Cisco
CompTIA
ISC
EC-Council
EXIN
Fortinet
ITIL
Juniper
Microsoft
VMware
Avaya
SAP
Google
NVIDIA
Salesforce
Amazon
Palo Alto Networks
ISC2
Splunk
ServiceNow
All Vendors
  2. Home
  3. Exams
  4. Zscaler
  5. ZDTA

Zscaler ZDTA Exam
Zscaler Digital Transformation Administrator (Page 4 )

Updated On: 7-Feb-2026
Page 4 of 26
PDF with 178 Questions

A user is accessing a private application through Zscaler with SSL Inspection enabled.
Which certificate will the user see on the browser session?

  1. No certificate, as the session is decrypted by the Service Edge
  2. A self-signed certificate from Zscaler
  3. Real Server Certificate
  4. Zscaler generated MITM Certificate

Answer(s): D

Explanation:

When SSL Inspection is enabled and a user accesses a private application through Zscaler, the user will see a Zscaler generated MITM (Man-In-The-Middle) Certificate on their browser session. Zscaler intercepts and decrypts SSL/TLS traffic at the Service Edge and then re-encrypts it before forwarding it to the client, presenting its own certificate to maintain the security of the connection while enabling inspection.
This allows Zscaler to inspect encrypted traffic for threats and policy enforcement transparently without exposing the original server's certificate. The study guide clarifies this mechanism under SSL Inspection details.



What Malware Protection setting can be selected when setting up a Malware Policy?

  1. Isolate
  2. Bypass
  3. Block
  4. Do Not Decrypt

Answer(s): C

Explanation:

The valid Malware Protection setting selectable when configuring a Malware Policy in Zscaler is Block. This setting instructs the platform to block malicious files or activities detected by malware scanning engines.
Other settings like Isolate or Bypass are not standard malware policy actions in Zscaler's malware protection configuration. The "Do Not Decrypt" option relates to SSL inspection settings, not malware policy actions. The study guide specifies "Block" as the primary malware policy action to enforce protection.



Which are valid criteria for use in Access Policy Rules for ZPA?

  1. Group Membership, ZIA Risk Score, Domain Joined, Certificate Trust
  2. Username, Trusted Network Status, Password, Location
  3. SCIM Group, Time of Day, Client Type, Country Code
  4. Department, SNI, Branch Connector Group, Machine Group

Answer(s): A

Explanation:

Valid criteria for Access Policy Rules in ZPA include Group Membership, ZIA Risk Score, Domain Joined, and Certificate Trust. These attributes allow granular policy decisions based on user identity, device posture, and risk context.
Options including password are invalid as passwords are not used as policy criteria; similarly, SNI and Branch Connector Group are more relevant to other controls. The study guide lists these user and device attributes explicitly as policy criteria within ZPA access policies.



Which type of attack plants malware on commonly accessed services?

  1. Remote access trojans
  2. Phishing
  3. Exploit kits
  4. Watering hole attack

Answer(s): D

Explanation:

A Watering Hole Attack is characterized by attackers planting malware on websites or services that are commonly accessed by their intended victims. The goal is to infect users who visit these trusted sites by injecting malicious code or malware. This type of attack leverages the trust users place in frequently visited services to deliver malware covertly. Other options like Remote Access Trojans, Phishing, and Exploit Kits are attack types but do not specifically involve compromising commonly accessed services to plant malware.



What does the user risk score enable a user to do?

  1. Compare the user risk score with other companies to evaluate users vs other companies.
  2. Determine whether or not a user is authorized to view unencrypted data.
  3. Configure stronger user-specific policies to monitor & control user-level risk exposure.
  4. Determine if a user has been compromised

Answer(s): C

Explanation:

The user risk score enables organizations to configure stronger user-specific policies to monitor and control user-level risk exposure. This score reflects a user's risk posture based on behaviors and detected anomalies and helps in tailoring security policies to address individual risk levels.
While the score gives insight into user risk, it is primarily designed for adaptive policy enforcement rather than direct compromise detection or cross-company comparison. The study guide highlights that user risk scores drive policy adjustments to better secure user activity.






Post your Comments and Discuss Zscaler ZDTA exam prep with other Community members:

Join the ZDTA Discussion