Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location PL
Mob_nav_barsMENU

Netskope Exam NSK200 Topic 5 Question 38 Discussion

Actual exam question for Netskope's NSK200 exam
Question #: 38
Topic #: 5
[All NSK200 Questions]

Your customer currently only allows users to access the corporate instance of OneDrive using SSO with the Netskope client. The users are not permitted to take their laptops when vacationing, but sometimes they must have access to documents on OneDrive when there is an urgent request. The customer wants to allow employees to remotely access OneDrive from unmanaged devices while enforcing DLP controls to prohibit downloading sensitive files to unmanaged devices.

Which steering method would satisfy the requirements for this scenario?

Show Suggested Answer Hide Answer
Suggested Answer: B, C

There are two possible scenarios that would cause the behavior of files containing test data for credit cards not triggering DLP events when uploaded to Dropbox. One scenario is that the DLP rule has the severity threshold set to a value higher than the number of occurrences. This means that the rule will only trigger an event if the number of matches for the sensitive data exceeds the specified threshold. For example, if the rule has a severity threshold of 10 and the file contains only 5 credit card numbers, then no event will be generated. To fix this, you can lower the severity threshold or remove it altogether. The other scenario is that the credit card numbers in your test data are invalid 16-digit numbers. This means that the numbers do not pass the Luhn algorithm check, which is a validation method used by Netskope DLP to detect valid credit card numbers. For example, if the number is 1234-5678-9012-3456, then it is not a valid credit card number and will not be detected by Netskope DLP. To fix this, you can use valid test credit card numbers that pass the Luhn algorithm check. The other options are not valid scenarios for this behavior. The Netskope client is not steering Dropbox traffic is not a valid scenario because there are corresponding page events, which means that the traffic is being steered to Netskope.There is no API protection configured for Dropbox is not a valid scenario because API protection is not required for DLP detection on file uploads, which are handled by real-time protection.Reference:DLP Rule Settings1,Credit Card Number Detection2


by Eric at Mar 18, 2025, 08:22 AM

Limited Time Offer

25%

Off

Get Premium NSK200 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Simona
1 months ago
I'm just impressed they're even considering remote access. Back in my day, we had to hike 10 miles through the snow to get to the nearest OneDrive kiosk!
upvoted 0 times
...
Irene
1 months ago
Wait, are we talking about a corporate OneDrive or a personal one? Because if it's personal, I'm just gonna sneak in a copy of the files on a USB drive. No one will ever know!
upvoted 0 times
Dacia
13 days ago
B) Use proxy chaining with their cloud service providers integrated with their SSO.
upvoted 0 times
...
Talia
14 days ago
C) Use a forward proxy integrated with their SSO.
upvoted 0 times
...
Mattie
17 days ago
A) Use a reverse proxy integrated with their SSO.
upvoted 0 times
...
...
Devon
1 months ago
Ooh, a secure forwarder integrated with an on-premises proxy? That sounds like a pretty robust solution. I'll have to give that one some more thought.
upvoted 0 times
Refugia
1 days ago
C) Use a forward proxy integrated with their SSO.
upvoted 0 times
...
Leonor
15 days ago
B) Use proxy chaining with their cloud service providers integrated with their SSO.
upvoted 0 times
...
Carylon
28 days ago
A) Use a reverse proxy integrated with their SSO.
upvoted 0 times
...
...
Omega
2 months ago
Hmm, I'm not sure. Option B with proxy chaining might be a bit overkill for this scenario. I'd probably go with the simpler solution of a reverse proxy.
upvoted 0 times
Elenore
5 days ago
I think a reverse proxy would be the most straightforward solution for this scenario.
upvoted 0 times
...
Elmira
12 days ago
Yeah, a reverse proxy would probably be easier to implement and still meet the requirements.
upvoted 0 times
...
Nikita
13 days ago
I agree, option B does seem like overkill. A reverse proxy might be the way to go.
upvoted 0 times
...
...
Genevieve
2 months ago
I think option C is the way to go. Using a forward proxy integrated with their SSO will allow remote access while still enforcing DLP controls.
upvoted 0 times
Serina
5 days ago
It makes sense to use a forward proxy to enforce DLP controls while allowing remote access.
upvoted 0 times
...
Wilbert
7 days ago
I think using a forward proxy integrated with their SSO is the most secure option.
upvoted 0 times
...
Raul
1 months ago
I agree, option C seems like the best choice for this scenario.
upvoted 0 times
...
...
Phil
2 months ago
I'm not sure, but I think option C) using a forward proxy integrated with their SSO could also work.
upvoted 0 times
...
Tresa
2 months ago
I agree with Janae. A reverse proxy would allow remote access while enforcing DLP controls.
upvoted 0 times
...
Janae
2 months ago
I think option A) using a reverse proxy integrated with their SSO would work best.
upvoted 0 times
...

Save Cancel
az-700  pass4success  az-104  200-301  200-201  cissp  350-401  350-201  350-501  350-601  350-801  350-901  az-720  az-305  pl-300  

Warning: Cannot modify header information - headers already sent by (output started at /pass.php:70) in /pass.php on line 77