Zscaler Certified Technology Associate (ZDTA) — Question 31

Which of the following scenarios would generate a “Patient 0” alert?

Answer options

• A. Zscaler's AI/ML based Smart Browser Isolation was triggered due to a users accessing a newly-registered domain.
• B. A new malicious file was detected by the sandbox due to an “allow and scan” First-Time Action in the sandbox policy.
• C. A new malicious file was detected by the sandbox due to an “quarantine” First-Time Action in the sandbox policy.
• D. Zscaler detected a HIPAA violation with in-band Data Protection scanning.

Correct answer: B

Explanation

The correct answer is B because the 'allow and scan' action indicates that a potentially harmful file was permitted to execute and was subsequently flagged by the sandbox, which can lead to a 'Patient 0' alert. Options A, C, and D do not involve the detection of a new malicious file in a manner that would trigger this specific alert, with C involving a quarantine that does not allow for execution.