INTERNSHIP REPORT

A Report Submitted
In Partial Fulfillment
for award of Bachelor of Technology

In
COMPUTER SCIENCE & ENGINEERING
(AIML)
By

HARSH TIWARI (Roll No. 2001331530076)

Under the Supervision of

Mr. Tushar Singhal
Sr. Manager, Engineering at
Zscaler

&
Saurabh Namdev

Computer Science & Engineering Department

School of Computer Science & Engineering and Information Technology
NOIDA INSTITUTE OF ENGINEERING AND TECHNOLOGY,
GREATER NOIDA
(An Autonomous Institute)
Affiliated to
DR. A.P.J. ABDUL KALAM TECHNICAL UNIVERSITY, LUCKNOW
May, 2024
 CSE AIML

DECLARATION

I hereby declare that the work presented in this report was carried out by me. I have not
submitted the matter embodied in this report for the award of any other degree or diploma of
any other University or Institute.

Name : Harsh Tiwari

Roll Number : 2001331530076

i
 CSE AIML

CERTIFICATE FROM THE INSTITUTE

Certified that Harsh Tiwari (Roll No: 2001331530076), has carried out the industrial work

presented in this Internship Report at Zscaler in partial fulfilment of the requirements for the

award of Bachelor of Technology, department name from Dr. APJ Abdul Kalam Technical

University, Lucknow under our supervision.

Signature Signature

Mr. Saurabh Namdev Mr. Md. Shahid

Associate Professor Head Of Department
AIML Computer Science
NIET Greater Noida NIET Greater Noida

Date:

ii
 CSE AIML

ACKNOWLEDGEMENT

I would like to express my gratitude towards Mr. Tushar Singhal and Saurabh Sir for their
guidance, support and constant supervision as well as for providing necessary information
during my internship.
My thanks and appreciations to respected Teachers, for their motivation and support
throughout.

iii
 CSE AIML

ABSTRACT

As a Associate Software Engineer at Zscaler, my journey has been one of continual learning
and growth, delving into the intricate realm of Unix/Linux systems and mastering the art of
automation through Ansible. This report serves as a comprehensive overview of my
experiences and progress thus far.

Starting from grasping the foundational principles of Unix/Linux systems, such as file
systems, processes, and user management, I've gained a deeper appreciation for their
robustness and flexibility. With each command executed and configuration tweaked, I've
honed my skills in troubleshooting and system optimization, essential for maintaining reliable
systems.

Throughout this journey, I've embraced the importance of adaptability in the face of constant
change. Whether navigating system outages or scaling demands, an adaptive mindset has
been crucial. It has enabled me to approach challenges with resilience and creativity, driving
continuous improvement in our reliability engineering efforts.

In this report, I'll delve into specific projects and initiatives undertaken, sharing both
successes and lessons learned along the way. Moreover, I'll outline future avenues for
exploration and improvement, as I continue to navigate the dynamic landscape engineering at
Zscaler.

iv
 CSE AIML

TABLE OF CONTENTS
Page No.
▪ Declaration
▪ Certificate from the institute
▪ Certificate from industry
▪ Acknowledgement
Abstract
o CHAPTER 1: INTRODUCTION

▪ ORGANIZATION OVERVIEW
▪ MISSION AND SCOPE
▪ UNDERSTANDING ASE QA

o CHAPTER 2: INTERNSHIP EXPERIENCE

▪ 2.1 TOOLS AND TECHNOLOGY USED

▪ 2.2 ROLES AND RESPONSIBILITIES OF THE INTERN
▪ 2.3 DETAILS OF WORK DONE
▪ 2.4 SKILLS LEARNT

o CHAPTER 3: CONCLUSION AND FUTURE WORK

o REFERENCES

1
 CSE AIML

CHAPTER 1
INTRODUCTION:

1.1 ORGANIZATION OVERVIEW

Zscaler: Redefining Cloud Security

Zscaler, established in 2008, has emerged as a global leader in cloud security, revolutionizing
the cybersecurity landscape with its innovative approach. Over the years, the company has
garnered acclaim for its cloud-native platform, which provides comprehensive security
solutions to organizations worldwide. This organization overview delves into the multifaceted
journey of Zscaler, from its humble beginnings to its current status as a trailblazer in the
cybersecurity industry.
History:
Zscaler's journey began in 2008 when Jay Chaudhry, a seasoned entrepreneur, recognized the
growing need for a cloud-centric approach to cybersecurity. With a vision to transform how
organizations secure their networks and data, Chaudhry founded Zscaler, laying the foundation
for what would become a groundbreaking venture in the field of cloud security. Since its
inception, Zscaler has experienced exponential growth, expanding its presence globally and
establishing itself as a trusted partner for businesses across industries.

