Zabbix Certified Specialist Exam (Version 3) Question
Bank (Latest 2026/2027 Edition) – Questions, Answers &
Detailed Rationales
──────────────────────────────
SECTION 1: ZABBIX ARCHITECTURE, INSTALLATION, AND DEPLOYMENT
──────────────────────────────
Question 1
A systems engineer is planning a new Zabbix 7.0 deployment for a financial services
organization that requires monitoring of 15,000 devices with sub-second data collection
intervals. The engineer must select the optimal database backend. Which database
engine provides the best performance for high-volume time-series data in Zabbix 7.0?
A. MySQL 8.0 with default InnoDB configuration
B. PostgreSQL 16 with TimescaleDB extension
C. SQLite 3 for embedded deployment
D. Oracle Database 19c with standard partitioning
Correct Answer:
B — PostgreSQL 16 with TimescaleDB extension
Rationale:
PostgreSQL with TimescaleDB is the recommended backend for large-scale Zabbix
deployments due to native time-series optimizations, hypertable partitioning, and
superior compression ratios for high-frequency data. MySQL lacks native time-series
extensions; SQLite is unsuitable for production scale; Oracle is supported but not
optimized for Zabbix time-series workloads.
Question 2
,An infrastructure team is deploying Zabbix in a high-availability configuration across two
data centers. The team must ensure that the Zabbix server components can failover
without manual intervention. Which component requires active-passive clustering or
Pacemaker/Corosync configuration to achieve true HA at the server layer?
A. Zabbix frontend PHP processes
B. Zabbix server daemon
C. Zabbix agent2 on monitored hosts
D. Zabbix proxy for remote polling
Correct Answer:
B — Zabbix server daemon
Rationale:
The Zabbix server daemon is the single point of failure that requires active-passive
clustering (Pacemaker/Corosync) or keepalived for automatic failover, as only one
server instance can write to the database at a time. Frontend processes are stateless
and load-balanced; agents are distributed by design; proxies are standalone and do not
require server-layer HA.
Question 3
A DevOps engineer is installing Zabbix 7.0 from packages on Ubuntu 24.04 LTS. After
configuring the Zabbix repository, which command sequence correctly installs the
Zabbix server, frontend, and agent with PostgreSQL backend support?
A. apt install zabbix-server-mysql zabbix-frontend-php
zabbix-agent
B. apt install zabbix-server-pgsql zabbix-frontend-php
zabbix-agent2
C. apt install zabbix-server-pgsql zabbix-frontend-php
zabbix-sql-scripts zabbix-agent2
,D. apt install zabbix-server-odbc zabbix-frontend-nginx
zabbix-agent
Correct Answer:
C — apt install zabbix-server-pgsql zabbix-frontend-php
zabbix-sql-scripts zabbix-agent2
Rationale:
The correct PostgreSQL package is zabbix-server-pgsql, zabbix-sql-scripts
provides initial schema creation scripts, and zabbix-agent2 is the modern
recommended agent. Option A installs MySQL support; option B omits required SQL
scripts; option D uses ODBC and nginx variants that are not standard for initial
installation.
Question 4
A cloud architect is designing a Zabbix deployment on Kubernetes using the official
Zabbix Helm charts. The architect needs to ensure persistent storage for historical data.
Which Kubernetes resource must be properly configured to maintain database integrity
across pod restarts?
A. ConfigMap for Zabbix server configuration
B. PersistentVolumeClaim for PostgreSQL or MySQL data directory
C. Secret for TLS certificate storage
D. ServiceAccount for API access permissions
Correct Answer:
B — PersistentVolumeClaim for PostgreSQL or MySQL data directory
Rationale:
A PersistentVolumeClaim ensures that the database storage persists across pod
rescheduling and restarts, preventing historical data loss. ConfigMaps store
, configuration, not data; Secrets manage credentials; ServiceAccounts control RBAC
permissions but do not provide data persistence.
Question 5
A security administrator is hardening a Zabbix 7.0 installation. The administrator needs
to encrypt all communication between Zabbix server and agents using TLS with
certificate-based authentication. Which parameter in the agent configuration file
enables certificate-based encryption?
A. TLSConnect=psk
B. TLSConnect=cert
C. TLSAccept=unencrypted
D. TLSPSKIdentity=agent001
Correct Answer:
B — TLSConnect=cert
Rationale:
TLSConnect=cert enables certificate-based encryption for outgoing connections
from the agent to server. TLSConnect=psk enables pre-shared key encryption;
TLSAccept=unencrypted disables encryption; TLSPSKIdentity is used only with
PSK mode, not certificate mode.
Question 6
A database administrator is tuning a Zabbix 7.0 PostgreSQL backend that is
experiencing slow trigger processing during peak hours. Which PostgreSQL
configuration parameter most directly impacts Zabbix's ability to write incoming metrics
efficiently?
