Exam ZDTE Topic 1 Question 20 Discussion

Actual exam question for Zscaler's ZDTE exam
Question #: 20
Topic #: 1
What is a digital entity that would be identified by Zscaler External Attack Surface Management?

Suggested Answer: A Vote an answer

Zscaler External Attack Surface Management (EASM) is focused on discovering and monitoring an organization's internet-facing digital assets. In the Engineer curriculum, EASM is described as continuously identifying domains, subdomains, hostnames, IP addresses, TLS certificates, and cloud services that are exposed to the public internet. A key example used in the training is hostnames that "leak" internal context, such as environment names, projects, technologies, or business units. These hostnames are treated as digital entities because they represent externally reachable services and can give valuable clues to an attacker during reconnaissance.
By contrast, SSL inspection certificates installed on endpoints are internal controls and not part of the external attack surface. A Zscaler App Connector is designed to initiate only outbound connections and is intentionally not directly reachable from the internet, so its IP address is not an EASM discovery target. Likewise, lists of compromised usernames and passwords relate to threat intelligence and identity protection, not the mapping of exposed assets. Therefore, the only option that correctly matches the type of digital entity EASM is meant to identify is a service hostname that contains revealing information.

by Sylvia at Feb 24, 2026, 03:31 AM

Comments

Chosen Answer:
This is a voting comment (?) , you can switch to a simple comment.
Switch to a voting comment New
Nick name: Submit Cancel
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

0
0
0
10