Mission and Core Values:

At the heart of Zscaler's ethos lies a steadfast commitment to innovation, integrity, and
customer-centricity. The company's mission is to empower organizations to securely embrace
the transformative potential of the cloud, enabling them to thrive in an increasingly digital
world. Zscaler's core values—innovation, customer focus, integrity, and teamwork—serve as
guiding principles in all aspects of its operations, driving excellence and fostering a culture of
collaboration and accountability.

Leadership:
Zscaler operates the world's largest security-as-a-service (SaaS) cloud platform to provide the
industry's only 100% cloud-delivered web and mobile security solution. The highly scalable,
global, multi-cloud infrastructure features three key components: the Zscaler Central
Authority, ZIA Public Service Edges (formerly Zscaler Enforcement Nodes or ZENs), and
Nanolog clusters.

1
 CSE AIML

Products and Services:

Zscaler offers a comprehensive suite of cloud-native security solutions designed to protect
organizations from a wide range of cyber threats. At the core of its offerings is the Zscaler
Cloud Security Platform, which provides holistic security across network, cloud, and
endpoints. Key products and services offered by Zscaler include:
Zscaler Internet Access (ZIA): ZIA provides secure internet access for users, regardless of their
location, by routing traffic through the Zscaler cloud security platform. It offers advanced threat
protection, data loss prevention, and policy enforcement to safeguard users and data from cyber
threats.
Zscaler Private Access (ZPA): ZPA ensures secure access to internal applications and services
hosted in the data center or public cloud without exposing them to the internet. By
implementing a zero-trust access model, ZPA minimizes the risk of data breaches and insider
threats, ensuring robust security and compliance.
Zscaler Digital Experience (ZDX): ZDX delivers end-to-end visibility into the digital
experience of users, applications, and networks. It enables organizations to proactively identify
and resolve performance issues, ensuring optimal user experience and productivity.
Zscaler's innovative approach to cloud security has propelled it to the forefront of the
cybersecurity industry, earning accolades from customers, analysts, and industry experts alike.
With a robust and scalable platform, Zscaler is well-positioned to address the evolving security
challenges faced by organizations in an increasingly interconnected and digital world. The
company's relentless focus on innovation, coupled with its customer-centric ethos, has
cemented its reputation as a trusted partner for businesses seeking to enhance their security
posture and embrace the benefits of cloud computing.
Conclusion:
In conclusion, Zscaler's journey from its inception to its current standing as a global leader in
cloud security is a testament to its unwavering commitment to excellence, innovation, and
customer satisfaction. With a robust portfolio of products and services, a talented team of
professionals, and a steadfast dedication to its core values, Zscaler is well-positioned to shape
the future of cybersecurity and empower organizations to navigate the complexities of the
digital age with confidence and resilience.

2
 CSE AIML

1.2 MISSION AND SCOPE

Mission of Zscaler: Securing the Digital Transformation
Zscaler's Mission:
Zscaler's mission is to revolutionize cybersecurity by delivering cloud-native security solutions
that enable organizations to securely embrace the transformative potential of the cloud. By
leveraging the power of cloud computing, Zscaler aims to provide organizations with the
agility, scalability, and flexibility they need to thrive in an increasingly digital world. Through
continuous innovation, collaboration, and a relentless focus on customer needs, Zscaler strives
to empower organizations to securely connect users to applications and services, regardless of
their location or device, without compromising on performance or user experience.

Zscaler's Approach to Cybersecurity: The Zero Trust Model

In today's increasingly interconnected and dynamic digital landscape, traditional security

models that rely on perimeter-based defenses are no longer sufficient to protect against
sophisticated cyber threats. The Zero Trust model, championed by Zscaler, offers a paradigm
shift in cybersecurity that challenges the notion of trust within networks and adopts a "never
trust, always verify" approach.

Key Principles of the Zero Trust Model:

The Zero Trust model is grounded in several key principles that guide its implementation:
Verify Identity: Every access request, regardless of the source, is subject to strict verification
of the user's identity, device posture, and contextual information.
Least Privilege: Access privileges are granted based on the principle of least privilege, ensuring
that users have only the access necessary to perform their specific tasks and responsibilities.

