New Year Sale 2026! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Netskope NSK101 Exam - Topic 1 Question 12 Discussion

Actual exam question for Netskope's NSK101 exam
Question #: 12
Topic #: 1
[All NSK101 Questions]

You have applied a DLP Profile to block all Personally Identifiable Information data uploads to Microsoft 365 OneDrive. DLP Alerts are not displayed and no OneDrive-related activities are displayed in the Skope IT App Events table.

In this scenario, what are two possible reasons for this issue? (Choose two.)

Show Suggested Answer Hide Answer
Suggested Answer: C, D, E

The three technologies that describe the primary cloud service models as defined by the National Institute of Standards and Technology (NIST) are Platform as a Service (PaaS), Software as a Service (SaaS), and Infrastructure as a Service (IaaS). These service models are based on the type of computing capability that is provided by the cloud provider to the cloud consumer over a network. According to NIST, these service models have the following definitions:

Platform as a Service (PaaS): The capability provided to the consumer is to deploy onto the cloud infrastructure consumer-created or acquired applications created using programming languages, libraries, services, and tools supported by the provider. The consumer does not manage or control the underlying cloud infrastructure including network, servers, operating systems, or storage, but has control over the deployed applications and possibly configuration settings for the application-hosting environment.

Software as a Service (SaaS): The capability provided to the consumer is to use the provider's applications running on a cloud infrastructure. The applications are accessible from various client devices through either a thin client interface, such as a web browser (e.g., web-based email), or a program interface. The consumer does not manage or control the underlying cloud infrastructure including network, servers, operating systems, storage, or even individual application capabilities, with the possible exception of limited user-specific application configuration settings.

Infrastructure as a Service (IaaS): The capability provided to the consumer is to provision processing, storage, networks, and other fundamental computing resources where the consumer is able to deploy and run arbitrary software, which can include operating systems and applications. The consumer does not manage or control the underlying cloud infrastructure but has control over operating systems, storage, and deployed applications; and possibly limited control of select networking components (e.g., host firewalls).


