Amazon
Avaya
Cisco
CompTIA
CrowdStrike
EC-Council
EXIN
Fortinet
Google
ISC
ISC2
ITIL
Juniper
Microsoft
NVIDIA
Okta
Palo Alto Networks
Salesforce
All Vendors
  1. Home
  2. Zscaler
  3. ZDTA

Zscaler ZDTA Exam (page: 2)
Zscaler Digital Transformation Administrator
Updated on: 07-Feb-2026

Viewing Page 2 of 17
ZDTA PDF 178 Questions

What method does Zscaler Identity Threat Detection and Response use to gather information about AD domains?

  1. Scanning network ports
  2. Running LDAP queries
  3. Analyzing firewall logs
  4. Packet sniffing

Answer(s): B

Explanation:

Zscaler Identity Threat Detection and Response gathers information about Active Directory (AD) domains primarily by running LDAP queries. LDAP queries allow the system to retrieve user and domain information directly and accurately from the AD infrastructure, enabling detection and analysis of identity threats and suspicious activities. The study guide highlights the use of LDAP queries as a reliable and standard method for accessing AD domain data in this security context.



What does a DLP Engine consist of?

  1. DLP Policies
  2. DLP Rules
  3. DLP Dictionaries
  4. DLP Identifiers

Answer(s): C

Explanation:

The DLP (Data Loss Prevention) Engine in Zscaler consists of DLP Dictionaries. These dictionaries contain the sensitive data patterns, keywords, and identifiers used to detect sensitive information in network traffic. They serve as the foundation for defining what content should be inspected and protected.
While DLP policies and rules govern how the engine acts, the engine itself fundamentally depends on these dictionaries to identify sensitive data accurately. The study guide states that DLP Dictionaries are key components that power the detection capabilities within the engine.



A user is accessing a private application through Zscaler with SSL Inspection enabled.
Which certificate will the user see on the browser session?

  1. No certificate, as the session is decrypted by the Service Edge
  2. A self-signed certificate from Zscaler
  3. Real Server Certificate
  4. Zscaler generated MITM Certificate

Answer(s): D

Explanation:

When SSL Inspection is enabled and a user accesses a private application through Zscaler, the user will see a Zscaler generated MITM (Man-In-The-Middle) Certificate on their browser session. Zscaler intercepts and decrypts SSL/TLS traffic at the Service Edge and then re-encrypts it before forwarding it to the client, presenting its own certificate to maintain the security of the connection while enabling inspection.
This allows Zscaler to inspect encrypted traffic for threats and policy enforcement transparently without exposing the original server's certificate. The study guide clarifies this mechanism under SSL Inspection details.



What Malware Protection setting can be selected when setting up a Malware Policy?

  1. Isolate
  2. Bypass
  3. Block
  4. Do Not Decrypt

Answer(s): C

Explanation:

The valid Malware Protection setting selectable when configuring a Malware Policy in Zscaler is Block. This setting instructs the platform to block malicious files or activities detected by malware scanning engines.
Other settings like Isolate or Bypass are not standard malware policy actions in Zscaler's malware protection configuration. The "Do Not Decrypt" option relates to SSL inspection settings, not malware policy actions. The study guide specifies "Block" as the primary malware policy action to enforce protection.



Which are valid criteria for use in Access Policy Rules for ZPA?

  1. Group Membership, ZIA Risk Score, Domain Joined, Certificate Trust
  2. Username, Trusted Network Status, Password, Location
  3. SCIM Group, Time of Day, Client Type, Country Code
  4. Department, SNI, Branch Connector Group, Machine Group

Answer(s): A

Explanation:

Valid criteria for Access Policy Rules in ZPA include Group Membership, ZIA Risk Score, Domain Joined, and Certificate Trust. These attributes allow granular policy decisions based on user identity, device posture, and risk context.
Options including password are invalid as passwords are not used as policy criteria; similarly, SNI and Branch Connector Group are more relevant to other controls. The study guide lists these user and device attributes explicitly as policy criteria within ZPA access policies.



Which type of attack plants malware on commonly accessed services?

  1. Remote access trojans
  2. Phishing
  3. Exploit kits
  4. Watering hole attack

Answer(s): D

Explanation:

A Watering Hole Attack is characterized by attackers planting malware on websites or services that are commonly accessed by their intended victims. The goal is to infect users who visit these trusted sites by injecting malicious code or malware. This type of attack leverages the trust users place in frequently visited services to deliver malware covertly. Other options like Remote Access Trojans, Phishing, and Exploit Kits are attack types but do not specifically involve compromising commonly accessed services to plant malware.



What does the user risk score enable a user to do?

  1. Compare the user risk score with other companies to evaluate users vs other companies.
  2. Determine whether or not a user is authorized to view unencrypted data.
  3. Configure stronger user-specific policies to monitor & control user-level risk exposure.
  4. Determine if a user has been compromised

Answer(s): C

Explanation:

The user risk score enables organizations to configure stronger user-specific policies to monitor and control user-level risk exposure. This score reflects a user's risk posture based on behaviors and detected anomalies and helps in tailoring security policies to address individual risk levels.
While the score gives insight into user risk, it is primarily designed for adaptive policy enforcement rather than direct compromise detection or cross-company comparison. The study guide highlights that user risk scores drive policy adjustments to better secure user activity.



