Zscaler interview questions and Answers
??AM ??IXIT ?
15?? ?????????????????? ||?????????????? || ??????????||?????????? ?????? || ???? || ???????????????????? ||??&?? || ??????|| ?????????? ???????????????? ||????????#?????????????????? || ?????????????? ????????????
Interview questions and Answers of Zscaler
Q1- What is Zscaler
Ans -
Zscaler provides the technology and expertise to guide and secure organizations on their digital transformation journeys. It help them move away from appliance-based network and security infrastructure models, replacing traditional inbound and outbound gateways with modern cloud-delivered services built for today’s business
Q2 — How many deployment models available -
Ans — We can deploy Zscaler using two methods -
1- IPSEC VPN
2- GRE Tunnel
1- IPSEC VPN -
The configuration of a VPN connection to the “Zscaler Cloud Security Platform”. The use of IPSec allows the use of dynamic WAN addresses on the client side
2- GRE Tunnel-
You can self provision your GRE tunnels to connect to the Zscaler service via the ZIA Admin Portal
Q3 — Difference between Tunnel 1.0 and Tunnel 2.0
Ans -
Tunnel 1.0 -
Z-Tunnel 1.0 forwards traffic to the Zscaler cloud via CONNECT requests, much like a traditional proxy. Version 1.0 sends all proxy-aware traffic or port 80/443 traffic to the Zscaler service, depending the forwarding profile configuration
Tunnel 2.0 -
Z-Tunnel 2.0 has a tunneling architecture that uses DTLS or TLS to send packets to the Zscaler service. Because of this, Z-Tunnel 2.0 is capable of sending all ports and protocols.
Use Tunnel 2.0 with below points-
1. Deploy Zscaler Client Connector 2.0.1 (and later) to your users.
2. Select Z-Tunnel 2.0 when configuring a forwarding profile with Tunnel mode and the packet filter driver is enabled.
3. Configure bypasses for Z-Tunnel 2.0 in Zscaler Client Connector profile. To learn more, see Best Practices for Adding Bypasses for Z-Tunnel 2.0.
Q4- what is CA in Zscaler
Ans -
The Zscaler Internet Access (ZIA) Central Authority (CA) is the brain and nervous system of a Zscaler cloud. It monitors the cloud and provides a central location for software and database updates, policy and configuration settings, and threat intelligence. The CA consists of one active server and two servers in passive standby mode. The active CA replicates data in real time to the two standby CAs, so any of them can become active at any time. Each server is hosted in a separate location to ensure fault tolerance.
领英推荐
Q5 — What is forwarding profile in Zscaler
Ans -
The forwarding profile tells Zscaler Client Connector how to treat traffic from your users’ systems in different network environments for the Zscaler Internet Access (ZIA) and Zscaler Private Access (ZPA) services
Define how Zscaler Client Connector treats traffic from your users’ systems for the ZIA service for On Trusted Network, VPN Trusted Network, Off Trusted Network, or Split VPN Trusted Network types
→> Tunnel
→> Tunnel with Local Proxy
→> Enforce Proxy
→> None
Tunnel -
In Tunnel mode, the app tunnels traffic at the network (IP) layer. It captures user traffic by setting IP routes on user devices. The app forwards all port 80/443 traffic to the Zscaler service through a routing mode tunnel called the Zscaler Tunnel (Z-tunnel)
Tunnel with Local Proxy —
In Tunnel with Local Proxy mode, Zscaler Client Connector sets proxy settings on user devices so that all proxy-aware traffic is tunneled to Zscaler. The app does this by automatically installing a PAC file on the system to force all traffic to go to the local host.
Enforce Proxy —
The Enforce option is selected by default and cannot be changed. This option allows Zscaler Client Connector to enforce your proxy settings by monitoring for network changes and reapplying settings. Zscaler Client Connector also ensures that users cannot tamper with their proxy settings
· Automatically Detect Settings
· Use Automatic Configuration Scrips
· Use Proxy Server for Your LAN
Q6- What is PAC file in Zscaler ?
Ans -
A proxy auto-configuration (PAC) file is a text file that instructs a browser to forward traffic to a proxy server, instead of directly to the destination server. It contains JavaScript that specifies the proxy server and optionally, additional parameters that specify when and under what circumstances a browser forwards traffic to the proxy server. For example, a PAC file can specify on what days of the week or what hours of the day traffic is sent to a proxy, or for which domains and URLs traffic is not sent to a proxy
For more such context - visit our website- https://techclick.in and follow on linkedin