Zscaler Certified Technology Associate (ZDTA) — Question 67

A user is accessing a private application through Zscaler with SSL Inspection enabled. Which certificate will the user see on the browser session?

Answer options

• A. Zscaler generated MITM Certificate
• B. Real Server Certificate
• C. No certificate, as the session is decrypted by the Service Edge
• D. A self-signed certificate from Zscaler

Correct answer: A

Explanation

The correct answer is A because when SSL Inspection is enabled, Zscaler acts as a man-in-the-middle (MITM) and generates its own certificate to intercept and decrypt traffic. The Real Server Certificate (B) is not seen by the user since Zscaler replaces it. Option C is incorrect as a certificate is indeed presented, and D is not right because the certificate presented is Zscaler's MITM certificate, not a self-signed one.