EMT Practice Test

1. Question Content...


Question List

Question1: Which two statements are correct about Netskope's NewEdge Security Cloud Network Infrastructure?
(Choose two.)

Question2: How does a cloud security solution achieve visibility into TLS/SSL-protected Web traffic?

Question3: You want to set up a Netskope API connection to Box.
What two actions must be completed to enable this connection? (Choose two.)

Question4: Which three technologies describe the primary cloud service models as defined by the National Institute of Standards and Technology (NIST)? (Choose three.)

Question5: You are required to present a view of all upload activities completed by users tunneled from the Los Angeles office to cloud storage applications.
Which two basic filters would you use on the SkopeIT Applications page to satisfy this requirement? (Choose two.)

Question6: You want to block access to sites that use self-signed certificates. Which statement is true in this scenario?

Question7: Digital Experience Management (DEM) allows an administrator to monitor which two areas? (Choose two.)

Question8: Your customer asks you to secure all Web traffic as part of the initial configuration. In the Netskope platform, which statement is correct in this scenario?

Question9: As an administrator, you are asked to monitor the status of your IPsec and GRE tunnels.
In the Netskope Admin UI, which two sections would you use in this scenario? (Choose two.)

Question10: You determine that a business application uses non-standard HTTPS ports. You want to steer all HTTPS traffic for this application and have visibility and control over user activities.
Which action will allow you to accomplish this task?

Question11: A customer asks you to create several real-time policies. Policy A generates alerts when any user downloads, uploads, or shares files on a cloud storage application. Policy B blocks users from downloading files from any operating system (OS) other than Mac or Windows for cloud storage. In this case, policy A is least restrictive and policy B is more restrictive.
Which statement is correct in this scenario?

Question12: You are required to create a policy that will notify and allow users to log into their personal Google Drive instance.
Which two policy components must be configured to enforce this use case? (Choose two.)

Question13: Exhibit

A user is connected to a cloud application through Netskope's proxy.
In this scenario, what information is available at Skope IT? (Choose three.)

Question14: Users are connecting to sanctioned cloud applications from public computers, such as from a hotel business center.
Which traffic steering method would work in this scenario?

Question15: In which scenario would you use a SAML reverse proxy?

Question16: Which two technologies form a part of Netskope's Threat Protection module? (Choose two.)

Question17: You want to use an out-of-band API connection into your sanctioned Microsoft 365 OneDrive for Business application to find sensitive content, enforce near real-time policy controls, and quarantine malware.
In this scenario, which primary function in the Netskope platform would you use to connect your application to Netskope?

Question18: Which three components make up the Borderless SD-WAN solution? (Choose three)

Question19: Your company started deploying the latest version of the Netskope Client and you want to track the progress and device count using Netskope.
Which two statements are correct in this scenario? (Choose two.)

Question20: As an administrator, you need to configure the Netskope Admin UI to be accessible by specific IP addresses and to display a custom message after the admin users have been authenticated.
Which two statements are correct in this scenario? (Choose two.)

Question21: You are working with traffic from applications with pinned certificates. In this scenario, which statement is correct?

Question22: You want to prevent Man-in-the-Middle (MITM) attacks on an encrypted website or application. In this scenario, which method would you use?

Question23: Which Netskope platform component uses NewEdge Traffic Management for traffic steering?

Question24: You want to enable Netskope to gain visibility into your users' cloud application activities in an inline mode.
In this scenario, which two deployment methods would match your inline use case? (Choose two.)

Question25: Your organization has implemented Netskope Private Access (NPA) for all users. Users from the European region are reporting that they are unable to access many of their applications. You suspect that the publishers for the European data center may be disconnected and you want to verify the Publishers' status.
Which two methods describe how you would accomplish this task? (Choose two.)

Question26: You are attempting to allow access to an application using NPA. Private Apps steering is already enabled for all users.
In this scenario, which two actions are required to accomplish this task? (Choose two.)

Question27: You are asked to review files affected by malware in your organization. In this scenario, which two actions are possible and would be accessible from the Netskope UI -> Incidents --> Malware? (Choose two)

Question28: What correctly defines the Zero Trust security model?

Question29: Your company has implemented Netskope's Cloud Firewall and requires that all FTP connections are blocked regardless of the ports being used.
Which two statements correctly identify how to block FTP access? (Choose two.)

Question30: What are two CASB inline interception use cases? (Choose two.)

Question31: A company is attempting to steer traffic to Netskope using GRE tunnels. They notice that after the initial configuration, users cannot access external websites from their browsers.
What are three probable causes for this issue? (Choose three.)

Question32: Click the Exhibit button.
Referring to the exhibit, which statement accurately describes the difference between Source IP (Egress) and Source IP (User) address?