3
 CSE AIML

Micro-Segmentation: Network segmentation is implemented at a granular level, dividing the

network into smaller, isolated segments to contain the lateral movement of threats and limit the
blast radius of potential breaches.
Continuous Monitoring: User interactions with network resources are continuously monitored
for any anomalous behavior or signs of compromise. Any deviations from normal usage
patterns trigger alerts, and access privileges are dynamically adjusted or revoked in real-time
to contain the potential threat.
Implementation of the Zero Trust Model:
To illustrate the implementation of the Zero Trust model, consider a typical scenario within a
corporate network:
Example: Secure Access to Internal Applications
An employee working remotely needs to access a sensitive internal application hosted in the
company's data center. In a traditional security model, once the employee's credentials are
authenticated, they are often granted broad access privileges to the entire network, posing a
significant security risk.
However, in a Zero Trust model implemented by Zscaler, the employee's access request
triggers a series of verification and authorization checks:
Identity Verification: The employee's identity is verified using multi-factor authentication
(MFA), ensuring that only authorized users are granted access to the network.
Device Posture Assessment: The security posture of the employee's device is evaluated to
ensure that it complies with the organization's security policies and standards. This includes
checks for operating system updates, antivirus software, and encryption status.
Contextual Information: Additional contextual information, such as the employee's location,
time of access, and previous login history, is taken into account to assess the risk level of the
access request.
Least Privilege Access: Based on the verification and authorization checks, the employee is
granted access only to the specific application or service required to perform their job function.
Access privileges are limited to the bare minimum necessary to fulfill the employee's role and
responsibilities.
Continuous Monitoring: Throughout the duration of the access session, the employee's
interactions with the internal application are continuously monitored for any signs of suspicious
activity or unauthorized access attempts. Any deviations from normal behavior trigger alerts,
prompting immediate investigation and remediation actions.
By implementing the Zero Trust model, Zscaler ensures that organizations can securely connect
users to applications and services, regardless of their location or device, while minimizing the
risk of data breaches and insider threats.
In conclusion, Zscaler's objective is to secure the digital transformation by providing
comprehensive cloud-based security solutions that protect organizations from cyber threats.

4
 CSE AIML

Through its mission-driven approach, guided by core values of innovation, customer focus,
integrity, and teamwork, Zscaler empowers organizations to securely embrace the
transformative potential of the cloud. By championing the Zero Trust model, Zscaler redefines
cybersecurity, ensuring that organizations can securely connect users to applications and
services in an increasingly interconnected and dynamic digital world.

Future Prospects:
Looking ahead, Zscaler is poised for continued growth and success in the rapidly evolving
cybersecurity landscape. As organizations increasingly rely on cloud computing and digital
technologies to drive innovation and growth, the demand for cloud-native security solutions is
expected to surge. Zscaler is well-positioned to capitalize on this trend, thanks to its scalable
cloud platform, comprehensive product portfolio, and global reach.

5
 CSE AIML

Understanding Quality Assurance (QA) in Software

Development:

1. Fundamentals of Quality Assurance (QA): QA in software development is about ensuring

that software products meet defined quality standards and perform as expected. It involves
testing software under various conditions to identify defects and ensure functionality, usability,
and reliability.

2. Role of a Quality Assurance Engineer (QA Engineer): As a QA Engineer, your role is to

verify and validate software to ensure it meets quality standards before release. You collaborate
closely with developers, project managers, and stakeholders to identify requirements, plan
testing strategies, execute test cases, and report defects.

3. Responsibilities of a Quality Assurance Engineer: Your responsibilities include:

- Creating test plans, test cases, and test scripts based on requirements and specifications.
- Executing manual and automated tests to verify software functionality, performance, and
security.
- Reporting and tracking defects using tools like Jira, ensuring timely resolution.
- Participating in requirements analysis and design reviews to provide input on testability
and quality.
- Conducting regression testing to ensure that software changes do not introduce new defects.
- Collaborating with cross-functional teams to improve overall software quality and release
processes.

4. Best Practices in Quality Assurance: Several best practices are crucial for effective QA:

- Test Automation: Automating repetitive test cases using tools like pytest to increase
efficiency and coverage.
- Continuous Testing: Integrating testing throughout the software development lifecycle to
catch defects early and ensure continuous improvement.

