Netskope Exam NSK300 Topic 2 Question 3 Discussion

Actual exam question for Netskope's NSK300 exam

Question #: 3
Topic #: 2

Users in your network are attempting to reach a website that has a self-signed certificate using a GRE tunnel to Netskope. They are currently being blocked by Netskope with an SSL error. How would you allow this traffic?

AConfigure a Do Not Decrypt SSL Decryption rule to allow traffic to pass.

BConfigure a Real-time Protection policy with the action set to Allow.

CSet the No SNI setting in Netskope to Bypass.

DEnsure that the users add the self-signed certificate to their local certificate store.

Show Suggested Answer

Suggested Answer: A

To allow traffic from a website with a self-signed certificate that is being blocked by Netskope with an SSL error, the correct action is to configure a Do Not Decrypt SSL Decryption rule. This rule will allow the traffic to pass without being decrypted, thus bypassing the SSL error caused by the self-signed certificate. This is a common practice for handling traffic from trusted internal applications or specific external sites that use self-signed certificates1.

by Shawnda at Apr 27, 2024, 03:35 AM

Limited Time Offer

25%

7 months ago

I think it's a tricky question.

upvoted 0 times

...