ZSCALER EDU 200 ESSENTIALS MAIN FINAL PAPER
UODATED QUESTIONS AND ANSWERS RATED A+
✔✔What is Ransomware? - ✔✔Malware that steals data and encrypts it
✔✔Once a phishing attack occurs and a user is directed to malicious content, which of
the following typically occurs? - ✔✔One or more files are downloaded, with the attacker
also attempting to download secondary payloads onto the user's machine
The establishing of an outbound connection from the user's device using an outbound
command and control channel to an adversaries' infrastructure
Full control over the endpoint by the adversary
✔✔What is Zscaler ThreatLabZ? - ✔✔A best-in-class security threat research team of
more than 100+ security researchers who analyze security trends and help keep
Zscaler's signature databases up to date
✔✔What is a spear phishing attack? - ✔✔A type of attack in which malicious files or
attachments can be used in an email, luring the user to open it
✔✔Contextual DLP policy includes (Select 3): - ✔✔File Type Control
Cloud App Control
Tenancy Restrictions
✔✔Zscaler supports data at rest scanning with DLP and Cloud Sandbox using which
technology? - ✔✔OOB CASB
✔✔Zscaler offers ML based data discovery for many thematic document categories
such as: (Select 3) - ✔✔Legal documents
Medical records
Images such as passports, driving license, etc.
✔✔Zscaler offers user notification and coaching via which of the following mechanisms?
(Select 3) - ✔✔Browser Notification (Browser based)
Slack Connector (Application based)
Zscaler Workflow Automation (Client connector pop-up)
✔✔EDM (Exact Data Match) is an advanced DLP feature that does which of the
following? - ✔✔EDM enables organizations to perform a structured data match on
specific types of data, e.g. a column of credit card numbers
✔✔OCR (Optical Character Recognition) is necessary for which of the following? -
✔✔OCR helps protect sensitive data in images, image files and handwritten texts
, ✔✔To protect sensitive data, organizations must inspect the content inline with data
classification capabilities such as predefined dictionaries, custom dictionaries, etc. (True
or False) - ✔✔TRUE
✔✔SSPM (SaaS Security Posture Management) enables organizations to find which of
the following: - ✔✔Cloud misconfigurations and compliance violations
✔✔Zscaler offers fully integrated data protection for all channels, which includes:
(Select 3) - ✔✔Cloud channels such as data in motion or data-at-rest in SaaS
applications
Endpoint
Email
✔✔What is a possible data exfiltration channel? - ✔✔Cloud based personal email, file
sharing, and collaboration tools
✔✔How do most major security breaches begin? - ✔✔An attacker finding your attack
surface
✔✔With Zero Trust, if we use the analogy of publishing your phone number, then: -
✔✔Your phone number is unpublished and only authorized parties can call you
✔✔SSL inspection is important in order to see - ✔✔What's good and what's bad inside
a connection, since most connections are encrypted, in order to understand if there is
any malware coming in and/or if there's any sensitive data leaking out.
✔✔What is typically the second step of a breach after an attacker finds your attack
surface? - ✔✔Compromise, for example through a phishing link that someone may
click, which could infect their machine with malware
✔✔The Zero Trust Exchange, Zscaler's inline security platform, is powered by data
centers that sit in how many locations? - ✔✔Over 150 data centers globally
✔✔You have data centers in New York, San Francisco, London, and Hong Kong. Each
data center hosts multiple applications, and all have internet connectivity. What is the
MINIMUM number of App Connectors you should deploy for production?
Options:
- 4, one per DC
- 6, one per DC, plus 2 for cold standby
- 8, 2 per DC
- 16, 4 DC's and each requires a connector to build a mesh to the other DC's - ✔✔8, 2
per DC
UODATED QUESTIONS AND ANSWERS RATED A+
✔✔What is Ransomware? - ✔✔Malware that steals data and encrypts it
✔✔Once a phishing attack occurs and a user is directed to malicious content, which of
the following typically occurs? - ✔✔One or more files are downloaded, with the attacker
also attempting to download secondary payloads onto the user's machine
The establishing of an outbound connection from the user's device using an outbound
command and control channel to an adversaries' infrastructure
Full control over the endpoint by the adversary
✔✔What is Zscaler ThreatLabZ? - ✔✔A best-in-class security threat research team of
more than 100+ security researchers who analyze security trends and help keep
Zscaler's signature databases up to date
✔✔What is a spear phishing attack? - ✔✔A type of attack in which malicious files or
attachments can be used in an email, luring the user to open it
✔✔Contextual DLP policy includes (Select 3): - ✔✔File Type Control
Cloud App Control
Tenancy Restrictions
✔✔Zscaler supports data at rest scanning with DLP and Cloud Sandbox using which
technology? - ✔✔OOB CASB
✔✔Zscaler offers ML based data discovery for many thematic document categories
such as: (Select 3) - ✔✔Legal documents
Medical records
Images such as passports, driving license, etc.
✔✔Zscaler offers user notification and coaching via which of the following mechanisms?
(Select 3) - ✔✔Browser Notification (Browser based)
Slack Connector (Application based)
Zscaler Workflow Automation (Client connector pop-up)
✔✔EDM (Exact Data Match) is an advanced DLP feature that does which of the
following? - ✔✔EDM enables organizations to perform a structured data match on
specific types of data, e.g. a column of credit card numbers
✔✔OCR (Optical Character Recognition) is necessary for which of the following? -
✔✔OCR helps protect sensitive data in images, image files and handwritten texts
, ✔✔To protect sensitive data, organizations must inspect the content inline with data
classification capabilities such as predefined dictionaries, custom dictionaries, etc. (True
or False) - ✔✔TRUE
✔✔SSPM (SaaS Security Posture Management) enables organizations to find which of
the following: - ✔✔Cloud misconfigurations and compliance violations
✔✔Zscaler offers fully integrated data protection for all channels, which includes:
(Select 3) - ✔✔Cloud channels such as data in motion or data-at-rest in SaaS
applications
Endpoint
✔✔What is a possible data exfiltration channel? - ✔✔Cloud based personal email, file
sharing, and collaboration tools
✔✔How do most major security breaches begin? - ✔✔An attacker finding your attack
surface
✔✔With Zero Trust, if we use the analogy of publishing your phone number, then: -
✔✔Your phone number is unpublished and only authorized parties can call you
✔✔SSL inspection is important in order to see - ✔✔What's good and what's bad inside
a connection, since most connections are encrypted, in order to understand if there is
any malware coming in and/or if there's any sensitive data leaking out.
✔✔What is typically the second step of a breach after an attacker finds your attack
surface? - ✔✔Compromise, for example through a phishing link that someone may
click, which could infect their machine with malware
✔✔The Zero Trust Exchange, Zscaler's inline security platform, is powered by data
centers that sit in how many locations? - ✔✔Over 150 data centers globally
✔✔You have data centers in New York, San Francisco, London, and Hong Kong. Each
data center hosts multiple applications, and all have internet connectivity. What is the
MINIMUM number of App Connectors you should deploy for production?
Options:
- 4, one per DC
- 6, one per DC, plus 2 for cold standby
- 8, 2 per DC
- 16, 4 DC's and each requires a connector to build a mesh to the other DC's - ✔✔8, 2
per DC
