You jus! deployed and registered an NPA publisher for your first private application and need to provide access to this application for the Human Resources (HR) users group only. How would you accomplish this task?
To provide access to a private application for the Human Resources (HR) users group only after deploying and registering an NPA publisher, you would need to:
Enable private app steering in the Steering Configuration assigned to the HR group: This ensures that only traffic from the HR user group is steered towards the private application.
Create a new private app and assign it to the HR user group: This step involves defining the private application within Netskope and specifying that only the HR user group should have access to it.
Create a new Real-time Protection policy as follows:
Source = HR user group: This specifies that the policy applies to the HR user group.
Destination = Private App: This defines the private application as the destination for the policy.
Action = Allow: This action allows the HR user group to access the private application.
By following these steps, you can ensure that only the HR user group has access to the private application, aligning with the principles of least privilege and zero trust access control.
A company wants to capture and maintain sensitive Pll data in a relational database to help their customers. There are many employees and contractors that need access to sensitive customer data to perform their duties The company wants to prevent the exfiltration of sensitive customer data by their employees and contractors.
In this scenario. what would satisfy this requirement?
A company needs to block access to their instance of Microsoft 365 from unmanaged devices. They have configured Reverse Proxy and have also created a policy that blocks login activity for the AD group "marketing-users" for the Reverse Proxy access method. During UAT testing, they notice that access from unmanaged devices to Microsoft 365 is not blocked for marketing users.
What is causing this issue?
The issue is likely caused by a missing group name in the SAML response (A). When access to Microsoft 365 from unmanaged devices is not blocked as expected, despite having a policy in place, it often indicates that the SAML assertion is not correctly identifying the user as a member of the restricted group. In this case, the ''marketing-users'' group name should be present in the SAML response to enforce the policy that blocks login activity for this group. If the group name is missing, the policy will not apply, and users will not be blocked as intended.
Users in your network are attempting to reach a website that has a self-signed certificate using a GRE tunnel to Netskope. They are currently being blocked by Netskope with an SSL error. How would you allow this traffic?
You want to verify that Google Drive is being tunneled to Netskope by looking in the nsdebuglog file. You are using Chrome and the Netskope Client to steer traffic. In this scenario, what would you expect to see in the log file?
A)
B)
C)
D)
Full Exam Access, Actual Exam Questions, Validated Answers, Anytime Anywhere, No Download Limits, No Practice Limits
Get All 60 Questions & Answers