A. max_connections = 50
Bank (Latest 2026/2027 Edition) – Questions, Answers &
Detailed Rationales
──────────────────────────────
SECTION 1: ZABBIX ARCHITECTURE, INSTALLATION, AND DEPLOYMENT
──────────────────────────────
Question 1
A systems engineer is planning a new Zabbix 7.0 deployment for a financial services
organization that requires monitoring of 15,000 devices with sub-second data collection
intervals. The engineer must select the optimal database backend. Which database
engine provides the best performance for high-volume time-series data in Zabbix 7.0?
A. MySQL 8.0 with default InnoDB configuration
B. PostgreSQL 16 with TimescaleDB extension
C. SQLite 3 for embedded deployment
D. Oracle Database 19c with standard partitioning
Correct Answer:
B — PostgreSQL 16 with TimescaleDB extension
Rationale:
PostgreSQL with TimescaleDB is the recommended backend for large-scale Zabbix
deployments due to native time-series optimizations, hypertable partitioning, and
superior compression ratios for high-frequency data. MySQL lacks native time-series
extensions; SQLite is unsuitable for production scale; Oracle is supported but not
optimized for Zabbix time-series workloads.
Question 2
,An infrastructure team is deploying Zabbix in a high-availability configuration across two
data centers. The team must ensure that the Zabbix server components can failover
without manual intervention. Which component requires active-passive clustering or
Pacemaker/Corosync configuration to achieve true HA at the server layer?
A. Zabbix frontend PHP processes
B. Zabbix server daemon
C. Zabbix agent2 on monitored hosts
D. Zabbix proxy for remote polling
Correct Answer:
B — Zabbix server daemon
Rationale:
The Zabbix server daemon is the single point of failure that requires active-passive
clustering (Pacemaker/Corosync) or keepalived for automatic failover, as only one
server instance can write to the database at a time. Frontend processes are stateless
and load-balanced; agents are distributed by design; proxies are standalone and do not
require server-layer HA.
Question 3
A DevOps engineer is installing Zabbix 7.0 from packages on Ubuntu 24.04 LTS. After
configuring the Zabbix repository, which command sequence correctly installs the
Zabbix server, frontend, and agent with PostgreSQL backend support?
A. apt install zabbix-server-mysql zabbix-frontend-php
zabbix-agent
B. apt install zabbix-server-pgsql zabbix-frontend-php
zabbix-agent2
C. apt install zabbix-server-pgsql zabbix-frontend-php
zabbix-sql-scripts zabbix-agent2
,D. apt install zabbix-server-odbc zabbix-frontend-nginx
zabbix-agent
Correct Answer:
C — apt install zabbix-server-pgsql zabbix-frontend-php
zabbix-sql-scripts zabbix-agent2
Rationale:
The correct PostgreSQL package is zabbix-server-pgsql, zabbix-sql-scripts
provides initial schema creation scripts, and zabbix-agent2 is the modern
recommended agent. Option A installs MySQL support; option B omits required SQL
scripts; option D uses ODBC and nginx variants that are not standard for initial
installation.
Question 4
A cloud architect is designing a Zabbix deployment on Kubernetes using the official
Zabbix Helm charts. The architect needs to ensure persistent storage for historical data.
Which Kubernetes resource must be properly configured to maintain database integrity
across pod restarts?
A. ConfigMap for Zabbix server configuration
B. PersistentVolumeClaim for PostgreSQL or MySQL data directory
C. Secret for TLS certificate storage
D. ServiceAccount for API access permissions
Correct Answer:
B — PersistentVolumeClaim for PostgreSQL or MySQL data directory
Rationale:
A PersistentVolumeClaim ensures that the database storage persists across pod
rescheduling and restarts, preventing historical data loss. ConfigMaps store
, configuration, not data; Secrets manage credentials; ServiceAccounts control RBAC
permissions but do not provide data persistence.
Question 5
A security administrator is hardening a Zabbix 7.0 installation. The administrator needs
to encrypt all communication between Zabbix server and agents using TLS with
certificate-based authentication. Which parameter in the agent configuration file
enables certificate-based encryption?
A. TLSConnect=psk
B. TLSConnect=cert
C. TLSAccept=unencrypted
D. TLSPSKIdentity=agent001
Correct Answer:
B — TLSConnect=cert
Rationale:
TLSConnect=cert enables certificate-based encryption for outgoing connections
from the agent to server. TLSConnect=psk enables pre-shared key encryption;
TLSAccept=unencrypted disables encryption; TLSPSKIdentity is used only with
PSK mode, not certificate mode.
Question 6
A database administrator is tuning a Zabbix 7.0 PostgreSQL backend that is
experiencing slow trigger processing during peak hours. Which PostgreSQL
configuration parameter most directly impacts Zabbix's ability to write incoming metrics
efficiently?
A. max_connections = 50
