Zscaler ZDTE Exam - Topic 11 Question 8 Discussion

In the Zscaler Digital Transformation Engineer material, Zscaler Deception is introduced as an advanced threat-detection capability that is tightly integrated with the Zero Trust Exchange. The official description emphasizes that it is a simple, cloud-delivered, and highly effective targeted threat detection solution built on Zscaler's Zero Trust architecture, which is almost word-for-word reflected in option C.

Deception works by deploying high-fidelity decoys, lures, and credentials---designed to be indistinguishable from real assets---from the attacker's point of view. Any interaction with these decoys is inherently suspicious, yielding high-confidence, low-noise alerts that help security teams quickly identify lateral movement, credential theft, and post-compromise activity. The key point in the training is that this capability is delivered from the Zscaler cloud, leveraging the existing Zero Trust platform; it does not require additional on-premise detection servers or traditional network-centric sensors.

Options A and B reduce the concept to ''sets of decoys'' and ignore the integrated Zero Trust detection value and cloud-native delivery model. Option D incorrectly suggests on-prem server infrastructure as the foundation. The exam materials clearly frame Zscaler Deception as a Zero Trust--based targeted threat detection solution, making option C the correct choice.

===========