by Albina at Jun 01, 2024, 06:05 AM

Limited Time Offer

25%

Off

Get Premium NSK101 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Elena
3 months ago
Not sure about C, can DLP really be that location-dependent?
upvoted 0 times
...
Lazaro
3 months ago
Totally agree with A, that could definitely be the problem.
upvoted 0 times
...
Dyan
3 months ago
DLP policies not applying with IPsec? That's surprising!
upvoted 0 times
...
Narcisa
4 months ago
I think B is the issue here.
upvoted 0 times
...
Theola
4 months ago
A and C seem likely.
upvoted 0 times
...
Rebbeca
4 months ago
I vaguely recall that DLP policies might not work with IPsec steering, which makes option D worth considering as well.
upvoted 0 times
...
Fredric
4 months ago
I practiced a similar question where the location of the Netskope POP was crucial. So, option C seems plausible if the POP isn't local.
upvoted 0 times
...
Jesusa
4 months ago
I'm not entirely sure, but I think if the destination domain is excluded from decryption, it might affect DLP policies too. That could relate to option B.
upvoted 0 times
...
Bernardo
5 months ago
I remember something about exceptions in the Steering Configuration, so option A could be a reason for the DLP alerts not showing.
upvoted 0 times
...
Alysa
5 months ago
This seems straightforward. The problem is probably due to the Netskope POP not being in the local country, which would prevent the DLP policies from being applied. I'm confident I can nail this one.
upvoted 0 times
...
Dominga
5 months ago
Alright, I've got this. The issue is likely related to the DLP profile configuration, either with an exception or a decryption policy problem. I'll carefully evaluate the options and choose the two most likely causes.
upvoted 0 times
...
Dorothy
5 months ago
Wait, I'm a bit confused. The question mentions DLP policies and OneDrive, but it's not clear to me how those are related. I'll need to do some research to understand the connection.
upvoted 0 times
...
Laurel
5 months ago
Okay, let's see. The key things to focus on are the DLP profile, the lack of alerts, and the missing OneDrive activity. I think I have a strategy to approach this.
upvoted 0 times
...
Crista
5 months ago
Hmm, this seems like a tricky one. I'll need to carefully review the options and think through the potential reasons for the issue.
upvoted 0 times
...
Antonio
5 months ago
I'm pretty confident I know the answer here. The admin needs to have the right permissions, and the customer needs to explicitly allow the remote login. Seems straightforward enough.
upvoted 0 times
...
Jules
5 months ago
I'm not sure about that... but I feel like picking up a burger on the way home could also count as impulse buying? Maybe it's D?
upvoted 0 times
...
Tabetha
5 months ago
I'm leaning towards option D - creating two projects for each environment to match the two production regions. That seems like the most robust and scalable approach, even if it requires a bit more setup upfront.
upvoted 0 times
...
Ryan
5 months ago
The question is asking about the User Layer, so I'm guessing the correct answer is applications that don't modify the hardware or require boot-level drivers. I'll go with option A.
upvoted 0 times
...
Selma
9 months ago
I'm just gonna go with B and C. Excluding the destination domain from decryption and having the Netskope POP outside the local country both sound like they could cause this problem. I'm not even gonna try the IPsec option, that's just asking for trouble!
upvoted 0 times
Jin
8 months ago
User 4: Definitely, I wouldn't even consider the IPsec option in this scenario.
upvoted 0 times
...
Layla
8 months ago
User 3: I agree, those two options seem like the most likely culprits.
upvoted 0 times
...
Armanda
8 months ago
User 2: Yeah, excluding the destination domain from decryption and having the Netskope POP outside the local country could be causing the issue.
upvoted 0 times
...
Paulina
8 months ago
User 1: I think B and C are the possible reasons.
upvoted 0 times
...
...
Hannah
10 months ago
Haha, well if the Netskope POP is not in your local country, you might as well be trying to DLP your thoughts! But seriously, I think A and C are the correct answers here.
upvoted 0 times
Sharita
9 months ago
Let's make sure the Cloud Storage category is not listed as an exception and verify the location of the Netskope POP.
upvoted 0 times
...
Alisha
9 months ago
Maybe we should check the Steering Configuration and the location of the Netskope POP.
upvoted 0 times
...
Lorean
10 months ago
I agree, A and C seem like the most likely reasons for the issue.
upvoted 0 times
...
...
Deja
10 months ago
Hmm, I'm leaning towards B and D. The decryption policy issue is a good one, and if IPsec is being used for steering, that could interfere with the DLP policies.
upvoted 0 times
Josphine
9 months ago
D) DLP policies do not apply when using IPsec as a steering option.
upvoted 0 times
...
Franchesca
9 months ago
Hmm, I'm leaning towards B and D. The decryption policy issue is a good one, and if IPsec is being used for steering, that could interfere with the DLP policies.
upvoted 0 times
...
Fatima
9 months ago
B) The destination domain is excluded from decryption in the decryption policy.
upvoted 0 times
...
Shaun
10 months ago
A) The Cloud Storage category is in the Steering Configuration as an exception.
upvoted 0 times
...
...
Tawna
10 months ago
I'm going with A and B. The Cloud Storage category being an exception in the Steering Configuration would definitely prevent the DLP policies from working, and the decryption policy exclusion makes sense too.
upvoted 0 times
...
Alethea
10 months ago
I'm not sure about option C and D. Can someone explain those to me?
upvoted 0 times
...
Twana
10 months ago
I agree with Elden. Option B could also be a reason if the destination domain is excluded from decryption.
upvoted 0 times
...
Emeline
11 months ago
I think B and C are the most likely reasons. If the destination domain is excluded from decryption, the DLP policies won't be applied, and if the Netskope POP is not in the local country, that could also prevent the DLP policies from working.
upvoted 0 times
Peter
9 months ago
We should check those settings to see if that's the problem.
upvoted 0 times
...
Dexter
9 months ago
So, it seems like both B and C could be causing the issue with the DLP policies.
upvoted 0 times
...
Sharen
10 months ago
C) A Netskope POP is not in your local country and therefore DLP policies cannot be applied.
upvoted 0 times
...
Denny
10 months ago
B) The destination domain is excluded from decryption in the decryption policy.
upvoted 0 times
...
Daren
10 months ago
That's true, and if the Netskope POP is not in the local country, it could also be a reason.
upvoted 0 times
...
Renato
10 months ago
I agree, if the destination domain is excluded from decryption, DLP policies won't work.
upvoted 0 times
...
...
Elden
11 months ago
I think option A could be a reason because the Cloud Storage category might be exempted.
upvoted 0 times
...

Save Cancel