Summer Sale Special - Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: sntaclus

What is the preferred method for authentication to access OneAPI?

A.

OpenID Connect (OIDC)

B.

Transport Layer Security (TLS)

C.

Security Assertion Markup Language (SAML)

D.

System for Cross-domain Identity Management (SCIM)

A user has opened a support case to complain about poor user experience when trying to manage their AWS resources. How could a helpdesk administrator get a useful root cause analysis to help isolate the issue in the least amount of time?

A.

Check the Zscaler Trust page for any indications of cloud outages or incidents that would be causing a slowdown.

B.

Check the user's ZDX score for a period of low score for AWS and use Analyze Score to get the ZDX Y-Engine analysis.

C.

Do a Deep Trace on the user's traffic and check for excessive DNS resolution times and other slowdowns.

D.

Initiate a packet capture from Zscaler Client Connector and escalate the case to have the trace analyzed for root cause.

Layered defense throughout an organization security platform is valuable because of which of the following?

A.

Layered defense increases costs to attackers to operate.

B.

Layered defense from multiple vendor solutions easily share attacker data.

C.

Layered defense ensures attackers are prevented eventually.

D.

Layered defense with multiple endpoint agents protects from attackers.

Which Risk360 key focus area observes a broad range of event, security configurations, and traffic flow attributes?

A.

External Attack Surface

B.

Prevent Compromise

C.

Data Loss

D.

Lateral Propagation

Which of the following options will protect against Botnet activity using IPS and Yara type content analysis?

A.

Command and Control Traffic

B.

Ransomware

C.

Trojans

D.

Adware/Spyware Protection

Which of the following are types of device posture?

A.

Detect Crowdstrike, Crowdstrike ZTA score, First name

B.

Certificate Trust, File Path, Full Disk Encryption

C.

Domain Joined, Process Check, Deception Check

D.

Unauthorized Modification, OS Version, License Key

Which of the following statements most accurately describes Zero Trust Connections?

A.

They require that SSH inspection be enabled.

B.

They are dependent on a fixed / static network environment.

C.

They are independent of any network for control or trust.

D.

They require IPv6.

What is the recommended default rule for the cloud-gen firewall configuration when deploying a new ZIA tenant?

A.

Block all traffic

B.

Permit all traffic

C.

Disable the firewall

D.

Allow only web traffic (ports 80/443)

Does the Cloud Firewall detect evasion techniques that would allow applications to communicate over non-standard ports to bypass its controls?

A.

The Cloud Firewall includes Deep Packet Inspection, which detects protocol evasions and sends the traffic to the respective engines for inspection and handling.

B.

Zscaler Client Connector will prevent evasion on the endpoint in conjunction with the endpoint operating system’s firewall.

C.

As traffic usually is forwarded from an on-premise firewall, this firewall will handle any evasion and will make sure that the protocols are corrected.

D.

The Cloud Firewall includes an IPS engine, which will detect the evasion techniques and will just block the transactions as it is invalid.

How do Access Policies relate to the Application Segments and Application Segment Groups?

A.

When a condition is met, an Access Policy can either allow or block access to Application Segments OR Application Segment Groups.

B.

When a condition is met, an Access Policy can allow access to Application Segments Groups and block access to Application Segment.

C.

When a condition is met. an Access Policy can either allow or block access to Application Segments and Application Segment Groups.

D.

When a condition is met, an Access Policy can allow access to Application Segments and block access to Application Segment Groups.