Netskope Updated NSK101 Exam Questions and Answers by kyan

To enable Netskope to gain visibility into your users’ cloud application activities in an inline mode, you need to use a deployment method that allows Netskope to intercept and inspect the traffic between your users and the cloud applications in real time. Two deployment methods that would match your inline use case are: use a forward proxy and use a reverse proxy. A forward proxy is a deployment method that allows Netskope to act as a proxy server for your users’ outbound traffic to the internet. You can configure your users’ devices or browsers to send their traffic to Netskope’s proxy server, either manually or using PAC files or VPN profiles. A reverse proxy is a deployment method that allows Netskope to act as a proxy server for your users’ inbound traffic from specific cloud applications. You can configure your cloud applications to redirect their traffic to Netskope’s proxy server, either using custom URLs or certificates. Using an API connector or a log parser are not deployment methods that would match your inline use case, as they are more suitable for out-of-band modes that rely on accessing data and events from the cloud applications using APIs or logs, rather than intercepting traffic in real time. References: [Netskope Inline CASB], Netskope Security Cloud Operation & Administration (NSCO&A) - Classroom Course, Module 3: Steering Configuration, Lesson 4: Forward Proxy and Lesson 5: Reverse Proxy.

To locate information pertaining to a DLP violation on a file in your sanctioned Google Drive instance, you can use the Incidents dashboard in Netskope. The Incidents dashboard provides a comprehensive view of all the incidents that have occurred in your cloud environment, such as DLP violations, malware infections, anomalous activities, etc. You can filter the incidents by various criteria, such as app name, incident type, severity, user name, etc. You can also drill down into each incident to see more details, such as file name, file path, file owner, file size, file type, etc. The Incidents dashboard can show DLP violations for files that are in a deleted state, as long as they are still recoverable from the trash bin of the app. If the file is permanently deleted from the app, then the incident will not be visible in the dashboard. References: Netskope Incidents Dashboard

To secure all web traffic as part of the initial configuration in the Netskope platform, you need to:

Add the all Web traffic option to the steering configuration: This ensures that all web traffic is routed through Netskope for inspection and policy enforcement. By steering all web traffic, you enable Netskope to apply security measures, such as SSL decryption, threat protection, and DLP, to all HTTP and HTTPS traffic.

Netskope does not automatically steer all web traffic by default; it requires configuration in the steering policies. Selecting all web traffic in the SSL decryption section only pertains to decrypting traffic, not the actual steering of the traffic.

References:

Netskope documentation on configuring steering settings and policies.

Guidelines for setting up web traffic steering and SSL decryption in the Netskope platform.

=================

To restrict cloud users from uploading data to risky cloud storage services as defined by the Cloud Confidence Index (CCI) in the Netskope platform, you would use the following policy elements:

Category: This policy element allows you to define and restrict actions based on the category of the cloud application. For example, you can categorize cloud storage services and create policies that restrict uploads to any application that falls under this category.

Cloud Confidence Level: This policy element leverages the Cloud Confidence Index (CCI), which rates the risk level of cloud applications. By using the Cloud Confidence Level, you can create policies that restrict uploads to applications with a low confidence level, thereby preventing data uploads to risky cloud storage services.

References:

Using the Netskope Knowledge Portal documentation, specifically under policy configuration and enforcement, which details how to use categories and Cloud Confidence Level in policy creation.

Postman collection and API documentation that describes the usage of these elements in the Netskope API.

=================