ZSCALER EDU 200 - ESSENTIALS - ZDTA STUDY SET NEWEST
ACTUAL 2025/2026 EXAM WITH COMPLETE QUESTIONS AND
ANSWERS VERIFIED/GRADED A+
What is the function of the auto proxy forwarding firewall
configuration?
Options:
- Automatically forwarding traffic from all ports and protocols to
Zscaler's proxy.
- Automatically detecting web traffic (e.g., FTP, HTTPS) coming in
on non-standard ports and forwarding it to Zscaler's proxy
- Blocking traffic destined for a web proxy
- Turning the firewall into a makeshift proxy in case the Zscaler
cloud is down - ---Answers----Automatically detecting web
traffic (e.g., FTP, HTTPS) coming in on non-standard ports and
forwarding it to Zscaler's proxy
What is the best practice for a cloud-gen firewall in terms of
having default rules?
Options:
- Block everything and start allowing what your users need to
access
- Allow all, even risky ports and protocols
,- Allow all, with certain exceptions, for specific ports and
protocols (e.g., port 22, SSH)
- Block ICMP packets - ---Answers----Block everything and
start allowing what your users need to access
Why is it important for a cloud-gen firewall to implement DPI
signatures?
Options:
- Evasive apps like BitTorrent can often disguise themselves as
coming from a standard port, and it is critical to identify and
block these applications
- Web traffic only traverses ports 80 and 443, so IPS engines are
geared towards these ports to help people identify malicious web
traffic
- In high-traffic volume situations, IPS signatures will help
reduce false positives
- IPS signatures are lightweight and can therefore be handled by
traditional firewalls - ---Answers----Evasive apps like
BitTorrent can often disguise themselves as coming from a
standard port, and it is critical to identify and block these
applications
How are Newly Observed Domains (NODs) different than Newly
Registered Domains (NRDs)? - ---Answers----NRDs were
registered recently, whereas NODs may have been registered
,some time ago but have never been observed with actual clients
visiting them, which makes them suspicious
What is the Zscaler Page Risk score? - ---Answers----The Page
Risk score is a slider on the Advanced Threat Protection
configuration page, which allows a user to pre-select what level
of risk they are comfortable with on particular websites; the risk
itself is computed on a scale of 0-100 by looking at several
factors including the top-level domain, the user agent, whether
certain HTTP headers are missing, whether a high-entropy
domain name is being used, and several other factors
What is Ransomware? - ---Answers----Malware that steals
data and encrypts it
Once a phishing attack occurs and a user is directed to malicious
content, which of the following typically occurs? - ---Answers--
--One or more files are downloaded, with the attacker also
attempting to download secondary payloads onto the user's
machine
The establishing of an outbound connection from the user's
device using an outbound command and control channel to an
adversaries' infrastructure
Full control over the endpoint by the adversary
What is Zscaler ThreatLabZ? - ---Answers----A best-in-class
security threat research team of more than 100+ security
, researchers who analyze security trends and help keep Zscaler's
signature databases up to date
What is a spear phishing attack? - ---Answers----A type of
attack in which malicious files or attachments can be used in an
email, luring the user to open it
Contextual DLP policy includes (Select 3): - ---Answers----File
Type Control
Cloud App Control
Tenancy Restrictions
Zscaler supports data at rest scanning with DLP and Cloud
Sandbox using which technology? - ---Answers----OOB CASB
Zscaler offers ML based data discovery for many thematic
document categories such as: (Select 3) - ---Answers----Legal
documents
Medical records
Images such as passports, driving license, etc.
Zscaler offers user notification and coaching via which of the
following mechanisms? (Select 3) - ---Answers----Browser
Notification (Browser based)
Slack Connector (Application based)
ACTUAL 2025/2026 EXAM WITH COMPLETE QUESTIONS AND
ANSWERS VERIFIED/GRADED A+
What is the function of the auto proxy forwarding firewall
configuration?
Options:
- Automatically forwarding traffic from all ports and protocols to
Zscaler's proxy.
- Automatically detecting web traffic (e.g., FTP, HTTPS) coming in
on non-standard ports and forwarding it to Zscaler's proxy
- Blocking traffic destined for a web proxy
- Turning the firewall into a makeshift proxy in case the Zscaler
cloud is down - ---Answers----Automatically detecting web
traffic (e.g., FTP, HTTPS) coming in on non-standard ports and
forwarding it to Zscaler's proxy
What is the best practice for a cloud-gen firewall in terms of
having default rules?
Options:
- Block everything and start allowing what your users need to
access
- Allow all, even risky ports and protocols
,- Allow all, with certain exceptions, for specific ports and
protocols (e.g., port 22, SSH)
- Block ICMP packets - ---Answers----Block everything and
start allowing what your users need to access
Why is it important for a cloud-gen firewall to implement DPI
signatures?
Options:
- Evasive apps like BitTorrent can often disguise themselves as
coming from a standard port, and it is critical to identify and
block these applications
- Web traffic only traverses ports 80 and 443, so IPS engines are
geared towards these ports to help people identify malicious web
traffic
- In high-traffic volume situations, IPS signatures will help
reduce false positives
- IPS signatures are lightweight and can therefore be handled by
traditional firewalls - ---Answers----Evasive apps like
BitTorrent can often disguise themselves as coming from a
standard port, and it is critical to identify and block these
applications
How are Newly Observed Domains (NODs) different than Newly
Registered Domains (NRDs)? - ---Answers----NRDs were
registered recently, whereas NODs may have been registered
,some time ago but have never been observed with actual clients
visiting them, which makes them suspicious
What is the Zscaler Page Risk score? - ---Answers----The Page
Risk score is a slider on the Advanced Threat Protection
configuration page, which allows a user to pre-select what level
of risk they are comfortable with on particular websites; the risk
itself is computed on a scale of 0-100 by looking at several
factors including the top-level domain, the user agent, whether
certain HTTP headers are missing, whether a high-entropy
domain name is being used, and several other factors
What is Ransomware? - ---Answers----Malware that steals
data and encrypts it
Once a phishing attack occurs and a user is directed to malicious
content, which of the following typically occurs? - ---Answers--
--One or more files are downloaded, with the attacker also
attempting to download secondary payloads onto the user's
machine
The establishing of an outbound connection from the user's
device using an outbound command and control channel to an
adversaries' infrastructure
Full control over the endpoint by the adversary
What is Zscaler ThreatLabZ? - ---Answers----A best-in-class
security threat research team of more than 100+ security
, researchers who analyze security trends and help keep Zscaler's
signature databases up to date
What is a spear phishing attack? - ---Answers----A type of
attack in which malicious files or attachments can be used in an
email, luring the user to open it
Contextual DLP policy includes (Select 3): - ---Answers----File
Type Control
Cloud App Control
Tenancy Restrictions
Zscaler supports data at rest scanning with DLP and Cloud
Sandbox using which technology? - ---Answers----OOB CASB
Zscaler offers ML based data discovery for many thematic
document categories such as: (Select 3) - ---Answers----Legal
documents
Medical records
Images such as passports, driving license, etc.
Zscaler offers user notification and coaching via which of the
following mechanisms? (Select 3) - ---Answers----Browser
Notification (Browser based)
Slack Connector (Application based)
