Netskope Certified Cloud Security Architect v1.0

You are troubleshooting an issue with users who are unable to reach a financial SaaS application when their traffic passes through Netskope. You determine that this is because of IP restrictions in place with the SaaS vendor. You are unable to add Netskope's IP ranges at this time, but need to allow the traffic.
How would you allow this traffic?

Review the exhibit.

You are the proxy administrator for a medical devices company. You recently changed a pilot group of users from cloud app steering to all Web traffic. Pilot group users have started to report that they receive the error shown in the exhibit when attempting to access the company intranet site that is publicly available. During troubleshooting, you realize that this site uses your company’s internal certificate authority for SSL certificates.
Which three statements describe ways to solve this issue? (Choose three.)

Given the following:

Which result does this Skope IT query provide?

A recent report states that users are using non-sanctioned Cloud Storage platforms to share data. Your CISO asks you for a list of aggregated users, applications, and instance IDs to increase security posture.
Which Netskope tool would be used to obtain this data?

You deployed the Netskope Client for Web steering in a large enterprise with dynamic steering. The steering configuration includes a bypass rule for an application that is IP restricted.
What is the source IP for traffic to this application when the user is on-premises at the enterprise?

Your company has a large number of medical forms that are allowed to exit the company when they are blank. If the forms contain sensitive data, the forms must not leave any company data centers, managed devices, or approved cloud environments. You want to create DLP rules for these forms.
Which first step should you take to protect these forms?

You are consuming Audit Reports as part of a Salesforce API integration. Someone has made a change to a Salesforce account record field that should not have been made and you are asked to verify the previous value of the structured data field. You have the approximate date and time of the change, user information, and the new field value.
How would you accomplish this task?

You configured a pair of IPsec tunnels from the enterprise edge firewall to a Netskope data plane. These tunnels have been implemented to steer traffic for a set of defined HTTPS SaaS applications accessed from end-user devices that do not support the Netskope Client installation. You discover that all applications steered through this tunnel are non-functional.
According to Netskope, how would you solve this problem?

Your company just had a new Netskope tenant provisioned and you are asked to create a secure tenant configuration.
In this scenario, which two default settings should you change? (Choose two.)

You successfully configured Advanced Analytics to identify policy violation trends. Upon further investigation, you notice that the activity is NULL.
Why is this happening in this scenario?

You want customers to configure Real-time Protection policies.
In which order should the policies be placed in this scenario?

You are currently designing a policy for AWS S3 bucket scans with a custom DLP profile.
Which policy action(s) are available for this policy?

You are architecting a Netskope steering configuration for devices that are not owned by the organization. The users could be either on-premises or off-premises and the architecture requires that traffic destined to the company’s instance of Microsoft 365 be steered to Netskope for inspection.
How would you achieve this scenario from a steering perspective?

You are implementing a solution to deploy Netskope for machine traffic in an AWS account across multiple VPCs. You want to deploy the least amount of tunnels while providing connectivity for all VPCs.
How would you accomplish this task?