Which configuration satisfies these requirements?

You are already using Netskope CSPM to monitor your AWS accounts for compliance. Now you need to allow access from your company-managed devices running the Netskope Client to only Amazon S3 buckets owned by your organization. You must ensure that any current buckets and those created in the future will be allowed

Which configuration satisfies these requirements?
A . Steering: Cloud Apps Only, All Traffic Policy type: Real-time Protection Constraint: Storage. Bucket Does Not Match -ALLAccounts Action: Block
B . Steering: Cloud Apps Only Policy type: Real-time Protection
Constraint: Storage. Bucket Does Not Match *@myorganization.com Action: Block
C . Steering: Cloud Apps Only. All Traffic Policy type: Real-time Protection Constraint: Storage. Bucket
Does Match -ALLAccounts Action: Allow
D . Steering: All Web Traffic Policy type: API Data Protection
Constraint: Storage, Bucket Does Match *@myorganization.com Action: Allow

View Answer

Answer: C

Explanation:

To allow access from company-managed devices running the Netskope Client to only Amazon S3 buckets owned by the organization, the following configuration satisfies the requirements: Steering Configuration:

Policy Type: Real-time Protection

Constraint: Storage

Bucket Condition: Bucket Does Match -ALLAccounts

Action: Allow

By configuring the policy to allow traffic from company-managed devices (Netskope Clients) to Amazon S3 buckets, the organization ensures that only buckets owned by the organization are accessible.

The -ALLAccounts condition ensures that both existing and future buckets are allowed.

This configuration aligns with the requirement to allow access to organization-owned buckets while

blocking access to other buckets.

Reference: Netskope Cloud Security

Netskope Solution Brief

Netskope Community