A customer wants to set up an alert rule in ZDX to monitor the Wi-Fi signal on newly deployed laptops. What type of alert rule should they create?
Correct Answer: B
Explanation:
Zscaler Digital Experience (ZDX) organizes its telemetry and alerting around key domains:
Application, Network, and Device. Wi-Fi signal strength is a client-side characteristic of the endpoint itself, measured from the user’s device, not from the network path or the application service. In the ZDX training content, Wi-Fi signal, Wi-Fi link speed, CPU, memory, and similar metrics are clearly categorized under Device health. When creating an alert rule to monitor newly deployed laptops, the administratorshould therefore choose a Device-type alert and then select Wi-Fi signal–related metrics and thresholds. This allows ZDX to trigger alerts whenever the Wi-Fi signal on those endpoints falls below an acceptable level, helping operations teams quickly identify poor local wireless conditions that degrade user experience. Network alerts are intended for end-to-end path health (latency, packet loss, DNS resolution, gateway reachability, etc.), and Application alerts focus on performance and availability of specific apps or services. “Interface” as a standalone alert type is not how ZDX structures its top-level alert categories; interface-related metrics are surfaced as device-side attributes. Consequently, the correct classification for Wi-Fi signal monitoring in ZDX is a Device alert rule.
Question 2
What are the building blocks of App Protection?
Correct Answer: D
Explanation:
In Zscaler App Protection, the core design model is built around three fundamental building blocks
presented in a specific logical order: Profiles, Controls, and Policies. The Digital Transformation Engineer material explains that App Protection’s goal is to apply fine-grained security actions to applications and user sessions based on risk and context. First, Profiles define who is being governed. They group users or devices that share common characteristics (such as department, location, or risk level). Next, Controls define what actions are allowed, restricted, or inspected. Examples include limiting copy-and-paste, file uploads and downloads, printing, clipboard usage, or enforcing additional inspection for sensitive content and risky behaviors. Finally, Policies define when and where those controls are applied by mapping profiles to specific applications or traffic categories under defined conditions (such as user risk posture, device posture, or access method). Options A and B contain the same elements but in the wrong conceptual order compared to how App Protection is taught and implemented. Option C describes generic security concepts, not the explicit App Protection building-block terminology. Therefore, the correct sequence and terminology, matching the App Protection framework, is Profiles, Controls, Policies.
Question 3
Which connectivity service provides branches, on-premises data centers, and public clouds with fast and reliable internet access while enabling private applications with a direct-to-cloud architecture?
Correct Answer: D
Explanation:
Zscaler Zero Trust SD-WAN is specifically designed to give branches, on-premises data centers, and
workloads running in public clouds fast, reliable, and secure access to the internet and private applications using a direct-to-cloud architecture. In the Zscaler Digital Transformation Engineer curriculum, this service is positioned as the connectivity foundation that replaces legacy hub-andspoke MPLS and VPN designs with cloud-delivered Zero Trust connectivity. Instead of backhauling traffic to central data centers, branches and sites establish lightweight, policydriven tunnels directly to the Zscaler cloud, where security inspection and Zero Trust access decisions are applied. This architecture reduces latency, simplifies routing, and optimizes SaaS and internet performance while simultaneously enabling secure access to private applications without exposing them to the public internet. App Connectors (option C) are used for application-side connectivity in ZPA, not for full branch or data center connectivity. Browser Access(option B) provides clientless application access for users, not network-level site connectivity. “Zscaler Privileged Remote Access” (option A) is not the term used for this broad connectivity service. Therefore, the only option that matches the described direct-to-cloud, multi-site connectivity role is Zscaler Zero Trust SD-WAN.
Demo Practice Mode
You are viewing only the questions marked as Demo.