Netskope Certified Cloud Security Expert (NCCSE) — Question 33
You are asked to create a Real-time Protection policy to inspect outbound e-mail for DLP violations. You must prevent sensitive e-mail from leaving the corporate mail relay.
In this scenario, which Real-time Protection policy action must be specified?
Answer options
- A. Alert
- B. Block
- C. Forward to Proxy
- D. Add SMTP Header
Correct answer: B
Explanation
The correct action is 'Block' because it directly prevents sensitive emails from being transmitted outside the corporate mail relay, which is the primary goal in this scenario. The options 'Alert,' 'Forward to Proxy,' and 'Add SMTP Header' do not stop the emails, and therefore do not fulfill the requirement to prevent sensitive information from leaving the network.