Question33: What are two uses for deploying a Netskope Virtual Appliance? (Choose two.)

Question34: You need to provide a quick view under the Skope IT Applications page showing only risky shadow IT cloud applications being used.
In this scenario, which two filter combinations would you use to accomplish this task? (Choose two.)

Question35: You have applied a DLP Profile to block all Personally Identifiable Information data uploads to Microsoft 365 OneDrive. DLP Alerts are not displayed and no OneDrive-related activities are displayed in the Skope IT App Events table.
In this scenario, what are two possible reasons for this issue? (Choose two.)

Question36: Your customer has cloud storage repositories containing sensitive files of their partners, including bank statements, consulting, and disclosure agreements. In this scenario, which feature would help them control the flow of these types of documents?

Question37: Which three security controls are offered by the Netskope Cloud platform? (Choose three.)

Question38: A new customer is concerned about performance, especially with respect to Microsoft 365. They have offices in 20 countries around the world and their workforce is mostly mobile.
In this scenario, which two statements about NewEdge would align with the customer's requirements? (Choose two.)

Question39: What are two valid use cases for the Cloud Confidence Index (CCI)? (Choose two.)

Question40: How do you provision users to your customer's Netskope tenant? (Choose two.)

Question41: Your customer has cloud storage repositories containing sensitive files of their partners, including bank statements, consulting, and disclosure agreements. In this scenario, which feature would help them control the flow of these types of documents?

Question42: Which two capabilities are part of Netskope's Adaptive Zero Trust Data Protection? (Choose two.)

Question43: What are two characteristics of Netskope's Private Access Solution? (Choose two.)

Question44: Click the Exhibit button.

Referring to the exhibit, you have a user reporting that a blocked website is needed for legitimate business reasons. Upon review, you determine that the user has been blocked by the Global Block policy. You need to create an exception forthat domain. You create a custom URL list that includes the domain.
In this scenario, which two actions would allow this access? (Choose two.)

Question45: A customer wants to receive e-mail alerts whenever Netskope publishes an incident involving a specific service, or if Netskope publishes information regarding planned maintenance. Which two Netskope sites allow an administrator to subscribe to service notifications? (Choose two.)

Question46: You have an issue with the Netskope client connecting to the tenant.
In this scenario, what are two ways to collect the logs from the client machine? (Choose two.)

Question47: Click the Exhibit button.

Referring to the exhibit, what are two recommended steps to be set on the perimeter device to monitor IPsec tunnels to a Netskope data plane? (Choose two.)

Question48: What are two reasons why legacy solutions, such as on-premises firewalls and proxies, fail to secure the data and data access compared to Netskope Secure Web Gateway? (Choose two.)

Question49: You are deploying TLS support for real-time Web and SaaS transactions. What are two secure implementation methods in this scenario? (Choose two.)

Question50: Which two cloud security and infrastructure enablement technologies does Secure Access Service Edge (SASE) combine into its unified platform? (Choose two.)

Question51: When would an administrator need to use a tombstone file?

Question52: What is the limitation of using a legacy proxy compared to Netskope's solution?

Question53: Click the Exhibit button.

A user is connected to a SaaS application through Netskope's Next Gen SWG with SSL inspection enabled. In this scenario, what information is available in SkopeIT? (Choose three.)

Question54: Which three statements about Netskope Private Access Publishers are correct? (Choose three.)

Question55: You are working with a large retail chain and have concerns about their customer data. You want to protect customer credit card data so that it is never exposed in transit or at rest. In this scenario, which regulatory compliance standard should be used to govern this data?

Question56: Which compliance standard should a company consider if both controllers and processors have legal entities in the EU?

Question57: You consume application infrastructure (middleware) capabilities by a third-party provider. What is the cloud service model that you are using in this scenario?

Question58: You are required to restrict cloud users from uploading data to any risky cloud storage service as defined by the Cloud Confidence Index. In the Netskope platform, which two policy elements would enable you to implement this control? (Choose two)

Question59: Click the Exhibit button.

A user has the Netskope Client enabled with the correct steering configuration applied. The exhibit shows an inline policy that has a predefined webmail category blocked. However the user is still able to access Yahoo mail.
Which statement is correct in this scenario?

Question60: In the Skope IT interface, which two event tables would be used to label a cloud application instance? (Choose two.)

Question61: You are creating a real-time policy for cloud applications.
In addition to users, groups, and organizational units, which two source criteria would support this scenario?
(Choose two.)

Question62: A company user cannot open a sports news site. You want to review the category of the website and see how the rules are applied even though this category is allowed. In this scenario, which action will accomplish this task?

Question63: You are required to provide an additional pop-up warning to users before allowing them to proceed to Web applications categorized as "low" or "poor" by Netskope's Cloud Confidence Index. Which action would allow you to accomplish this task?