6
 CSE AIML

- Test Documentation: Maintaining comprehensive documentation of test cases, results, and

defects to facilitate communication and future testing efforts.
- Collaboration: Working closely with developers and other stakeholders to understand
requirements, clarify issues, and ensure alignment on quality goals.
- Process Improvement: Continuously evaluating and improving QA processes to enhance
efficiency, effectiveness, and overall software quality.

5. Impact of QA on Software Development: QA plays a critical role in delivering high-quality

software products. By identifying and fixing defects early in the development process, QA
helps reduce rework, lower costs, and improve customer satisfaction. Additionally, rigorous
QA practices contribute to increased confidence in software reliability and performance,
leading to greater trust and loyalty from users.

In conclusion, QA is an essential function in software development, ensuring that products

meet quality standards and perform as expected. By following best practices and leveraging
tools like pytest and Jira, QA Engineers contribute to the delivery of reliable, high-quality
software that meets the needs of users and stakeholders.

7
 CSE AIML

CHAPTER 2
INTERNSHIP EXPERIENCE

2.1 TOOLS AND TECHNOLOGIES USED

Pytest:
Pytest is a powerful Python testing framework that simplifies the process of writing and
executing tests. Its benefits include concise syntax, fixture support for setup and teardown,
robust test discovery, and compatibility with unittest and doctest, enhancing efficiency and
effectiveness in software testing.
JIRA:
Company-wide JIRA platform. Support escalates cases to Operations through JIRA.
Operations also uses
JIRA to track internal tasks.
Zscaler IP Address:
Reports your current public IP as viewed by remote webservers. If you are forwarding your
traffic through
a Zscaler proxy, this page will report the name of the proxy and the associated cloud, as well
as your
probable true gateway address. Also available over https:// .
http://ip.zscaler.com - Maintenance Guide - Support Guide
FreeBSD:
Brief Overview:
FreeBSD is a Unix-like open-source operating system derived from the Berkeley Software
Distribution (BSD), a Unix variant developed at the University of California, Berkeley.
FreeBSD is known for its advanced networking capabilities, performance, and security
features, making it well-suited for server and network infrastructure deployments.

8
 CSE AIML

Use Cases:
FreeBSD is primarily used in server environments for tasks such as web hosting, file serving,
network routing, and firewalling. It is also used in embedded systems, storage appliances, and
virtualization platforms. FreeBSD is favoured by system administrators, network engineers,
and developers for its stability, scalability, and security.

Advantages:
Networking Performance: FreeBSD is renowned for its networking performance and
scalability, with support for advanced networking features such as packet filtering, network
address translation (NAT), and quality of service (QoS).
Security: FreeBSD includes robust security features, including mandatory access controls
(MAC), role-based access controls (RBAC), and filesystem encryption, which help protect
against unauthorized access and mitigate security risks.
ZFS Filesystem: FreeBSD features the Zettabyte File System (ZFS), a powerful and scalable
filesystem that provides features such as data integrity verification, snapshotting, and
transparent compression, making it well-suited for data storage and archival.

Limitations:
Hardware Support: While FreeBSD has broad hardware support for server-class hardware,
compatibility issues may arise with certain desktop and laptop components, particularly
wireless adapters and graphics cards.
Software Availability: Although FreeBSD has a comprehensive ports collection and package
management system, some commercial software may not be available for FreeBSD-based
systems, limiting compatibility with certain proprietary applications.
Desktop Usability: FreeBSD's focus on server and network infrastructure deployments may
result in a less polished desktop experience compared to other operating systems, such as Linux
and macOS.

Example:
An example of FreeBSD usage is in network appliances. Many commercial networking
appliances, such as routers.

9
 CSE AIML

2.2 ROLES AND RESPONSIBILITIES OF QA

ASSOCIATE SOFTWARE ENGINEER

As a QA Associate Software Engineer, my role is pivotal in upholding the quality,

functionality, and reliability of our company's software products. My responsibilities span
various domains, from comprehending software architecture to executing test cases and
contributing to quality enhancement endeavors. Let's delve into my tailored roles and
responsibilities:

1. Understanding Software Architecture:

My journey begins by grasping the intricacies of our software architecture, components, and
technologies. This entails acquainting myself with the application's functionalities, interfaces,
and underlying infrastructure to adeptly evaluate quality requisites and devise effective testing
strategies.