Can URL Filtering make use of Cloud Browser Isolation?

  1. No. Cloud Browser Isolation is a separate platform.
  2. No. Cloud Browser Isolation is only a feature of Advanced Threat Defense.
  3. Yes. After blocking access to a site, the user can manually switch on isolation.
  4. Yes. Isolate is a possible Action for URL Filtering.

Answer(s): D

Explanation:

Yes, URL Filtering can make use of Cloud Browser Isolation. Specifically, "Isolate" is an available action in URL Filtering policies that enables users to access potentially risky or untrusted websites in an isolated environment, preventing any malicious content from reaching the user's device. The study guide explains that integrating Cloud Browser Isolation into URL Filtering enhances security by isolating risky browsing activities directly from policy enforcement points.



Viewing Page 2 of 17



Share your comments for Zscaler ZDTA exam with other users:

Amit 9/7/2023 12:53:00 AM

very detailed explanation !
HONG KONG


FisherGirl 5/16/2022 10:36:00 PM

the interactive nature of the test engine application makes the preparation process less boring.
NETHERLANDS


Chiranthaka 9/20/2023 11:15:00 AM

very useful.
Anonymous


SK 7/15/2023 3:51:00 AM

complete question dump should be made available for practice.
Anonymous


Gamerrr420 5/25/2022 9:38:00 PM

i just passed my first exam. i got 2 exam dumps as part of the 50% sale. my second exam is under work. once i write that exam i report my result. but so far i am confident.
AUSTRALIA


Kudu hgeur 9/21/2023 5:58:00 PM

nice create dewey stefen
CZECH REPUBLIC


Anorag 9/6/2023 9:24:00 AM

i just wrote this exam and it is still valid. the questions are exactly the same but there are about 4 or 5 questions that are answered incorrectly. so watch out for those. best of luck with your exam.
CANADA


Nathan 1/10/2023 3:54:00 PM

passed my exam today. this is a good start to 2023.
UNITED STATES


1 10/28/2023 7:32:00 AM

great sharing
Anonymous


Anand 1/20/2024 10:36:00 AM

very helpful
UNITED STATES


Kumar 6/23/2023 1:07:00 PM

thanks.. very helpful
FRANCE


User random 11/15/2023 3:01:00 AM

i registered for 1z0-1047-23 but dumps qre available for 1z0-1047-22. help me with this...
UNITED STATES


kk 1/17/2024 3:00:00 PM

very helpful
UNITED STATES


Raj 7/24/2023 10:20:00 AM

please upload oracle 1z0-1110-22 exam pdf
INDIA


Blessious Phiri 8/13/2023 11:58:00 AM

becoming interesting on the logical part of the cdbs and pdbs
Anonymous


LOL what a joke 9/10/2023 9:09:00 AM

some of the answers are incorrect, i would be wary of using this until an admin goes back and reviews all the answers
UNITED STATES


Muhammad Rawish Siddiqui 12/9/2023 7:40:00 AM

question # 267: federated operating model is also correct.
SAUDI ARABIA


Mayar 9/22/2023 4:58:00 AM

its helpful alot.
Anonymous


Sandeep 7/25/2022 11:58:00 PM

the questiosn from this braindumps are same as in the real exam. my passing mark was 84%.
INDIA


Eman Sawalha 6/10/2023 6:09:00 AM

it is an exam that measures your understanding of cloud computing resources provided by aws. these resources are aligned under 6 categories: storage, compute, database, infrastructure, pricing and network. with all of the services and typees of services under each category
GREECE


Mars 11/16/2023 1:53:00 AM

good and very useful
TAIWAN PROVINCE OF CHINA


ronaldo7 10/24/2023 5:34:00 AM

i cleared the az-104 exam by scoring 930/1000 on the exam. it was all possible due to this platform as it provides premium quality service. thank you!
UNITED STATES


Palash Ghosh 9/11/2023 8:30:00 AM

easy questions
Anonymous


Noor 10/2/2023 7:48:00 AM

could you please upload ad0-127 dumps
INDIA


Kotesh 7/27/2023 2:30:00 AM

good content
Anonymous


Biswa 11/20/2023 9:07:00 AM

understanding about joins
Anonymous


Jimmy Lopez 8/25/2023 10:19:00 AM

please upload oracle cloud infrastructure 2023 foundations associate exam braindumps. thank you.
Anonymous


Lily 4/24/2023 10:50:00 PM

questions made studying easy and enjoyable, passed on the first try!
UNITED STATES


John 8/7/2023 12:12:00 AM

has anyone recently attended safe 6.0 exam? did you see any questions from here?
Anonymous


Big Dog 6/24/2023 4:47:00 PM

question 13 should be dhcp option 43, right?
UNITED STATES


B.Khan 4/19/2022 9:43:00 PM

the buy 1 get 1 is a great deal. so far i have only gone over exam. it looks promissing. i report back once i write my exam.
INDIA


Ganesh 12/24/2023 11:56:00 PM

is this dump good
Anonymous


Albin 10/13/2023 12:37:00 AM

good ................
EUROPEAN UNION


Passed 1/16/2022 9:40:00 AM

passed
GERMANY