BlackFriday 2024! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Netskope Exam NSK101 Topic 4 Question 3 Discussion

Actual exam question for Netskope's NSK101 exam
Question #: 3
Topic #: 4
[All NSK101 Questions]

You are working with traffic from applications with pinned certificates. In this scenario, which statement is correct?

Show Suggested Answer Hide Answer
Suggested Answer: A

When working with traffic from applications with pinned certificates, you should add an exception to the steering configuration to bypass them. Pinned certificates are a security technique that prevents man-in-the-middle attacks by validating the server certificates against a hardcoded list of certificates in the application. If you try to intercept or inspect the traffic from such applications, they will reject the connection or display an error message. Therefore, you should add the domains used by certificate-pinned applications as exceptions in your steering configuration, so that they are not steered to Netskope for analysis and enforcement.Reference:Certificate Pinned ApplicationsCreating a Steering Configuration


by Marvel at Mar 18, 2024, 02:32 PM

Limited Time Offer

25%

Off

Get Premium NSK101 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Noah
5 months ago
Candidate 2: That makes sense, it's important to ensure traffic from these applications is not blocked.
upvoted 0 times
...
Chanel
5 months ago
Candidate 3: We should allow domains used by applications with pinned certificates in an inline policy.
upvoted 0 times
...
Isadora
5 months ago
Candidate 3: I disagree, I think the answer is D.
upvoted 0 times
...
Martin
6 months ago
Candidate 1: Because we need to bypass authentication for domains used by certificate-pinned applications.
upvoted 0 times
...
Rose
6 months ago
Candidate 2: Why do you think that?
upvoted 0 times
...
Slyvia
6 months ago
Candidate 1: I think the correct answer is B.
upvoted 0 times
...
Hildred
7 months ago
You know, this reminds me of the time I had to deal with a legacy application that used a hardcoded SSL certificate. Talk about a nightmare! I ended up just throwing the whole thing in the trash and starting over. But I digress, I think the best solution here is to add an exception to the steering config.
upvoted 0 times
...
Jeniffer
7 months ago
Blocking the traffic with pinned certificates is just going to cause a lot of headaches for the end users. Why not just allow the domains in an inline policy? That way, we can still inspect the traffic and maintain control without disrupting the applications.
upvoted 0 times
...
Roxanne
7 months ago
I disagree. I think the best approach is to add the domains used by the certificate-pinned applications to the authentication bypass list. That way, we don't have to worry about the pinned certificates at all, and the traffic can flow freely.
upvoted 0 times
...
Santos
7 months ago
This is a tricky one. The correct answer really depends on how the organization wants to handle certificate-pinned traffic. Personally, I think adding an exception to the steering configuration makes the most sense, as it allows the traffic to flow while still maintaining security controls.
upvoted 0 times
Jerry
6 months ago
C) Traffic with pinned certificates should be blocked.
upvoted 0 times
...
Brittni
6 months ago
Allowing the domains in an inline policy could be another valid option.
upvoted 0 times
...
Vi
7 months ago
D) The domains used by applications with pinned certificates should be allowed in an inline policy.
upvoted 0 times
...
Marjory
7 months ago
Adding an exception to the steering configuration could also work, as long as it doesn't compromise security.
upvoted 0 times
...
Johnna
7 months ago
A) An exception should be added to the steering configuration.
upvoted 0 times
...
Madonna
7 months ago
I agree, adding them to the authentication bypass list seems like a practical approach.
upvoted 0 times
...
Karma
7 months ago
B) The domains used by certificate-pinned applications should be added to the authentication bypass list.
upvoted 0 times
...
...

Save Cancel