2. Test Automation and Tooling:

Automation serves as the cornerstone of contemporary QA practices. I learn and apply
automation tools and techniques to streamline our testing processes. This may include utilizing
frameworks like pytest for automated test execution, implementing continuous integration
pipelines, and integrating testing into our software development lifecycle.

3. Test Execution and Reporting:

Executing test cases and reporting defects are core responsibilities of my role. I execute manual
and automated test cases, verify software functionality, and report defects using tools such as
Jira. Additionally, I ensure comprehensive test coverage and provide detailed test reports to
stakeholders, contributing to our software quality assurance efforts.

4. Collaboration and Communication:

Collaboration with cross-functional teams is essential for successful QA initiatives. I work
closely with developers, product managers, and other stakeholders to understand requirements,
clarify issues, and ensure alignment on quality goals. Effective communication of testing
results, issues, and recommendations fosters collaboration and facilitates timely resolution of
quality-related concerns.

10
 CSE AIML

5. Continuous Improvement and Innovation:

QA is a dynamic field that requires continuous learning and improvement. I actively participate
in quality improvement initiatives, proposing ideas for process enhancements, tooling
improvements, and innovation projects. Embracing a culture of continuous improvement
fosters innovation and drives positive change in our software quality practices.

6. Documentation and Knowledge Sharing:

Documenting test cases, procedures, and best practices is essential for knowledge sharing and
consistency in QA processes. I contribute to creating and maintaining documentation
repositories, including test plans, test cases, and testing guidelines. Sharing knowledge through
wikis or documentation platforms facilitates onboarding and enables self-service for team
members.

7. Quality Assurance Advocacy:

As a QA Associate Software Engineer, I advocate for quality throughout our software
development lifecycle. This involves promoting QA best practices, raising awareness of quality
issues, and championing quality initiatives within the organization. By emphasizing the
importance of quality assurance, I contribute to building a culture of quality and excellence.

In conclusion, my roles and responsibilities as a QA Associate Software Engineer encompass

understanding software architecture, test automation, test execution, collaboration, continuous
improvement, documentation, and quality advocacy. By embracing these responsibilities, I
play a critical role in ensuring the quality and reliability of our company's software products,
contributing to overall customer satisfaction and business success.

2.3 Details of Work Done:

11
 CSE AIML

Zscaler Internet Access (ZIA) Architecture:

During my internship, I immersed myself in understanding the intricacies of Zscaler Internet

Access (ZIA) architecture, a pivotal component of the company's cloud-based security
platform. ZIA architecture comprises several interconnected elements designed to ensure
secure internet access for users while maintaining robust protection against cyber threats. These
components include:

Zscaler Enforcement Nodes (ZENs): ZENs act as gateways between users and the internet,
intercepting and scrutinizing inbound and outbound traffic for potential security risks. They
enforce security policies, such as URL filtering, application control, and threat prevention, to
safeguard users from malicious content and cyber attacks.
Zscaler Central Authority (ZCA): ZCA serves as the nerve center of the ZIA deployment,
orchestrating policy enforcement, configuration management, and reporting across the entire
infrastructure. It provides administrators with centralized visibility and control over network
traffic and security posture, facilitating efficient management and compliance monitoring.
Zscaler Nanolog Streaming Service (NSS): NSS facilitates the real-time streaming of security
logs and telemetry data from ZENs to external Security Information and Event Management
(SIEM) systems. By analyzing and correlating this data, organizations can identify security
incidents, detect anomalies, and respond promptly to emerging threats, bolstering their cyber
defense capabilities.
Within the Zscaler Nanolog Streaming Service (NSS), two integral components are the Clear
Log Receiver (CLR) and the Stream Meta-data and Sessionization Module (SMSM). Both
components play vital roles in processing and analyzing security logs and telemetry data
streamed from Zscaler Enforcement Nodes (ZENs) to external Security Information and Event
Management (SIEM) systems. Let's delve into each component's functions and significance:

12
 CSE AIML

1. Clear Log Receiver (CLR):

The Clear Log Receiver (CLR) serves as the primary entry point for receiving and processing
security logs and telemetry data from ZENs. Its key functions include:

