Question No. 1

You are troubleshooting private application access from a user's computer. The user is complaining that they cannot access the corporate file share; however, the private tunnel seems to be established. You open the npadebuglog.log file in a text editor and cannot find any reference to the private application.

AThe absence of npadebuglog.log entries is not significant.

BFile shares cannot be published using private access.

CThe user is not added to the required real-time policy.

DThe user needs to re-authenticate for private applications.

Show Answer

Correct Answer: C

If there are no references to the private application in the npadebuglog.log, it is likely that the user is not added to the required real-time policy. Without proper policy assignment, the user's traffic will not be routed correctly through the private access setup, causing access issues.

Question No. 2

You have created a specific Skope IT application events query and want to have the query automatically run and display the results every time you log into your tenant.

Which two statements are correct in this scenario? (Choose two.)

AAdd the Watchlist widget from the library to your home page.

BExport a custom Skope IT watchlist to a report and then schedule it to run daily.

CSave a custom Skope IT watchlist, then manage filters and share with others.

DAdd your Skope IT query to a custom watchlist.

Show Answer

Correct Answer: C, D

Adding a Skope IT query to a custom watchlist allows the query to be saved and easily accessed. Saving the watchlist and managing filters also lets you customize it further and share it with others in your organization if needed.

Question No. 3

Your company asks you to use Netskope to integrate with Endpoint Detection and Response (EDR) vendors such as CrowdStrike. In this scenario, what is a requirement for a successful Integration and sharing of threat data?

AAPI Client ID

Bdevice classification

Ccustom log parser

Duser endpoint

Show Answer

Correct Answer: A

To integrate Netskope with EDR vendors such as CrowdStrike and share threat data, a requirement for a successful integration is A. API Client ID. An API Client ID is a unique identifier that is used to authenticate and authorize requests to the EDR vendor's API. You need to obtain an API Client ID from the EDR vendor and enter it in the Netskope tenant settings under Threat Protection > Integration.This will allow Netskope to communicate with the EDR vendor and exchange threat intelligence and remediation actions1. Therefore, option A is correct and the other options are incorrect.Reference:Integrating CrowdStrike for EDR - Netskope Knowledge Portal

Question No. 4

You want to provision users and groups to a Netskope tenant. You have Microsoft Active Directory servers hosted in two different forests. Which statement is true about this scenario?

AYou can use the Netskope Adapter Tool for user provisioning.

BYou can use the Netskope virtual appliance for user provisioning

CYou cannot provision users until you migrate to Azure AD or Okta.

DYou can use SCIM version 2 for user provisioning.

Show Answer

Correct Answer: D

You can use SCIM version 2 for user provisioning in this scenario. SCIM (System for Cross-domain Identity Management) is a standard protocol for exchanging identity information across different cloud applications. Netskope supports SCIM version 2 and can integrate with identity providers (IdPs) that follow the same standard, such as Microsoft Azure AD, Okta, OneLogin, and Ping Identity. You can use SCIM to provision users and groups from multiple Active Directory forests to a Netskope tenant. The other options are not valid for this scenario. The Netskope Adapter Tool and the Netskope virtual appliance are used for user identification, not provisioning. They can only connect to one Active Directory forest at a time.You do not need to migrate to Azure AD or Okta to provision users, as Netskope supports other IdPs that use SCIM as well.Reference:Provisioning Users for Netskope Client1,SCIM Integration2

Question No. 5

Which object would be selected when creating a Malware Detection profile?

ADLP profile

BFile profile

CDomain profile

DUser profile

Show Answer

Correct Answer: B

A file profile is an object that contains a list of file hashes that can be used to create a malware detection profile. A file profile can be configured as an allowlist or a blocklist, depending on whether the files are known to be benign or malicious.A file profile can be created in the Settings > File Profile page1. A malware detection profile is a set of rules that define how Netskope handles malware incidents.A malware detection profile can be created in the Policies > Threat Protection > Malware Detection Profiles page2. To create a malware detection profile, one needs to select a file profile as an allowlist or a blocklist, along with the Netskope malware scan option. The other options are not objects that can be selected when creating a malware detection profile.

Free Netskope NSK200 Exam Actual Questions

The questions for NSK200 were last updated On Dec 20, 2024