You investigate a suspected malware incident and confirm that it was a false alarm.

NSK101 0 Comments

You investigate a suspected malware incident and confirm that it was a false alarm.
A . In this scenario, how would you prevent the same file from triggering another incident?
B . Quarantine the file. Look up the hash at the VirusTotal website.
C . Export the packet capture to a pcap file.
D . Add the hash to the file filter.

Answer: D

Explanation:

A file filter is a list of file hashes that you can use to exclude files from inspection by Netskope. By adding the hash of the file that triggered a false alarm to the file filter, you can prevent it from being scanned again by Netskope and avoid generating another incident. Quarantining the file, exporting the packet capture, or looking up the hash at VirusTotal are not effective ways to prevent the same file from triggering another incident, as they do not affect how Netskope handles the file.

Reference: Netskope Security Cloud Operation & Administration (NSCO&A) – Classroom Course, Module 6: Data Loss Prevention, Lesson 2: File Filters.

Latest NSK101 Dumps Valid Version with 60 Q&As

Latest And Valid Q&A | Instant Download | Once Fail, Full Refund

Instant Download NSK101 PDF    NSK101 Questions Online Training
Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments