ZSCALER EDU 200 - ESSENTIALS -
ZDTA STUDY SET EXAM 100% SOLVED.
What is used to detect if a SAML assertion was modified after being issued?
Options:
- XML
- Digital Signatures
- Attributes
- Tokens - ANSWERSDigital Signatures
How is a SAML assertion delivered to Zscaler?
Options:
- The IdP sends it via an HTTP post directly to the SP via a backend API
- The SP sends it via an HTTP post directly to the IdP via a backend API
- The IdP sends it via the user's browser to the SP
- The SP sends it via a trusted authority to the IdP - ANSWERSThe IdP sends it via the
user's browser to the SP
(Uses a form POST submitted via JavaScript)
In what way does Zscaler's Identity Proxy enable authentication to SaaS applications?
Options:
- Injecting identity headers into the HTTP request
- SSL Inspection
- Browser Isolation
- Issuing SAML assertions - ANSWERSIssuing SAML assertions
How does Zscaler Internet Access authenticate users? (Select 3)
Options:
- SAML
- SCIM
- LDAP
- Hosted Database - ANSWERSSAML, LDAP, Hosted Database
How does Zscaler Private Access authenticate end users?
Options:
- Username and Password in a form-based auth
- Hosted DB
- SAML
,- SCIM - ANSWERSSAML
What is the fastest way to change a user's access entitlements? - ANSWERSSend
different attributes via SCIM
In order for Zscaler to enforce policy based on accessing devices, what method is best
used by IdPs to share information about a user's accessing device?
Options
- Kerberos
- SAML
- Header Injection
- Mobile Device Management - ANSWERSSAML
Privileged Remote Access supports which protocols? (Select 2)
Options:
- SSH
- RDP
- CIFS
- HTTP/HTTPS - ANSWERSSSH, RDP
Which services can coexist on an Application Segment?
Options:
- Isolation, Browser Access, and Inspection
- RDP, SSH, and Inspection
- Inspection, Isolation, and RDP
- CIFS, RDP, and SSJ - ANSWERSIsolation, Browser Access, and Inspection
How often does the Zscaler Client Connector check for software updates?
Options:
- Every 2 hours
- Every 6 hours
- Every 12 hours
- Every 24 hours - ANSWERSEvery 2 hours
Which check guarantees identification of a corporate-managed device by the Zscaler
Client Connector? - ANSWERSClient Certificate & Non-Exportable private key
You want Zscaler Client Connector to automatically redirect to your corporate SAML
IDP on launch. Which installer options should you configure to do so? (Select 2) -
ANSWERS--cloudName
--userDomain
, Where is the control to prevent a user from exiting Zscaler Client Connector?
Options:
- It's a ZCC Installer option
- In the Forwarding Profile
- In the Application Profile
- Under Administration, Advanced Settings - ANSWERSIn the Application Profile
When moving from an Explicit Proxy to a Tunneled/Transparent Proxy - what, if any,
effects will be seen on the client? (Select 3)
Options:
- No Effect
- The client will always resolve DNS
- The client browser needs re-configuration
- Authenticated websites may no longer work
- An Explicit Proxy and a Transparent Proxy are the same thing - ANSWERSThe client
will always resolve DNS
The client browser needs re-configuration
Authenticated websites may no longer work
What benefits does a Zscaler Tunnel have over other forwarding mechanisms for
Zscaler Client Connector?
Options:
- Tunnels are the only mechanism to install ZCC
- Tunnels enable only HTTP and HTTPS traffic to be forwarded by ZCC
- Tunnels enable Zscaler to control the end user device
- Tunnels encapsulate traffic and authenticate to the Zero Trust Exchange -
ANSWERSTunnels encapsulate traffic and authenticate to the Zero Trust Exchange
Browser Based Access enables what kinds of applications to be published?
Options:
- HTTP and HTTPS
- RDP and SSH
- Telnet and RDP
- HTTP, HTTPS, and SSH - ANSWERSHTTP and HTTPS
Why is Z-Tunnel 2.0 superior to Z-Tunnel 1.0? (Select 3)
Options:
- Provides a control channel to update device
- Faster transport mechanism
- Allows multicast traffic
- Enables Cloud Firewall
ZDTA STUDY SET EXAM 100% SOLVED.
