BlackFriday 2024! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Netskope Exam NSK100 Topic 10 Question 8 Discussion

Actual exam question for Netskope's NSK100 exam
Question #: 8
Topic #: 10
[All NSK100 Questions]

Which two use cases would be considered examples of Shadow IT within an organization? (Choose two.)

Show Suggested Answer Hide Answer
Suggested Answer: C, D

Shadow IT is the term for the unauthorized use of IT resources and functions by employees within an organization. It can include cloud services, software, and hardware that are not approved or managed by the IT department. Two use cases that would be considered examples of shadow IT within an organization are: an unsanctioned Microsoft 365 OneDrive account being used by a corporate user to upload sensitive data and an unsanctioned Google Drive account used by a corporate user to upload non-sensitive data. In both cases, the corporate user is using a personal cloud storage service that is not sanctioned by the organization to store work-related data. This can introduce security risks, such as data leakage, data loss, compliance violations, malware infections, etc. The IT department may not have visibility or control over these cloud services or the data stored in them.Reference:What is shadow IT? | CloudflareWhat is Shadow IT? | IBM


by Selma at Dec 08, 2023, 09:51 PM

Limited Time Offer

25%

Off

Get Premium NSK100 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Myra
7 months ago
Good point. Those two options clearly violate the organization's policies and procedures, whereas A and B involve the use of sanctioned tools and services, even if they're being used in a way that's not entirely appropriate.
upvoted 0 times
Shala
7 months ago
A) a sanctioned Salesforce account used by a contractor to upload non-sensitive data
upvoted 0 times
...
Grover
7 months ago
B) a sanctioned Wetransfer being used by a corporate user to share sensitive data
upvoted 0 times
...
Hayley
7 months ago
D) an unsanctioned Google Drive account used by a corporate user to upload non-sensitive data
upvoted 0 times
...
Alaine
7 months ago
C) an unsanctioned Microsoft 365 OneDrive account being used by a corporate user to upload sensitive data
upvoted 0 times
...
...
Claudia
7 months ago
Exactly, so in this case, I would say that C and D are the two examples of Shadow IT. The use of an unsanctioned Microsoft 365 OneDrive account and an unsanctioned Google Drive account by corporate users to upload data, even if it's non-sensitive, would be considered Shadow IT.
upvoted 0 times
...
Truman
7 months ago
Hmm, from my understanding, Shadow IT refers to the use of unsanctioned IT systems and software by employees, usually without the knowledge or approval of the IT department.
upvoted 0 times
...
Elza
7 months ago
Alright, let's take a look at this question. I think the key here is to identify the cases that are considered 'Shadow IT' within the organization.
upvoted 0 times
...

Save Cancel