Zscaler ZDTE Exam - Topic 5 Question 5 Discussion

In Zscaler 3rd-Party App Governance documentation, the App Inventory is where administrators view and manage all discovered third-party apps, add-ons, and extensions. The ''Classifying Apps'' help article defines the available states: Unclassified, Sanctioned, Reviewing, and Unsanctioned. Crucially, it notes that Unclassified is the default state for any new application before an administrator evaluates it.

''Sanctioned'' is used once the organization has explicitly approved an app for use; ''Unsanctioned'' is used when an app is not allowed; and ''Reviewing'' indicates it is under investigation. Those labels are the result of governance decisions applied after discovery.

ZDTE study materials on SaaS and app governance mirror this behavior: newly discovered apps enter the inventory without an explicit decision, allowing security teams to triage risk, review permissions, and only then mark them as sanctioned or unsanctioned. Because the default state for a new entry is explicitly documented as Unclassified, the correct answer is D. Unclassified.