What is used to detect if a SAML assertion was modified after being issued?
Options:
- XML
- Digital Signatures
- Attributes
- Tokens - ANSWERSDigital Signatures
How is a SAML assertion delivered to Zscaler?
Options:
- The IdP sends it via an HTTP post directly to the SP via a backend API
- The SP sends it via an HTTP post directly to the IdP via a backend API
- The IdP sends it via the user's browser to the SP
- The SP sends it via a trusted authority to the IdP - ANSWERSThe IdP sends it via the
user's browser to the SP
(Uses a form POST submitted via JavaScript)
In what way does Zscaler's Identity Proxy enable authentication to SaaS applications?
Options:
- Injecting identity headers into the HTTP request
- SSL Inspection
- Browser Isolation
- Issuing SAML assertions - ANSWERSIssuing SAML assertions
How does Zscaler Internet Access authenticate users? (Select 3)
Options:
- SAML
- SCIM
- LDAP
- Hosted Database - ANSWERSSAML, LDAP, Hosted Database
How does Zscaler Private Access authenticate end users?
Options:
- Username and Password in a form-based auth
- Hosted DB
- SAML
,- SCIM - ANSWERSSAML
What is the fastest way to change a user's access entitlements? - ANSWERSSend
different attributes via SCIM
In order for Zscaler to enforce policy based on accessing devices, what method is best
used by IdPs to share information about a user's accessing device?
Options
- Kerberos
- SAML
- Header Injection
- Mobile Device Management - ANSWERSSAML
Privileged Remote Access supports which protocols? (Select 2)
Options:
- SSH
- RDP
- CIFS
- HTTP/HTTPS - ANSWERSSSH, RDP
Which services can coexist on an Application Segment?
Options:
- Isolation, Browser Access, and Inspection
- RDP, SSH, and Inspection
- Inspection, Isolation, and RDP
- CIFS, RDP, and SSJ - ANSWERSIsolation, Browser Access, and Inspection
How often does the Zscaler Client Connector check for software updates?
Options:
- Every 2 hours
- Every 6 hours
- Every 12 hours
- Every 24 hours - ANSWERSEvery 2 hours
Which check guarantees identification of a corporate-managed device by the Zscaler
Client Connector? - ANSWERSClient Certificate & Non-Exportable private key
You want Zscaler Client Connector to automatically redirect to your corporate SAML
IDP on launch. Which installer options should you configure to do so? (Select 2) -
ANSWERS--cloudName
--userDomain
, Where is the control to prevent a user from exiting Zscaler Client Connector?
Options:
- It's a ZCC Installer option
- In the Forwarding Profile
- In the Application Profile
- Under Administration, Advanced Settings - ANSWERSIn the Application Profile
When moving from an Explicit Proxy to a Tunneled/Transparent Proxy - what, if any,
effects will be seen on the client? (Select 3)
Options:
- No Effect
- The client will always resolve DNS
- The client browser needs re-configuration
- Authenticated websites may no longer work
- An Explicit Proxy and a Transparent Proxy are the same thing - ANSWERSThe client
will always resolve DNS
The client browser needs re-configuration
Authenticated websites may no longer work
What benefits does a Zscaler Tunnel have over other forwarding mechanisms for
Zscaler Client Connector?
Options:
- Tunnels are the only mechanism to install ZCC
- Tunnels enable only HTTP and HTTPS traffic to be forwarded by ZCC
- Tunnels enable Zscaler to control the end user device
- Tunnels encapsulate traffic and authenticate to the Zero Trust Exchange -
ANSWERSTunnels encapsulate traffic and authenticate to the Zero Trust Exchange
Browser Based Access enables what kinds of applications to be published?
Options:
- HTTP and HTTPS
- RDP and SSH
- Telnet and RDP
- HTTP, HTTPS, and SSH - ANSWERSHTTP and HTTPS
Why is Z-Tunnel 2.0 superior to Z-Tunnel 1.0? (Select 3)
Options:
- Provides a control channel to update device
- Faster transport mechanism
- Allows multicast traffic
- Enables Cloud Firewall