Data Ingestion: CLR ingests raw log data streams generated by ZENs as a result of security
events, policy enforcement actions, and network activity monitoring. These logs contain
valuable information about user activities, application usage, traffic patterns, and security
incidents occurring within the network.
Normalization and Parsing: CLR normalizes and parses incoming log data to extract relevant
information, such as source IP addresses, destination IP addresses, URLs, user identities,
timestamps, and event types. This process involves standardizing log formats, parsing log
fields, and enriching log entries with contextual metadata.
Data Enrichment: CLR enriches log data with additional context and metadata, such as
geolocation information, threat intelligence indicators, and user attributes, obtained from
external sources or internal databases. This enrichment enhances the quality and relevance of
log data for subsequent analysis and correlation.
Routing and Forwarding: CLR routes processed log data to downstream components within
the NSS architecture, such as the Stream Meta-data and Sessionization Module (SMSM), for
further processing, analysis, and storage. It ensures timely delivery of log data to SIEM systems
and other security analytics platforms for real-time monitoring and incident response.
2. Stream Meta-data and Sessionization Module (SMSM):

The Stream Meta-data and Sessionization Module (SMSM) is responsible for analyzing and
sessionizing security logs and telemetry data received from CLR, enabling advanced
correlation, analysis, and visualization of network activities. Its key functions include:

Sessionization: SMSM aggregates and organizes individual log entries into logical sessions
based on network flows, user sessions, or application transactions. This sessionization process
groups related log entries together, allowing analysts to analyze network activities and security
events in the context of complete sessions.
Meta-data Enrichment: SMSM enriches sessionized data with additional meta-data, context,
and behavioral analytics derived from advanced analytics engines, threat intelligence feeds,
and machine learning algorithms. This enrichment enhances the depth and accuracy of security
insights, enabling better detection and response to emerging threats.

13
 CSE AIML

Behavioral Analysis: SMSM performs behavioral analysis on sessionized data to identify

patterns, anomalies, and indicators of compromise indicative of malicious activity or security
breaches. It leverages advanced analytics techniques, such as anomaly detection, statistical
modeling, and machine learning, to detect deviations from normal behavior and flag suspicious
activities for further investigation.
Alerting and Reporting: SMSM generates alerts and reports based on detected security
incidents, policy violations, or anomalous behavior observed in sessionized data. It provides
security analysts and incident responders with actionable intelligence and insights to prioritize
and respond to security incidents effectively.
By combining the capabilities of CLR and SMSM within the NSS architecture, Zscaler enables
organizations to gain comprehensive visibility into their network traffic, detect and mitigate
security threats in real-time, and ensure compliance with regulatory requirements and industry
standards.
My internship involved gaining a deep understanding of these architectural components, their
interdependencies, and their collective role in delivering comprehensive cloud security services
to customers. Through hands-on exploration and collaboration with experienced SREs, I
acquired insights into the operational intricacies and best practices associated with managing
and optimizing ZIA deployments.

General Security Precautions:

As part of my internship, I actively participated in implementing general security precautions
aimed at fortifying the company's cyber defense posture and safeguarding critical assets from
potential threats. These security precautions encompassed a holistic approach to security risk
management and mitigation, focusing on:

Employee Education and Awareness: Promoting a culture of cybersecurity awareness among

employees through comprehensive training programs, workshops, and awareness campaigns.
Educating employees about common cyber threats, phishing attacks, and best practices for
password hygiene, data protection, and incident reporting.
Access Control and Authentication: Implementing robust access control measures to restrict
unauthorized access to sensitive systems and data. Enforcing strong authentication
mechanisms, such as multi-factor authentication (MFA), to verify the identity of users and
mitigate the risk of credential theft and unauthorized access.
Endpoint Security: Deploying endpoint protection solutions, including antivirus software,
endpoint detection and response (EDR) tools, and mobile device management (MDM)
solutions, to defend against malware infections, data breaches, and unauthorized access
attempts targeting endpoint devices.
Data Encryption and Privacy: Implementing encryption mechanisms, such as encryption-at-
rest and encryption-in-transit, to protect sensitive data from unauthorized access and

14
 CSE AIML

interception. Adhering to data privacy regulations and industry standards to ensure compliance
with legal and regulatory requirements governing the collection, storage, and processing of
personal and sensitive information.
By actively contributing to the implementation of these general security precautions, I gained
firsthand experience in addressing cybersecurity challenges and fostering a culture of resilience
and vigilance within the organization.

In summary, my internship experience encompassed a diverse range of tasks, including

exploring ZIA architecture, implementing general security precautions, mastering Unix file
handling pytest and jira for automation tasks. These experiences equipped me with valuable
skills and knowledge relevant to site reliability engineering, cybersecurity, and infrastructure
automation, laying a solid foundation for my professional growth and development in the field.

