ZSCALER EDU 200 - ESSENTIALS -
ZDTA STUDY SET WITH CORRECT
SOLUTIONS
What is used to detect if a SAML assertion was modified after being issued?
Options:
- XML
- Digital Signatures
- Attributes
- Tokens - ANSWER-Digital Signatures
How is a SAML assertion delivered to Zscaler?
Options:
- The IdP sends it via an HTTP post directly to the SP via a backend API
- The SP sends it via an HTTP post directly to the IdP via a backend API
- The IdP sends it via the user's browser to the SP
- The SP sends it via a trusted authority to the IdP - ANSWER-The IdP sends it via the
user's browser to the SP
(Uses a form POST submitted via JavaScript)
In what way does Zscaler's Identity Proxy enable authentication to SaaS applications?
Options:
- Injecting identity headers into the HTTP request
- SSL Inspection
- Browser Isolation
- Issuing SAML assertions - ANSWER-Issuing SAML assertions
How does Zscaler Internet Access authenticate users? (Select 3)
Options:
- SAML
- SCIM
- LDAP
- Hosted Database - ANSWER-SAML, LDAP, Hosted Database
How does Zscaler Private Access authenticate end users?
Options:
- Username and Password in a form-based auth
,- Hosted DB
- SAML
- SCIM - ANSWER-SAML
What is the fastest way to change a user's access entitlements? - ANSWER-Send
different attributes via SCIM
In order for Zscaler to enforce policy based on accessing devices, what method is best
used by IdPs to share information about a user's accessing device?
Options
- Kerberos
- SAML
- Header Injection
- Mobile Device Management - ANSWER-SAML
Privileged Remote Access supports which protocols? (Select 2)
Options:
- SSH
- RDP
- CIFS
- HTTP/HTTPS - ANSWER-SSH, RDP
Which services can coexist on an Application Segment?
Options:
- Isolation, Browser Access, and Inspection
- RDP, SSH, and Inspection
- Inspection, Isolation, and RDP
- CIFS, RDP, and SSJ - ANSWER-Isolation, Browser Access, and Inspection
How often does the Zscaler Client Connector check for software updates?
Options:
- Every 2 hours
- Every 6 hours
- Every 12 hours
- Every 24 hours - ANSWER-Every 2 hours
Which check guarantees identification of a corporate-managed device by the Zscaler
Client Connector? - ANSWER-Client Certificate & Non-Exportable private key
You want Zscaler Client Connector to automatically redirect to your corporate SAML
IDP on launch. Which installer options should you configure to do so? (Select 2) -
ANSWER---cloudName
, --userDomain
Where is the control to prevent a user from exiting Zscaler Client Connector?
Options:
- It's a ZCC Installer option
- In the Forwarding Profile
- In the Application Profile
- Under Administration, Advanced Settings - ANSWER-In the Application Profile
What conditions exist for Trusted Network Detection?
Options:
- Hostname Resolution, Network Adaptor IP, Default Gateway
- Hostname Resolution, DNS Servers, Geo Location
- DNS Search Domain, DNS Server, Hostname Resolution
- DNS Servers, DNS Search Domain, Network Adaptor IP - ANSWER-DNS Search
Domain, DNS Server, Hostname Resolution
A server group maps _____ to ____?
Options:
- App Connectors Groups to Application Segments
- Applications to FQDNS
- FQDNs to IP Addresses
- Applications to Application Groups - ANSWER-App Connectors Groups to Application
Segments
Why is SSL/TLS inspection critical in a security architecture?
Options:
- It is not important
- QUIC is an encrypted protocol that rides on SSL; hence, it is important from an
HTTP/3 inspection perspective
- 85-90% of all internet traffic is SSL/TLS encrypted (including threats), as protocols
such as HTTP/2 are only delivered over TLS; SSL/TLS inspection allows you to inspect
the connection and look at the full payload, including HTTP headers, which is important
to be able to block malicious traffic and prevent sensitive data from leaking out of an
organization
- A MITM (man-in-the-middle) attack should always be performed, even for certificate-
pinned applications, as it allows for real-time visibility and storing transactions in plain
text for further inspection by a third auditing party - ANSWER-85-90% of all internet
traffic is SSL/TLS encrypted (including threats), as protocols such as HTTP/2 are only
delivered over TLS; SSL/TLS inspection allows you to inspect the connection and look
at the full payload, including HTTP headers, which is important to be able to block
malicious traffic and prevent sensitive data from leaking out of an organization
ZDTA STUDY SET WITH CORRECT
SOLUTIONS
What is used to detect if a SAML assertion was modified after being issued?
