ZSCALER EDU 200 ESSENTIALS CORE EXAMS SET
QUESTIONS AND ANSWERS 2025/2026 GRADED A+
✔✔What are features of the Security Services Data Protection Suite? - ✔✔Cloud and
Endpoint DLP, Browser Isolation, Inline and Out of Band CASB, SSPM,
CSPM/CIEM/IaC
✔✔What are features of Digital Experience? - ✔✔Endpoint Monitoring, Network
Monitoring, Application Monitoring, UCaaS Monitoring
✔✔By how much has hybrid work increased ticket resolution time? - ✔✔30%
✔✔How often does ZDX probe an application? - ✔✔Every 5 minutes
✔✔What does the ZDX Deep Trace feature do? - ✔✔Collects more information about
the user's device, targeting a specific application.
✔✔What does the Zscaler Cloud Firewall do? - ✔✔Provides complete control over all
ports and protocols as well as applications and/or services for all Zscaler users
✔✔How do cyber attacks generally occur? - ✔✔Cyber attacks follow the same general
pattern. First comes finding the attack surface, then initial compromise, then lateral
movement, and finally data loss through exfiltration, encryption or extortion.
✔✔What is a watering hole attack? - ✔✔When a commonly known website has
malicious content like malicious JavaScript running on it.
✔✔What features of the Zero Trust Exchange reduce attack surface? - ✔✔Privileged
Remote Access
Private Access to applications
✔✔What features of the Zero Trust Exchange stop initial compromise? - ✔✔Secure
Web Gateway
Advanced Threat Prevention
Cloud Sandbox
Cloud Firewall/IPS
Browser Isolation
✔✔What features of the Zero Trust Exchange stop lateral movement? - ✔✔Deception
Policy Segmentation with ZPA
✔✔What features of the Zero Trust Exchange will prevent data loss? - ✔✔Cloud
Sandbox
Secure Web Gateway
, Browser Isolation
DLP (At rest and in motion)
✔✔What does Advanced Threat Protection do? - ✔✔It is part of Zscaler's Secure Web
Gateway portfolio within ZIA.
It protects users going out to the internet against common attacks such as phishing.
✔✔What services are part of Advanced Threat Protection? - ✔✔URL Security
Categories, Content Types, Reputation, Signatures & IPS, and ML and Adv. Analysis
✔✔What are exploit kits? - ✔✔Malicious code that exploits vulnerabilities in browsers.
✔✔What is pre-existing compromise? - ✔✔Compromise or unauthorized access is
initially executed by a different operator and then it is sold to the highest bidder.
✔✔What services are available to protect data in motion? - ✔✔Cloud, Endpoint, Email,
and Private Apps DLP
✔✔What is a DLP dictionary? - ✔✔Algorithms that detect specific kinds of information in
traffic. Can trigger on EDM.
✔✔What is Azure Information Protection (AIP) / Microsoft Information Protection (MIP)
Labels? - ✔✔Provides sensitivity labels, which you can use to identify and protect files
with sensitive content. MIP labels are maintained by Microsoft and, through the addition
of an MIP Account in the ZIA Admin Portal, these labels can be retrieved from Microsoft
so that they can be used when defining a DLP policy in the ZIA admin portal.
✔✔What are the three levels of inspection for DLP? - ✔✔1. Magic Bytes
2. mime type
3. File extension
✔✔How does DLP policy work? - ✔✔DLP policy is created by building a DLP engine
using predefined dictionaries and/or custom dictionaries. The DLP engine is then
applied to a policy.
✔✔What use cases are available for protecting data at rest (out-of-band)? - ✔✔Data
Discovery, Prevent Data exposure (Public share, external share), Secure Apps from
Threats, Secure Corporate
Exchange and Gmail, and SaaS Security Posture
Management (SSPM).
✔✔What admin notification methods are available for DLP and CASB incidents? -
✔✔Email notification as well as SecureICA protocol for incident management and log
stream into the SIEM.
