOC in Crowdstrike.

C. The endpoint will be isolated.

D. The malware hash will be added as an IOC in Netskope.

正解：C 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：3

You are implementing a solution to deploy Netskope for machine traffic in an AWS account across multiple VPCs. You want to deploy the least amount of tunnels while providing connectivity for all VPCs.
How would you accomplish this task?

A. Use IPsec tunnels from the AWS Transit Gateway.

B. Use IPsec tunnels from the AWS Virtual Private Gateway.

C. Use GRE tunnels from the AWS Transit Gateway.

D. Use GRE tunnels from the AWS Virtual Private Gateway

正解：A 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：4

You have multiple networking clients running on an endpoint and client connectivity is a concern. You are configuring co-existence with a VPN solution in this scenario, what is recommended to prevent potential routing issues?

A. Configure the VPN to full tunnel traffic and add an SSL Do Not Decrypt policy to the VPN configuration for all Netskope traffic.

B. Configure a Network Location with the VPN IP ranges and add it as a Steering Configuration exception.

C. Modify the VPN to operate in full tunnel mode at Layer 3. so that the Netskope agent will always see the traffic first.

D. Configure the VPN to split tunnel traffic by adding the Netskope IP and Google DNS ranges and set to Exclude in the VPN configuration.

正解：C 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：5

Users in your network are attempting to reach a website that has a self-signed certificate using a GRE tunnel to Netskope. They are currently being blocked by Netskope with an SSL error. How would you allow this traffic?

A. Ensure that the users add the self-signed certificate to their local certificate store.

B. Configure a Do Not Decrypt SSL Decryption rule to allow traffic to pass.

C. Configure a Real-time Protection policy with the action set to Allow.

D. Set the No SNI setting in Netskope to Bypass.

正解：B 解答を投票する

出題：6

Your Netskope Client tunnel has connected to Netskope; however, the user is not receiving any steering or client configuration updates What would cause this issue?

A. The client is unable to establish communication to gateway-(tenant|.goskope.com.

B. An invalid steering exception was created in the tenant

C. The client is unable to establish communication to add-on-[tenantl.goskope.com.

D. The Netskope Client service is not running.

正解：D 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

NSK300試験無料問題集「Netskope Certified Cloud Security Architect 認定」