Options:
- XML
- Digital Signatures
- Attributes
- Tokens - ANSWER-Digital Signatures
How is a SAML assertion delivered to Zscaler?
Options:
- The IdP sends it via an HTTP post directly to the SP via a backend API
- The SP sends it via an HTTP post directly to the IdP via a backend API
- The IdP sends it via the user's browser to the SP
- The SP sends it via a trusted authority to the IdP - ANSWER-The IdP sends it via the
user's browser to the SP
(Uses a form POST submitted via JavaScript)
In what way does Zscaler's Identity Proxy enable authentication to SaaS applications?
Options:
- Injecting identity headers into the HTTP request
- SSL Inspection
- Browser Isolation
- Issuing SAML assertions - ANSWER-Issuing SAML assertions
How does Zscaler Internet Access authenticate users? (Select 3)
Options:
- SAML
- SCIM
- LDAP
- Hosted Database - ANSWER-SAML, LDAP, Hosted Database
How does Zscaler Private Access authenticate end users?
Options:
- Username and Password in a form-based auth
,- Hosted DB
- SAML
- SCIM - ANSWER-SAML
What is the fastest way to change a user's access entitlements? - ANSWER-Send
different attributes via SCIM
In order for Zscaler to enforce policy based on accessing devices, what method is best
used by IdPs to share information about a user's accessing device?
Options
- Kerberos
- SAML
- Header Injection
- Mobile Device Management - ANSWER-SAML
Privileged Remote Access supports which protocols? (Select 2)
Options:
- SSH
- RDP
- CIFS
- HTTP/HTTPS - ANSWER-SSH, RDP
Which services can coexist on an Application Segment?
Options:
- Isolation, Browser Access, and Inspection
- RDP, SSH, and Inspection
- Inspection, Isolation, and RDP
- CIFS, RDP, and SSJ - ANSWER-Isolation, Browser Access, and Inspection
How often does the Zscaler Client Connector check for software updates?
Options:
- Every 2 hours
- Every 6 hours
- Every 12 hours
- Every 24 hours - ANSWER-Every 2 hours
Which check guarantees identification of a corporate-managed device by the Zscaler
Client Connector? - ANSWER-Client Certificate & Non-Exportable private key
You want Zscaler Client Connector to automatically redirect to your corporate SAML
IDP on launch. Which installer options should you configure to do so? (Select 2) -
ANSWER---cloudName
, --userDomain
Where is the control to prevent a user from exiting Zscaler Client Connector?
Options:
- It's a ZCC Installer option
- In the Forwarding Profile
- In the Application Profile
- Under Administration, Advanced Settings - ANSWER-In the Application Profile
What conditions exist for Trusted Network Detection?
Options:
- Hostname Resolution, Network Adaptor IP, Default Gateway
- Hostname Resolution, DNS Servers, Geo Location
- DNS Search Domain, DNS Server, Hostname Resolution
- DNS Servers, DNS Search Domain, Network Adaptor IP - ANSWER-DNS Search
Domain, DNS Server, Hostname Resolution
A server group maps _____ to ____?
Options:
- App Connectors Groups to Application Segments
- Applications to FQDNS
- FQDNs to IP Addresses
- Applications to Application Groups - ANSWER-App Connectors Groups to Application
Segments
Why is SSL/TLS inspection critical in a security architecture?
Options:
- It is not important
- QUIC is an encrypted protocol that rides on SSL; hence, it is important from an
HTTP/3 inspection perspective
- 85-90% of all internet traffic is SSL/TLS encrypted (including threats), as protocols
such as HTTP/2 are only delivered over TLS; SSL/TLS inspection allows you to inspect
the connection and look at the full payload, including HTTP headers, which is important
to be able to block malicious traffic and prevent sensitive data from leaking out of an
organization
- A MITM (man-in-the-middle) attack should always be performed, even for certificate-
pinned applications, as it allows for real-time visibility and storing transactions in plain
text for further inspection by a third auditing party - ANSWER-85-90% of all internet
traffic is SSL/TLS encrypted (including threats), as protocols such as HTTP/2 are only
delivered over TLS; SSL/TLS inspection allows you to inspect the connection and look
at the full payload, including HTTP headers, which is important to be able to block
malicious traffic and prevent sensitive data from leaking out of an organization
