New Year Sale 2026! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Netskope NSK300 Exam - Topic 2 Question 3 Discussion

Actual exam question for Netskope's NSK300 exam
Question #: 3
Topic #: 2
[All NSK300 Questions]

Users in your network are attempting to reach a website that has a self-signed certificate using a GRE tunnel to Netskope. They are currently being blocked by Netskope with an SSL error. How would you allow this traffic?

Show Suggested Answer Hide Answer
Suggested Answer: A

To allow traffic from a website with a self-signed certificate that is being blocked by Netskope with an SSL error, the correct action is to configure a Do Not Decrypt SSL Decryption rule. This rule will allow the traffic to pass without being decrypted, thus bypassing the SSL error caused by the self-signed certificate. This is a common practice for handling traffic from trusted internal applications or specific external sites that use self-signed certificates1.


by Shawnda at Apr 27, 2024, 03:35 AM

Limited Time Offer

25%

Off

Get Premium NSK300 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Marylin
3 months ago
B sounds like it could work, but not sure if it’s the best option.
upvoted 0 times
...
Marilynn
3 months ago
Totally agree with A, it’s the simplest fix.
upvoted 0 times
...
Pamela
3 months ago
Wait, can you really just bypass SSL like that?
upvoted 0 times
...
Dominque
4 months ago
I think D might be necessary too.
upvoted 0 times
...
Herminia
4 months ago
A is the way to go for this!
upvoted 0 times
...
Sylvia
4 months ago
I feel like the No SNI setting might be related to bypassing issues, but I’m not confident if option C is the best solution here.
upvoted 0 times
...
Brittni
4 months ago
I practiced a similar question where we had to configure policies in Netskope, but I can't recall if Real-time Protection is the right approach. Option B seems plausible.
upvoted 0 times
...
Josue
4 months ago
I'm not entirely sure, but I think option D could work if users add the self-signed certificate to their local store. That might help with the SSL error.
upvoted 0 times
...
Fairy
5 months ago
I remember something about SSL decryption rules, so maybe option A is the right choice to allow the traffic without decrypting it.
upvoted 0 times
...
Mireya
5 months ago
I've seen this type of issue before. I think the best approach is to go with option D and have the users add the self-signed certificate to their local certificate store. That should resolve the SSL error and allow the traffic to pass through.
upvoted 0 times
...
Fabiola
5 months ago
Okay, let's see. The users are being blocked by Netskope due to an SSL error, so I'm guessing we need to find a way to bypass or ignore that SSL check. Option A seems like it could work, but I'm not 100% sure.
upvoted 0 times
...
Charlene
5 months ago
Hmm, I'm not sure about this one. The question mentions a GRE tunnel, so I'm wondering if that might affect the solution. I'll have to think about it a bit more.
upvoted 0 times
...
Taryn
5 months ago
I think the answer is C. Setting the No SNI setting in Netskope to Bypass should allow the traffic to pass through without the SSL error.
upvoted 0 times
...
Antonio
5 months ago
I'm a bit confused on the difference between partitioning and clustering. I'll need to review those concepts to make sure I understand the best approach here.
upvoted 0 times
...
Hubert
5 months ago
This looks straightforward, I'll just follow the steps in the solution and create the contact.
upvoted 0 times
...
Leonor
2 years ago
Makes sense, but D needs user intervention. I think A is more practical.
upvoted 0 times
...
Louisa
2 years ago
Maybe, but what about adding it to the local store? Option D feels right.
upvoted 0 times
...
Belen
2 years ago
I'd go with A. A Do Not Decrypt rule should work.
upvoted 0 times
...
Nelida
2 years ago
A self-signed certificate causing an SSL error is such a classic problem.
upvoted 0 times
...
Leonor
2 years ago
Yeah, they're trying to stump us on Netskope configuration.
upvoted 0 times
...
Louisa
2 years ago
I think it's a tricky question.
upvoted 0 times
...

Save Cancel