ZDTA 시험 - Zscaler실제시험문제와 답 - 60문항

Question No : 1

Is SCIM required for ZIA?

A.Depends
B.Maybe
C.No
D.Yes

정답:

Question No : 2

The Zscaler platform can protect against malicious files, URLs and content based on a number of criteria including reputation type.
What type of checking is virus scanning?

A.Malware protection
B.File reputation
C.SHA-256 hashing
D.Site reputation

정답:

Question No : 3

Which feature does Zscaler Client Connector Z-Tunnel 2.0 enable over Z-Tunnel 1.0?

A.Enables SSL Inspection for Client Connector
B.Inspection of all ports and protocols via Cloud Firewall
C.Enables Browser Isolation
D.Enables multicast traffic

정답:

Question No : 4

What ports and protocols are forwarded to the Zero Trust Exchange when Zscaler Client Connector is using Tunnel 2.0?

A.TCP ports 80, 443 and 8080 only.
B.Any HTTP/HTTPS traffic as well as DN
C.All TCP and UDP ports as well as ICMP traffic.
D.All Web ports as well as FTP and SS

정답:

Question No : 5

Which Advanced Threats policy can be configured to protect users against a credential attack?

A.Configure Advanced Cloud Sandbox policies.
B.Block Suspected phishing sites.
C.Enable Watering Hole detection.
D.Block Windows executable files from uncategorized websites.

정답:

Question No : 6

What are the two types of Probe supported in ZDX?

A.Web Probes and Cloud Path Probes
B.Application Probes and Network Probes
C.Page Speed Probes and Connection Speed Probes
D.Saas Probes and Router Probes

정답:

Question No : 7

Malware Protection inside HTTPS connections is performed using which parts of the Zero Trust Exchange?

A.Deception creating decoy files for malware to discover.
B.Application Segmentation of users to specific private applications.
C.TLS Inspection decrypting traffic to compare signatures for known risks.
D.Data Loss Protection comparing saved filenames for known risks.

정답:

Question No : 8

What is Zscaler's rotation policy for intermediate certificate authority certificates?

A.Certificates are rotated every 90 days and have a 180-day expiration.
B.Lifetime certificates have no expiration date.
C.Certificates are rotated every seven days and have a 14-day expiration.
D.Certificates are issued dynamically and expire in 24 hours.

정답:

Question No : 9

Does the Cloud Firewall detect evasion techniques that would allow applications to communicate over non-standard ports to bypass its controls?

A.The Cloud Firewall includes an IPS engine, which will detect the evasion techniques and will just block the transactions as it is invalid.
B.Zscaler Client Connector will prevent evasion on the endpoint in conjunction with the endpoint operating system's firewall.
C.As traffic usually is forwarded from an on-premise firewall, this firewall will handle any evasion and will make sure that the protocols are corrected.
D.The Cloud Firewall includes Deep Packed Inspection, which detects protocol evasions and sends the traffic to the respective engines for inspection and handling.

정답:

Question No : 10

Which of the following are correct request methods when configuring a URL filtering rule with a Caution action?

A.Connect, Get, Head
B.Options, Delete, Put
C.Get, Delete, Trace
D.Connect, Post, Put

정답:

Question No : 11

What is the main purpose of Sandbox functionality?

A.Block malware that we have previously identified
B.Build a test environment where we can evaluate the result of policies
C.Identify Zero-Day Threats
D.Balance thread detection across customers around the world

정답:

Question No : 12

Cross-Site Scripting (XSS) attacks are a type of injection, in which malicious scripts are injected into otherwise benign and trusted websites. XSS includes which of the following?

A.Spyware Callback
B.Anonymizers
C.Cookie Stealing
D.IRC Tunneling

정답:

Question No : 13

Which of the following is a key feature of Zscaler Data Protection?

A.Data loss prevention
B.Stopping reconnaissance attacks
C.DDoS protection
D.Log analysis

정답:

Question No : 14

Can Notifications, based on Alert Rules, be sent with methods other than email?

A.Email is the only method for notifications as that is universally applicable and no other way of sending them makes sense.
B.In addition to email, text messages can be sent directly to one cell phone to alert the CISO who is then coordinating the work on the incident.
C.Leading ITSM systems can be connected to the Zero Trust Exchange using a NSS server, which will then connect to ITSM tools and forwards the alert.
D.In addition to email, notifications, based on Alert Rules, can be shared with leading ITSM or UCAAS tools over Webhooks.

정답:

Question No : 15

When configuring an inline Data Loss Prevention policy with content inspection, which of the following are used to detect data, allow or block transactions, and notify your organization's auditor when a user's transaction triggers a DLP rule?

A.Hosted PAC Files
B.Index Tool
C.DLP engines
D.VPN Credentials

정답:

Zscaler ZDTA 시험