ZTCA

Zscaler Zero Trust Certified Architect (ZTCA)

A comprehensive zero trust architect credential

Get certified now
zscaler-diagram-seven-elements

Overview

Zscaler Zero Trust Certified Architect (ZTCA), one of the industry’s most comprehensive zero trust certifications, helps network and security professionals attest their expertise in establishing a holistic, layered security approach based on zero trust principles.

The ZTCA certification course offers practical guidance on how to deliver effective control and visibility across zero trust initiatives, as well as contrasting zero trust approaches with legacy architectures. Finally, it explores architectural constructs for real-world implementation, including in the context of the Zscaler Zero Trust Exchange™.

Benefits

1

Become a zero
trust expert

2

Grow your career
opportunities

3

Learn at your
own pace


What will you learn?

Through a self-paced e-learning module, the ZTCA course will teach you the essential tenets of the zero trust strategy as you learn how to:

01 Apply strategic networking and security concepts to implement adaptive trust, reduce the attack surface, and mitigate overall risk.

02 Understand the fundamental components of a zero trust architecture, including verifying identity and context, inspecting all traffic, encrypted or not, and enforcing policy based on a dynamic risk framework.

03 Design and implement network security based on zero trust principles.

04 Implement the seven elements of a highly successful zero trust architecture to mitigate the inadequacies of legacy network and security architectures.

Course outline

01 A New World of Digital Transformation

02 Connecting to the Zero Trust Exchange

03 Section 1: Verify

  • Who is connecting?
  • What is the access context?
  • Where is the connection going?

 

04 Section 2: Control

  • Assess risk (adaptive control)
  • Prevent compromise
  • Prevent data loss

 

05 Section 3: Enforce

  • Enforce policy

 

06 Connecting to the Applications

Who is ZTCA certification for?

Security

  • Security administrators
  • Security engineer/analysts
  • Security architects
  • Security managers
  • Security consultants
  • Cybersecurity analysts
  • CISOs

 

Software

  • DevOps engineers
  • Software developers

 

IT

  • IT auditors
  • System engineers

 

Networking

  • Network architects
  • Network/Cloud engineers
  • Enterprise architects

 

Course outline

01 A New World of Digital Transformation

02 Connecting to the Zero Trust Exchange

03 Section 1: Verify

  • Who is connecting?
  • What is the access context?
  • Where is the connection going?

 

04 Section 2: Control

  • Assess risk (adaptive control)
  • Prevent compromise
  • Prevent data loss

 

05 Section 3: Enforce

  • Enforce policy

 

06 Connecting to the Applications

Who is ZTCA certification for?

  • Security administrators
  • Security engineer/analysts
  • Security architects
  • Security managers
  • Security consultants
  • Cybersecurity analysts
  • CISOs
  • IT auditors
  • System engineers
  • DevOps engineers
  • Software developers
  • Network architects
  • Network/Cloud engineers
  • Enterprise architects

Course outline

01 A New World of Digital Transformation

02 Connecting to the Zero Trust Exchange

03 Section 1: Verify

  • Who is connecting?
  • What is the access context?
  • Where is the connection going?

 

04 Section 2: Control

  • Assess risk (adaptive control)
  • Prevent compromise
  • Prevent data loss

 

05 Section 3: Enforce

  • Enforce Policy

 

06 Connecting to the Applications

Who is ZTCA certification for?

  • Security administrators
  • Security engineer/analysts
  • Security architects
  • Security managers
  • Security consultants
  • Cybersecurity analysts
  • CISOs
  • IT auditors
  • System engineers
  • DevOps engineers
  • Software developers
  • Network architects
  • Network/Cloud engineers
  • Enterprise architects

Certification and exam

The ZTCA exam is a two-hour online test consisting of 75 multiple-choice questions. Your purchase provides one test attempt, which you must use within 12 months.

There are no prerequisites to take the ZTCA exam.

Exam Code

ZTCA

Launch Date

November 14, 2022

Description

The ZTCA exam will verify the successful candidate has the knowledge and skills required to assess, recommend, and implement core Zscaler zero trust solutions.

Course Details

  • Introduction: An Overview of Zero Trust – 20 minutes
  • Section 1: Verify Identity & Context – 60 minutes
  • Section 2: Control Content & Access – 60 minutes
  • Section 3: Enforce Policy – 60 minutes
  • Summary: Zero Trust Architecture Deep Dive – 40 minutes

Number of Questions

75

Type of Questions

Multiple choice

Length of Test

120 minutes

Passing Score

80% (60 correct questions)

Languages

English

Price

US$300

Certification and exam

The ZTCA exam is a two-hour online test consisting of 75 multiple-choice questions. Your purchase provides one test attempt, which you must use within 12 months.

There are no prerequisites to take the ZTCA exam.

November 14, 2022

The ZTCA exam will verify the successful candidate has the knowledge and skills required to assess, recommend, and implement core Zscaler zero trust solutions.

  • Introduction: An Overview of Zero Trust – 20 minutes
  • Section 1: Verify Identity & Context – 60 minutes
  • Section 2: Control Content & Access – 60 minutes
  • Section 3: Enforce Policy – 60 minutes
  • Summary: Zero Trust Architecture Deep Dive – 40 minutes

Multiple choice

80% (60 correct questions)

English

US$300

Get certified

Customers & Guests

Sign in with your Zscaler Academy account to get started

Don’t have a Zscaler Academy account?

Partners

Sign in with your Zscaler Partner Academy account to get started

Don’t have a Zscaler Partner Academy account?

RESOURCES

Download exam study guide and prep materials

Need help? Email [email protected]

Zero Trust Glossary

A framework for securing organizations in the cloud and mobile world that asserts that no user or application should be trusted by default. Following a key zero trust principle, least-privileged access, trust is established based on context (e.g., user identity and location, the security posture of the endpoint, the app or service being requested) with policy checks at each step.

Zero Trust Network Access is a set of technologies and functionalities that enable secure access to internal applications for remote users. It operates on an adaptive trust model, where trust is never implicit, and access is granted on a need-to-know, least-privileged basis defined by granular policies. ZTNA gives remote users secure connectivity to private apps without placing them on the network or exposing the apps to the internet. ZTNA is also known as the software-defined perimeter (SDP).

A Zero Trust Architecture is a security architecture built to reduce a network's attack surface, prevent lateral movement of threats, and lower the risk of a data breach based on the core tenets of the zero trust approach, by which implicit trust is never granted to any user or device. The zero trust security model puts aside the traditional "network perimeter"—inside of which all devices and users are trusted and given broad permissions—in favor of least-privilege access controls, granular microsegmentation, and multifactor authentication (MFA).

Secure Access Service Edge is a framework defined by Gartner in 2019 as a way to securely connect entities, such as users and machines, to applications and services—from anywhere. SASE combines wide-area networking (WAN) capabilities with security functions, such as SWG, CASB, FWaaS, and ZTNA, into a single cloud-based solution that’s delivered as a service. Services are delivered at the “edge” of a distributed cloud architecture, pushing them as close as possible to users for a fast experience with the fewest hops. At a time when workers are increasingly working remotely and off the corporate network, SASE assists organizations in making a secure, seamless transition to the cloud from legacy hardware in data centers, while securing access to cloud applications and reducing costs.

The security service edge (SSE), as defined by Gartner, is a convergence of network security services—namely SWG, CASB, and ZTNA—delivered from a purpose-built cloud platform. Where SASE focuses on access services, as the name implies, you could consider SSE a subset of SASE focused squarely on security services.