Zscaler Digital Transformation Administrator (ZDTA) Certification ACTUAL
UPDATED QUESTIONS AND CORRECT ANSWERS
Primary use of policies based on file types in Zscaler DLP To protect data by allowing or blocking specific file types and activities.
Three levels of inspection used by Zscaler DLP for file Magic Bytes, Mime Type, and File Extension.
type enforcement
Reason for multiple levels of inspection for file types in To prevent users from bypassing policies by changing file extensions.
Zscaler
Predefined dictionaries in Zscaler DLP Classifiers used to identify sensitive data like PCI, PII, and PHI data.
Example of a predefined dictionary used in Zscaler DLP A credit card number dictionary.
Custom dictionary in Zscaler DLP A dictionary created by customers using specific phrases, keywords, patterns, and
regular expressions.
Use of custom dictionaries in Zscaler DLP To protect documents with specific headers and footers like 'company-
confidential' or 'internal-use only'.
Exact Data Match (EDM) in Zscaler DLP A feature that matches specific data elements from a customer's structured data
to trigger DLP policies.
How sensitive data is fed to Zscaler's EDM engine By using an on-premises VM that indexes the data and sends hashes to the Zscaler
cloud.
, What happens to data fed into Zscaler's EDM engine It is converted into hashes and tokens which are stored in the cloud.
Actions triggered by an EDM in Zscaler DLP Actions based on exact matches of sensitive data elements, such as blocking or
alerting on data exfiltration.
Main purpose of Out-of-Band Data Protection in Zscaler To secure data at rest in SaaS-based services and public cloud infrastructure.
Key use case for out-of-band data protection in Zscaler Data discovery and data at rest introspection.
Focus of SaaS Security Posture Management (SSPM) Cloud misconfiguration, compliance, and third-party app connections.
How SSPM helps with compliance By mapping misconfigurations to different compliance frameworks like PCI, GDPR,
etc.
Example of a misconfiguration identified by SSPM Failing to enable multi-factor authentication for Office 365 apps.
How SSPM handles third-party app connections By discovering and managing third-party apps connected to cloud applications
via API tokens.
Three notification methods in Zscaler for incident Browser-based notifications, Slack/Teams connectors, and Zscaler Client
management Connector pop-ups.
Admin capabilities with email notifications in Zscaler Receive alerts about DLP and CASB incidents.
incident management
Protocol used for incident management in Zscaler SecureICA protocol.
Integration of Zscaler logs with SIEM tools By streaming real-time logs to feed into the SIEM.
Purpose of the Zscaler Client Connector pop-up To communicate with users about blocked transactions and ask for justifications.
Support options available for troubleshooting in Zscaler Self Help support, reporting capabilities, and support ticket raising.
Role of the on-premises VM in Zscaler EDM It serves as the index tool for structured data.
Key feature of Zscaler's predefined dictionaries for Identifying ICD-10 and CPT codes.
medical data
Technology used in some dictionaries to identify complex AI and ML.
patterns
How admins can delegate incident management tasks Through browser-based notifications, Slack/Teams connectors, or Zscaler Client
back to users Connector pop-ups.
Benefit of using Zscaler's predefined dictionaries They are based on standard regex and PCRE engines.
How Zscaler ensures no sensitive data is stored during By storing only hashes and tokens, not the exact data.
EDM
UPDATED QUESTIONS AND CORRECT ANSWERS
Primary use of policies based on file types in Zscaler DLP To protect data by allowing or blocking specific file types and activities.
Three levels of inspection used by Zscaler DLP for file Magic Bytes, Mime Type, and File Extension.
type enforcement
Reason for multiple levels of inspection for file types in To prevent users from bypassing policies by changing file extensions.
Zscaler
Predefined dictionaries in Zscaler DLP Classifiers used to identify sensitive data like PCI, PII, and PHI data.
Example of a predefined dictionary used in Zscaler DLP A credit card number dictionary.
Custom dictionary in Zscaler DLP A dictionary created by customers using specific phrases, keywords, patterns, and
regular expressions.
Use of custom dictionaries in Zscaler DLP To protect documents with specific headers and footers like 'company-
confidential' or 'internal-use only'.
Exact Data Match (EDM) in Zscaler DLP A feature that matches specific data elements from a customer's structured data
to trigger DLP policies.
How sensitive data is fed to Zscaler's EDM engine By using an on-premises VM that indexes the data and sends hashes to the Zscaler
cloud.
, What happens to data fed into Zscaler's EDM engine It is converted into hashes and tokens which are stored in the cloud.
Actions triggered by an EDM in Zscaler DLP Actions based on exact matches of sensitive data elements, such as blocking or
alerting on data exfiltration.
Main purpose of Out-of-Band Data Protection in Zscaler To secure data at rest in SaaS-based services and public cloud infrastructure.
Key use case for out-of-band data protection in Zscaler Data discovery and data at rest introspection.
Focus of SaaS Security Posture Management (SSPM) Cloud misconfiguration, compliance, and third-party app connections.
How SSPM helps with compliance By mapping misconfigurations to different compliance frameworks like PCI, GDPR,
etc.
Example of a misconfiguration identified by SSPM Failing to enable multi-factor authentication for Office 365 apps.
How SSPM handles third-party app connections By discovering and managing third-party apps connected to cloud applications
via API tokens.
Three notification methods in Zscaler for incident Browser-based notifications, Slack/Teams connectors, and Zscaler Client
management Connector pop-ups.
Admin capabilities with email notifications in Zscaler Receive alerts about DLP and CASB incidents.
incident management
Protocol used for incident management in Zscaler SecureICA protocol.
Integration of Zscaler logs with SIEM tools By streaming real-time logs to feed into the SIEM.
Purpose of the Zscaler Client Connector pop-up To communicate with users about blocked transactions and ask for justifications.
Support options available for troubleshooting in Zscaler Self Help support, reporting capabilities, and support ticket raising.
Role of the on-premises VM in Zscaler EDM It serves as the index tool for structured data.
Key feature of Zscaler's predefined dictionaries for Identifying ICD-10 and CPT codes.
medical data
Technology used in some dictionaries to identify complex AI and ML.
patterns
How admins can delegate incident management tasks Through browser-based notifications, Slack/Teams connectors, or Zscaler Client
back to users Connector pop-ups.
Benefit of using Zscaler's predefined dictionaries They are based on standard regex and PCRE engines.
How Zscaler ensures no sensitive data is stored during By storing only hashes and tokens, not the exact data.
EDM