What is the name of the feature that allows the platform to apply URL filtering even when a Cloud
APP control policy explicitly permits a transaction?
Correct Answer: A
Explanation:
The feature that allows Zscaler to apply URL filtering even when a Cloud App control policy explicitly
permits a transaction is called Allow Cascading. This feature ensures that even if a cloud application
is permitted by the Cloud App control policy, the URL filtering policy can still be enforced. This is
useful in cases where granular URL control is needed on top of cloud app permissions, providing
layered security controls.
The study guide clearly explains that Allow Cascading enables URL filtering policies to cascade or take
precedence and thus still inspect and potentially block URLs even if the cloud app is allowed by
policy. This allows administrators to fine-tune access and ensure additional inspection layers on web
traffic.
Question 2
Which attack type is characterized by a commonly used website or service that has malicious content
like malicious JavaScript running on it?
Correct Answer: A
Explanation:
A Watering Hole Attack targets users by compromising a website orservice that is commonly visited by the intended victims. The attacker injects malicious content such as malicious JavaScript or malware into the website, so when the user visits the site, their system gets infected. This attack relies on the trust users have in popular or legitimate websites and exploits it by turning those sites into infection vectors. Pre-existing Compromise refers to attacks where the target environment is already compromised before the attack is recognized, but it does not specifically describe malicious content injected into popular websites. Phishing Attack involves deceiving users to click malicious links or reveal credentials, not compromising websites directly. Exploit Kits are automated tools that scan for vulnerabilities and deliver exploits but are not characterized by the use of commonly used websites hosting malicious scripts. The study guide clearly explains Watering Hole Attacks as a method where attackers infect trusted websites frequented by target users to deliver malicious payloads
Demo Practice Mode
You are viewing only the questions marked as Demo.