QUESTIONS AND ANSWERS 2025/2026 GRADED A+
✔✔What are features of the Security Services Data Protection Suite? - ✔✔Cloud and
Endpoint DLP, Browser Isolation, Inline and Out of Band CASB, SSPM,
CSPM/CIEM/IaC
✔✔What are features of Digital Experience? - ✔✔Endpoint Monitoring, Network
Monitoring, Application Monitoring, UCaaS Monitoring
✔✔By how much has hybrid work increased ticket resolution time? - ✔✔30%
✔✔How often does ZDX probe an application? - ✔✔Every 5 minutes
✔✔What does the ZDX Deep Trace feature do? - ✔✔Collects more information about
the user's device, targeting a specific application.
✔✔What does the Zscaler Cloud Firewall do? - ✔✔Provides complete control over all
ports and protocols as well as applications and/or services for all Zscaler users
✔✔How do cyber attacks generally occur? - ✔✔Cyber attacks follow the same general
pattern. First comes finding the attack surface, then initial compromise, then lateral
movement, and finally data loss through exfiltration, encryption or extortion.
✔✔What is a watering hole attack? - ✔✔When a commonly known website has
malicious content like malicious JavaScript running on it.
✔✔What features of the Zero Trust Exchange reduce attack surface? - ✔✔Privileged
Remote Access
Private Access to applications
✔✔What features of the Zero Trust Exchange stop initial compromise? - ✔✔Secure
Web Gateway
Advanced Threat Prevention
Cloud Sandbox
Cloud Firewall/IPS
Browser Isolation
✔✔What features of the Zero Trust Exchange stop lateral movement? - ✔✔Deception
Policy Segmentation with ZPA
✔✔What features of the Zero Trust Exchange will prevent data loss? - ✔✔Cloud
Sandbox
Secure Web Gateway
, Browser Isolation
DLP (At rest and in motion)
✔✔What does Advanced Threat Protection do? - ✔✔It is part of Zscaler's Secure Web
Gateway portfolio within ZIA.
It protects users going out to the internet against common attacks such as phishing.
✔✔What services are part of Advanced Threat Protection? - ✔✔URL Security
Categories, Content Types, Reputation, Signatures & IPS, and ML and Adv. Analysis
✔✔What are exploit kits? - ✔✔Malicious code that exploits vulnerabilities in browsers.
✔✔What is pre-existing compromise? - ✔✔Compromise or unauthorized access is
initially executed by a different operator and then it is sold to the highest bidder.
✔✔What services are available to protect data in motion? - ✔✔Cloud, Endpoint, Email,
and Private Apps DLP
✔✔What is a DLP dictionary? - ✔✔Algorithms that detect specific kinds of information in
traffic. Can trigger on EDM.
✔✔What is Azure Information Protection (AIP) / Microsoft Information Protection (MIP)
Labels? - ✔✔Provides sensitivity labels, which you can use to identify and protect files
with sensitive content. MIP labels are maintained by Microsoft and, through the addition
of an MIP Account in the ZIA Admin Portal, these labels can be retrieved from Microsoft
so that they can be used when defining a DLP policy in the ZIA admin portal.
✔✔What are the three levels of inspection for DLP? - ✔✔1. Magic Bytes
2. mime type
3. File extension
✔✔How does DLP policy work? - ✔✔DLP policy is created by building a DLP engine
using predefined dictionaries and/or custom dictionaries. The DLP engine is then
applied to a policy.
✔✔What use cases are available for protecting data at rest (out-of-band)? - ✔✔Data
Discovery, Prevent Data exposure (Public share, external share), Secure Apps from
Threats, Secure Corporate
Exchange and Gmail, and SaaS Security Posture
Management (SSPM).
✔✔What admin notification methods are available for DLP and CASB incidents? -
✔✔Email notification as well as SecureICA protocol for incident management and log
stream into the SIEM.
