Amazon
Avaya
Checkpoint
Cisco®
CompTIA
CrowdStrike
EC-Council
EXIN
Fortinet
Google
ISC
ISC2
ITIL®
Juniper
Microsoft
Okta
Palo Alto Networks
Salesforce
All Vendors
  1. Home
  2. Netskope
  3. NSK200

Netskope NSK200 Exam (page: 1)
Netskope Certified Cloud Security Integrator
Updated on: 25-Dec-2025

Viewing Page 1 of 13
NSK200 PDF 93 Questions

To which three event types does Netskope's REST API v2 provide access? (Choose three.)

  1. application
  2. alert
  3. client
  4. infrastructure
  5. user

Answer(s): A,B,D

Explanation:

Netskope's REST API v2 provides access to various event types via URI paths. The event types include application, alert, infrastructure, audit, incident, network, and page. These event types can be used to retrieve data from Netskope's cloud security platform. The event types client and user are not supported by the REST API v2.


Reference:

REST API v2 Overview, Cribl Netskope Events and Alerts Integration, REST API Events and Alerts Response Descriptions



Review the exhibit.



Your company uses Google as the corporate collaboration suite; however, corporate policy restricts the use of personal Google services. The exhibit provides a partially completed policy to ensure that users cannot log into their personal account.

What should be added to achieve the desired outcome in this scenario?

  1. Google Gmail app
  2. User Constraint
  3. DLP profile
  4. Device classification

Answer(s): B

Explanation:

In order to restrict users from logging into their personal Google accounts, the policy should include a user constraint. This will ensure that only users with corporate accounts can access the corporate collaboration suite. The user constraint can be added by selecting the "User" option in the "Source" field and then choosing the appropriate user group or identity provider. The other options are not relevant for this scenario.


Reference:

[Creating a Policy to Block Personal Google Services], [Policy Creation], [User Constraint]



You have deployed a development Web server on a public hosting service using self-signed SSL certificates. After some troubleshooting, you determined that when the Netskope client is enabled, you are unable to access the Web server over SSL. The default Netskope tenant steering configuration is in place.

In this scenario, which two settings are causing this behavior? (Choose two.)

  1. SSL pinned certificates are blocked.
  2. Untrusted root certificates are blocked.
  3. Incomplete certificate trust chains are blocked.
  4. Self-signed server certificates are blocked.

Answer(s): B,D

Explanation:

The default Netskope tenant steering configuration blocks untrusted root certificates and self-signed server certificates. These settings are intended to prevent man-in-the-middle attacks and ensure the validity of the SSL connection. However, they also prevent the access to the development Web server that uses self-signed SSL certificates. To allow access to the Web server, the settings need to be changed or an exception needs to be added for the Web server domain.



Your customer currently only allows users to access the corporate instance of OneDrive using SSO with the Netskope client. The users are not permitted to take their laptops when vacationing, but sometimes they must have access to documents on OneDrive when there is an urgent request. The customer wants to allow employees to remotely access OneDrive from unmanaged devices while enforcing DLP controls to prohibit downloading sensitive files to unmanaged devices.

Which steering method would satisfy the requirements for this scenario?

  1. Use a reverse proxy integrated with their SSO.
  2. Use proxy chaining with their cloud service providers integrated with their SSO.
  3. Use a forward proxy integrated with their SSO.
  4. Use a secure forwarder integrated with an on-premises proxy.

Answer(s): A

Explanation:

A reverse proxy integrated with their SSO would satisfy the requirements for this scenario. A reverse proxy intercepts requests from users to cloud apps and applies policies based on user identity, device posture, app, and data context. It can enforce DLP controls to prohibit downloading sensitive files to unmanaged devices. It can also integrate with the customer's SSO provider to authenticate users and allow access only to the corporate instance of OneDrive. The other steering methods are not suitable for this scenario because they either require the Netskope client or do not provide granular control over cloud app activities.



An engineering firm is using Netskope DLP to identify and block sensitive documents, including schematics and drawings. Lately, they have identified that when these documents are blocked, certain employees may be taking screenshots and uploading them. They want to block any screenshots from being uploaded.

Which feature would you use to satisfy this requirement?

  1. exact data match (EDM)
  2. document fingerprinting
  3. ML image classifier
  4. optical character recognition (OCR)

Answer(s): C

Explanation:

To block any screenshots from being uploaded, the engineering firm should use the ML image classifier feature of Netskope DLP. This feature uses machine learning to detect sensitive information within images, such as screenshots, whiteboards, passports, driver's licenses, etc. The firm can create a DLP policy that blocks any image upload that matches the screenshot classifier. This will prevent employees from circumventing the DLP controls by taking screenshots of sensitive documents.


Reference:

Improved DLP Image Classifiers, Netskope Data Loss Prevention, The Importance of a Machine Learning-Based Source Code Classifier



Viewing Page 1 of 13



Share your comments for Netskope NSK200 exam with other users:

labuschanka 11/16/2023 6:06:00 PM

i gave the microsoft azure az-500 tests and prepared from this site as it has latest mock tests available which helped me evaluate my performance and score 919/1000
Anonymous


Marianne 10/22/2023 11:57:00 PM

i cannot see the button to go to the questions
Anonymous


sushant 6/28/2023 4:52:00 AM

good questions
EUROPEAN UNION


A\MAM 6/27/2023 5:17:00 PM

q-6 ans-b correct. https://docs.paloaltonetworks.com/pan-os/9-1/pan-os-cli-quick-start/use-the-cli/commit-configuration-changes
UNITED STATES


unanimous 12/15/2023 6:38:00 AM

very nice very nice
Anonymous


akminocha 9/28/2023 10:36:00 AM

please help us with 1z0-1107-2 dumps
INDIA


Jefi 9/4/2023 8:15:00 AM

please upload the practice questions
Anonymous


Thembelani 5/30/2023 2:45:00 AM

need this dumps
Anonymous


Abduraimov 4/19/2023 12:43:00 AM

preparing for this exam is overwhelming. you cannot pass without the help of these exam dumps.
UNITED KINGDOM


Puneeth 10/5/2023 2:06:00 AM

new to this site but i feel it is good
EUROPEAN UNION


Ashok Kumar 1/2/2024 6:53:00 AM

the correct answer to q8 is b. explanation since the mule app has a dependency, it is necessary to include project modules and dependencies to make sure the app will run successfully on the runtime on any other machine. source code of the component that the mule app is dependent of does not need to be included in the exported jar file, because the source code is not being used while executing an app. compiled code is being used instead.
Anonymous


Merry 7/30/2023 6:57:00 AM

good questions
Anonymous


VoiceofMidnight 12/17/2023 4:07:00 PM

Delayed the exam until December 29th.
UNITED STATES


Umar Ali 8/29/2023 2:59:00 PM

A and D are True
Anonymous


vel 8/28/2023 9:17:09 AM

good one with explanation
Anonymous


Gurdeep 1/18/2024 4:00:15 PM

This is one of the most useful study guides I have ever used.
CANADA