Question 1

When preparing to implement ZTA, some changes may be required. Which of the following components should the organization consider as part of their checklist to ensure a successful implementation?

Options :

A :

Vulnerability scanning, patch management, change management, and problem management

B :

Organization-s governance, compliance, risk management, and operations

C :

Incident management, business continuity planning (BCP), disaster recovery (DR), and training and awareness programs

D :

Visibility and analytics integration and services accessed using mobile devices

Answer: B

Question 2

What is the function of the rule-based security policies configured on the policy decision point (PDP)?

Options :

A : Define rules that specify how information can flow

B :

Define rules that specify multi-factor authentication (MFA) requirements

C : Define rules that map roles to users

D : Define rules that control the entitlements to assets

Answer: D

Question 3

How can we use ZT to ensure that only legitimate users can access a SaaS or PaaS? Select the best answer.

Options :

A :

Implementing micro-segmentation and mutual Transport Layer Security (mTLS)

B :

Configuring the security assertion markup language (SAML) service provider only to accept requests from the designated ZT gateway

C : Integrating behavior analysis and geofencing as part of ZT controls

D :

Enforcing multi-factor authentication (MFA) and single-sign on (SSO)

Answer: B

Question 4

Which architectural consideration needs to be taken into account while deploying SDP? Select the best answer.

Options :

A :

How SDP deployment fits into existing network topologies and technologies.

B : How SDP deployment fits into external vendor assessment.

C :

How SDP deployment fits into existing human resource management systems.

D : How SDP deployment fits into application validation.

Answer: A

Question 5

What does device validation help establish in a ZT deployment?

Options :

A : Connection based on user

B : High-speed network connectivity

C : Trusted connection based on certificate-based keys

D : Unrestricted public access

Answer: C