Page | 1
ZSCALER EDU 200 - ESSENTIALS - ZDTA
STUDY SET BRAND NEW ACTUAL EXAM
WITH ANSWERS.
What does Advanced Threat Protection do? - correct answer -It is
part of Zscaler's Secure Web Gateway portfolio within ZIA.
It protects users going out to the internet against common attacks
such as phishing.
What services are part of Advanced Threat Protection? - correct
answer -URL Security Categories, Content Types, Reputation,
Signatures & IPS, and ML and Adv. Analysis
What are exploit kits? - correct answer -Malicious code that
exploits vulnerabilities in browsers.
What is pre-existing compromise? - correct answer -Compromise
or unauthorized access is initially executed by a different operator
and then it is sold to the highest bidder.
, Page | 2
What services are available to protect data in motion? - correct
answer -Cloud, Endpoint, Email, and Private Apps DLP
What is a DLP dictionary? - correct answer -Algorithms that detect
specific kinds of information in traffic. Can trigger on EDM.
What is Azure Information Protection (AIP) / Microsoft Information
Protection (MIP) Labels? - correct answer -Provides sensitivity
labels, which you can use to identify and protect files with
sensitive content. MIP labels are maintained by Microsoft and,
through the addition of an MIP Account in the ZIA Admin Portal,
these labels can be retrieved from Microsoft so that they can be
used when defining a DLP policy in the ZIA admin portal.
What are the three levels of inspection for DLP? - correct answer
-1. Magic Bytes
2. mime type
3. File extension
How does DLP policy work? - correct answer -DLP policy is
created by building a DLP engine using predefined dictionaries
, Page | 3
and/or custom dictionaries. The DLP engine is then applied to a
policy.
What use cases are available for protecting data at rest (out-of-
band)? - correct answer -Data Discovery, Prevent Data exposure
(Public share, external share), Secure Apps from Threats, Secure
Corporate
Exchange and Gmail, and SaaS Security Posture
Management (SSPM).
What admin notification methods are available for DLP and CASB
incidents? - correct answer -Email notification as well as
SecureICA protocol for incident management and log stream into
the SIEM.
What does Z-Tunnel 2.0 fall back to? - correct answer -Z-Tunnel
1.0
What is included in the Zscaler for Users Edition? - correct
answer -ZIA, ZPA, ZDX
, Page | 4
How is browser access configured in ZPA? - correct answer -1.
Acquire web server certificate (upload existing certificate or create
certificate signing request for web server certificate)
2. Define browser access app by creating or editing an application
segment
What is a patient 0 alert? - correct answer -Occurs when a user
downloads an unknown file that is scanned and found to be
malicious. This will generate if the first-time action of a Sandbox
rule allows users to download files that match the rule criteria and
Sends the files to the Sandbox for behavioral analysis.
To ensure Zero Trust, users should not be connected to
_____________, but to the application.
Options:
- each other
- an AWS server
- a DMZ
- the network - correct answer -The network
Zero Trust is about which of the following?
ZSCALER EDU 200 - ESSENTIALS - ZDTA
STUDY SET BRAND NEW ACTUAL EXAM
WITH ANSWERS.
What does Advanced Threat Protection do? - correct answer -It is
part of Zscaler's Secure Web Gateway portfolio within ZIA.
It protects users going out to the internet against common attacks
such as phishing.
What services are part of Advanced Threat Protection? - correct
answer -URL Security Categories, Content Types, Reputation,
Signatures & IPS, and ML and Adv. Analysis
What are exploit kits? - correct answer -Malicious code that
exploits vulnerabilities in browsers.
What is pre-existing compromise? - correct answer -Compromise
or unauthorized access is initially executed by a different operator
and then it is sold to the highest bidder.
, Page | 2
What services are available to protect data in motion? - correct
answer -Cloud, Endpoint, Email, and Private Apps DLP
What is a DLP dictionary? - correct answer -Algorithms that detect
specific kinds of information in traffic. Can trigger on EDM.
What is Azure Information Protection (AIP) / Microsoft Information
Protection (MIP) Labels? - correct answer -Provides sensitivity
labels, which you can use to identify and protect files with
sensitive content. MIP labels are maintained by Microsoft and,
through the addition of an MIP Account in the ZIA Admin Portal,
these labels can be retrieved from Microsoft so that they can be
used when defining a DLP policy in the ZIA admin portal.
What are the three levels of inspection for DLP? - correct answer
-1. Magic Bytes
2. mime type
3. File extension
How does DLP policy work? - correct answer -DLP policy is
created by building a DLP engine using predefined dictionaries
, Page | 3
and/or custom dictionaries. The DLP engine is then applied to a
policy.
What use cases are available for protecting data at rest (out-of-
band)? - correct answer -Data Discovery, Prevent Data exposure
(Public share, external share), Secure Apps from Threats, Secure
Corporate
Exchange and Gmail, and SaaS Security Posture
Management (SSPM).
What admin notification methods are available for DLP and CASB
incidents? - correct answer -Email notification as well as
SecureICA protocol for incident management and log stream into
the SIEM.
What does Z-Tunnel 2.0 fall back to? - correct answer -Z-Tunnel
1.0
What is included in the Zscaler for Users Edition? - correct
answer -ZIA, ZPA, ZDX
, Page | 4
How is browser access configured in ZPA? - correct answer -1.
Acquire web server certificate (upload existing certificate or create
certificate signing request for web server certificate)
2. Define browser access app by creating or editing an application
segment
What is a patient 0 alert? - correct answer -Occurs when a user
downloads an unknown file that is scanned and found to be
malicious. This will generate if the first-time action of a Sandbox
rule allows users to download files that match the rule criteria and
Sends the files to the Sandbox for behavioral analysis.
To ensure Zero Trust, users should not be connected to
_____________, but to the application.
Options:
- each other
- an AWS server
- a DMZ
- the network - correct answer -The network
Zero Trust is about which of the following?
