Zscaler File Type Identification uses more than a file extension because attackers can rename files to bypass simple checks. The inspection process evaluates magic bytes, MIME type, and file extension to classify files more accurately before applying File Type Control policy. Option C (Magic bytes, mime type and file extension) is correct because those are the three inspection levels tested here.
Why the other options are incorrect:
A. Mime type, file extension and file size: MIME type is metadata declaring the content type of a transferred object.
B. File extension, content type and file size: File extension is the visible suffix such as .exe or .docx; it is useful but easy for attackers to rename.
D. Magic bytes, mime type and MS Office version: Magic bytes are header values inside a file that reveal the real file type even if the extension is changed.
Contribute your Thoughts:
Chosen Answer:
This is a voting comment (?). You can switch to a simple comment. It is better to Upvote an existing comment if you don't have anything to add.
Submit