NSK300無料問題集「Netskope Certified Cloud Security Architect」

質問 1

A company has deployed Explicit Proxy over Tunnel (EPoT) for their VDI users They have configured Forward Proxy authentication using Okta Universal Directory They have also configured a number of Real-time Protection policies that block access to different Web categories for different AD groups so. for example, marketing users are blocked from accessing gambling sites. During User Acceptance Testing, they see inconsistent results where sometimes marketing users are able to access gambling sites and sometimes they are blocked as expected They are seeing this inconsistency based on who logs into the VDI server first.
What is causing this behavior?

（A）Forward Proxy authentication is configured but not enabled.

（B）Forward Proxy is configured to use the Cookie Surrogate

（C）Forward Proxy is not configured to use the Cookie Surrogate

（D）Forward Proxy is not configured to use the IP Surrogate

正解：C 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 2

You want to integrate with a third-party DLP engine that requires ICAP. In this scenario, which Netskope platform component must be configured?

（A）On-Premises Log Parser (OPLP)

（B）Secure Forwarder

（C）Netskope Adapter

（D）Netskope Cloud Exchange

正解：C 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 3

You jus! deployed and registered an NPA publisher for your first private application and need to provide access to this application for the Human Resources (HR) users group only. How would you accomplish this task?

（A）1. Enable private app steering in the Steering Configuration assigned to the HR group.
2. Create a new private app and assign it to the HR user group
3. Create a new Real-time Protection policy as follows:Source = HR user group Destination = Private App Action = Allow

（B）1. Create a new private app and assign it to the HR user group.
2. Create a new Real-time Protection policy as follows:
Source = HR user group Destination = Private App Action = Allow.

（C）1. Enable private app steering in Tenant Steering Configuration.
2. Create a new private app and assign it to the HR user group.

（D）1. Enable private app steering in the Steering Configuration assigned to the HR group.
2. Create a new Private App.
3. Create a new Real-time Protection policy as follows;
Source = HR user group Destination = Private App Action = Allow

正解：A 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 4

You have enabled CASB traffic steering using the Netskope Client, but have not yet enabled a Real-time Protection policy. What is the default behavior of the traffic in this scenario?

（A）Traffic will be allowed and logged.

（B）Traffic will be blocked, but not logged.

（C）Traffic will be allowed, but not logged.

（D）Traffic will be blocked and logged.

正解：A 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 5

Users in your network are attempting to reach a website that has a self-signed certificate using a GRE tunnel to Netskope. They are currently being blocked by Netskope with an SSL error. How would you allow this traffic?

（A）Set the No SNI setting in Netskope to Bypass.

（B）Configure a Do Not Decrypt SSL Decryption rule to allow traffic to pass.

（C）Configure a Real-time Protection policy with the action set to Allow.

（D）Ensure that the users add the self-signed certificate to their local certificate store.

正解：B 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 6

Review the exhibit.

You are attempting to block uploads of password-protected files. You have created the file profile shown in the exhibit.
Where should you add this profile to use in a Real-time Protection policy?

（A）Add the profile to a Malware Detection profile that is used in a Real-time Protection policy.

（B）Add the profile directly to a Real-time Protection policy as a Constraint.

（C）Add the profile to a Constraint profile that is used in a Real-time Protection policy.

（D）Add the profile to a DLP profile that is used in a Real-time Protection policy.

正解：D 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

NSK300 無料問題集「Netskope Certified Cloud Security Architect」

弊社を連絡する

関連リンク

トップ試験