Netskope Certification NSK200 Updated Exam

 A file profile is an object that contains a list of file hashes that can be used to create a malware detection profile. A file profile can be configured as an allowlist or a blocklist, depending on whether the files are known to be benign or malicious. A file profile can be created in the Settings > File Profile page1. A malware detection profile is a set of rules that define how Netskope handles malware incidents. A malware detection profile can be created in the Policies > Threat Protection > Malware Detection Profiles page2. To create a malware detection profile, one needs to select a file profile as an allowlist or a blocklist, along with the Netskope malware scan option. The other options are not objects that can be selected when creating a malware detection profile.

The statement that is correct in this scenario is D. Credit card numbers are entered with a space or dash separator and not as a 16-digit consecutive number. This is one of the possible reasons why valid credit card numbers in a file are not triggering a policy violation by Netskope DLP. Netskope DLP uses data identifiers to detect sensitive data in files and network traffic. Data identifiers are predefined or custom rules that match data patterns based on regular expressions, checksums, keywords, etc1. The credit card number data identifier matches 16-digit consecutive numbers that pass the Luhn algorithm check2. If the credit card numbers are entered with a space or dash separator, such as 1234-5678-9012-3456 or 1234 5678 9012 3456, they will not match the data identifier and will not trigger a policy violation. To solve this problem, you can either remove the separators from the credit card numbers or create a custom data identifier that matches the credit card numbers with separators3. Therefore, option D is correct and the other options are incorrect. References: Data Identifiers - Netskope Knowledge Portal, Credit Card Number - Netskope Knowledge Portal, Create a Custom Data Identifier - Netskope Knowledge Portal

The problem in this scenario is that the Netskope client connection is being decrypted by a network security device. This is evident from the log message “ERROR SSL certificate verification failed: self signed certificate in certificate chain”. This means that the Netskope client is receiving a certificate that is not issued by Netskope, but by a device that is intercepting and decrypting the traffic between the client and the Netskope cloud. This can cause the client to fail to download the required configuration and remain in a disabled state1. Therefore, option B is correct and the other options are incorrect. References: Troubleshooting Netskope Client - Netskope Knowledge Portal, Using Netskope Client - Netskope Knowledge Portal

If user groups cannot be pushed from the IdP into Netskope, one possible cause is that the group contains both active and deactivated users. Deactivated users in a group can create conflicts during provisioning, as Netskope expects all users in the group to be active​​.