Review the exhibit.You are at the Malware Incident page. A virus was detected by the Netskope Heuristics Engine. Your security team has confirmed that the virus was a test data file You want to allow the security team to use this fileReferring to the exhibit, which two statements are correct? (Choose two.)
Answer(s): A,C
To allow the security team to use the test data file that was detected as a virus by the Netskope Heuristics Engine, the following two steps are correct:Click the "Add To File Filter" button to add the IOC to a file list. This will exclude the file from future malware scans and prevent false positive alerts. The file list can be managed in the Settings > File Filter page1.Click the "Lookup VirusTotal" button to verify if this IOC is a false positive. This will open a new tab with the VirusTotal report for the file hash. VirusTotal is a service that analyzes files and URLs for viruses, worms, trojans, and other kinds of malicious content. The report will show how many antivirus engines detected the file as malicious and provide additional information about the file2.https://docs.netskope.com/en/netskope-help/admin-console/incidents/
Which object would be selected when creating a Malware Detection profile?
Answer(s): B
A file profile is an object that contains a list of file hashes that can be used to create a malware detection profile. A file profile can be configured as an allowlist or a blocklist, depending on whether the files are known to be benign or malicious. A file profile can be created in the Settings > File Profile page1. A malware detection profile is a set of rules that define how Netskope handles malware incidents. A malware detection profile can be created in the Policies > Threat Protection > Malware Detection Profiles page2. To create a malware detection profile, one needs to select a file profile as an allowlist or a blocklist, along with the Netskope malware scan option. The other options are not objects that can be selected when creating a malware detection profile.
Your learn is asked to Investigate which of the Netskope DLP policies are creating the most incidents. In this scenario, which two statements are true? (Choose two.)
Answer(s): B,C
To investigate which of the Netskope DLP policies are creating the most incidents, the following two statements are true:You can see the top five DLP policies triggered using the Analyze feature. The Analyze feature allows you to create custom dashboards and widgets to visualize and explore your data. You can use the DLP Policy widget to see the top five DLP policies that generated the most incidents in a given time period3.You can create a report using Reporting or Advanced Analytics. The Reporting feature allows you to create scheduled or ad-hoc reports based on predefined templates or custom queries. You can use the DLP Incidents by Policy template to generate a report that shows the number of incidents per DLP policy4. The Advanced Analytics feature allows you to run SQL queries on your data and export the results as CSV or JSON files. You can use the DLP_INCIDENTS table to query the data by policy name and incident count5.The other two statements are not true because:The Skope IT Applications tab will not list the top five DLP policies. The Skope IT Applications tab shows the cloud app usage and risk summary for your organization. It does not show any information about DLP policies or incidents6.The Skope IT Alerts tab will not list the top five DLP policies. The Skope IT Alerts tab shows the alerts generated by various policies and profiles, such as DLP, threat protection, IPS, etc. It does not show the number of incidents per policy, only the number of alerts per incident7.
You want to secure Microsoft Exchange and Gmail SMTP traffic for DLP using Netskope. Which statement is true about this scenario when using the Netskope client?
Answer(s): A
Netskope can inspect outbound SMTP traffic for Microsoft Exchange and Gmail using the Netskope client. The Netskope client intercepts the SMTP traffic from the user's device and forwards it to the Netskope cloud for DLP scanning. The Netskope client does not inspect inbound SMTP traffic, as this is handled by the cloud email service or the MTA. Therefore, option A is correct and the other options are incorrect.
Configure Netskope SMTP Proxy with Microsoft O365 Exchange, Configure Netskope SMTP Proxy with Gmail, SMTP DLP, Best Practices for Email Security with SMTP proxy
Your company needs to keep quarantined files that have been triggered by a DLP policy. In this scenario, which statement Is true?
When a policy flags a file to be quarantined, that file is placed in a quarantine folder and a tombstone file is put in the original location in its place. The quarantine folder is located in the Netskope data center assigned in the Quarantine profile. The Quarantine profile is configured in Settings > Threat Protection > API-enabled Protection. The quarantined file is zipped and protected with a password to prevent users from inadvertently downloading the file. Netskope then notifies the admin specified in the profile1. Therefore, option B is correct and the other options are incorrect.
Quarantine - Netskope Knowledge Portal, Threat Protection - Netskope Knowledge Portal
Share your comments for Netskope NSK200 exam with other users:
nice question
yes.
good mateial
good practice exam
impressivre qustion
questions seem helpful
good content
question 21 answer is alerts
am preparing for exam
good one thanks
only got thru 5 questions, need more to evaluate
q26 should be b
the aaa triad in information security is authentication, accounting and authorisation so the answer should be d 1, 3 and 5.
need to attend this
these are free brain dumps i understand, how can one get free pdf
provide access
good morning
please upload the ncp-mci 6.5 dumps, really need to practice this one. thanks guys
question 16: https://help.salesforce.com/s/articleview?id=sf.care_console_overview.htm&type=5
yes i m prepared exam
my experience was great with this site as i studied for the ms-900 from here and got 900/1000 on the test. my main focus was on the tutorials which were provided and practice questions. thanks!
great course
very good question
question: 93 which statement is true regarding the result? sales contain 6 columns and values contain 7 columns so c is not right answer.
highly recommend just passed my exam.
great practice! thanks
anyone who wrote this exam recently?
kindly share the dump
could you please upload cfe fraud prevention and deterrence questions? it will be very much helpful.
this is really very very helpful for mcd level 1
very helpful!
question #18s answer should be a, not d. this should be corrected. it should be minvalidityperiod
thanks for the exact solution
need to refer the questions and have to give the exam
Keeping this site free takes real effort. We constantly battle automated scraping and unauthorized content copying. A quick account helps us protect the community and keep the site free.
To continue studying for your NSK200, please sign in or create a free account.