Netskope Certified Cloud Security Expert (NCCSE) — Question 28

You are troubleshooting an issue with users who are unable to reach a financial SaaS application when their traffic passes through Netskope. You determine that this is because of IP restrictions in place with the SaaS vendor. You are unable to add Netskope's IP ranges at this time, but need to allow the traffic.
How would you allow this traffic?

Answer options

• A. Use NPA to implement Source IP anchoring so the traffic will egress from the corporate data center.
• B. Use Explicit Proxy Over Tunnel (EPoT) so the traffic will egress from the corporate data center.
• C. Use Cloud Explicit Proxy so the traffic will egress from the corporate data center.
• D. Use an IPsec tunnel to forward traffic so it will egress from the corporate data center.

Correct answer: A

Explanation

The correct answer is A because using NPA to implement Source IP anchoring allows the traffic to egress from the corporate data center, thus bypassing the IP restrictions of the SaaS vendor. The other options either do not address the egress requirement properly or do not utilize the right method for this scenario.