2.4 Skills Learned:

1. Zscaler Internet Access (ZIA) Working:

During my internship, I delved deeply into understanding the intricate workings of Zscaler
Internet Access (ZIA), a cloud-based security platform designed to provide secure internet
access for users while ensuring robust protection against cyber threats. I learned about the core
components and functionalities of ZIA, including:

- Zscaler Enforcement Nodes (ZENs): These nodes serve as the frontline defense, intercepting
and inspecting all internet-bound traffic from users, regardless of their location or device. ZENs
enforce security policies, such as URL filtering, application control, and threat prevention, to
safeguard users from malicious content and cyber attacks.

- Zscaler Central Authority (ZCA): Acting as the centralized management and control plane
for ZIA deployments, ZCA orchestrates policy enforcement, configuration management, and
reporting across the entire infrastructure. It provides administrators with centralized visibility
and control over network traffic and security posture, facilitating efficient management and
compliance monitoring.

- Zscaler Nanolog Streaming Service (NSS): NSS enables the real-time streaming of security
logs and telemetry data from ZENs to external Security Information and Event Management
(SIEM) systems. It allows organizations to analyze and correlate security events, detect
anomalies, and respond promptly to emerging threats, bolstering their cyber defense
capabilities.

15
 CSE AIML

Throughout my internship, I gained hands-on experience with ZIA, exploring its architecture,
configuration options, and operational best practices. By working closely with experienced
SREs, I developed a deep understanding of ZIA's role in enhancing cybersecurity posture and
ensuring secure internet access for organizations worldwide.

2. Cyber Precautions:

Understanding the critical importance of cybersecurity in today's digital landscape, I immersed

myself in learning about various cyber precautions and best practices aimed at mitigating the
risk of cyber attacks within the company's infrastructure. These precautions encompassed a
holistic approach to cybersecurity risk management, focusing on:

- Access Control and Authentication: Implementing robust access control measures to restrict
unauthorized access to sensitive systems and data. This involved enforcing strong
authentication mechanisms, such as multi-factor authentication (MFA), to verify the identity
of users and mitigate the risk of credential theft and unauthorized access.

- Patch Management: Regularly applying security patches and updates to operating systems,
software applications, and network devices to address known vulnerabilities and security flaws.
This proactive approach to patch management helps reduce the attack surface and minimize
the risk of exploitation by cyber adversaries.

- Employee Education and Awareness: Promoting a culture of cybersecurity awareness among

employees through comprehensive training programs, workshops, and awareness campaigns.
Educating employees about common cyber threats, phishing attacks, and best practices for
password hygiene, data protection, and incident reporting fosters a security-conscious mindset
and strengthens the organization's overall cyber defense posture.

- Endpoint Security: Deploying endpoint protection solutions, including antivirus software,

endpoint detection and response (EDR) tools, and mobile device management (MDM)
solutions, to defend against malware infections, data breaches, and unauthorized access
attempts targeting endpoint devices. Securing endpoints is crucial for protecting sensitive data
and preventing security incidents originating from compromised devices.

By actively implementing these cyber precautions, I contributed to enhancing the company's

cybersecurity resilience and reducing the likelihood of successful cyber attacks, safeguarding
critical assets and maintaining business continuity.

16
 CSE AIML

3. Unix and Linux Architecture:

Exploring the architecture of Unix and Linux operating systems, I gained a comprehensive
understanding of their modular design and underlying components. Unix and Linux
architectures comprise several key elements, including:

- Kernel: Serving as the core component, the kernel is responsible for managing hardware
resources, providing essential services such as process management, memory allocation, and
device drivers, and facilitating communication between software applications and hardware
components. The kernel plays a crucial role in ensuring the stability, reliability, and
performance of the operating system.

- Shell: Acting as the interface between users and the operating system, the shell interprets
user commands and executes them. Unix and Linux offer various shell options, such as Bash,
Zsh, and KornShell, each with its unique features and capabilities. The shell provides users
with a powerful command-line interface (CLI) for interacting with the system, performing
system administration tasks, and automating routine operations through shell scripting.

- Utilities: Unix and Linux systems come bundled with a rich set of command-line utilities
for file manipulation, text processing, system administration, networking, and more. These
utilities provide users with powerful tools for managing files and directories, searching and
processing text data, configuring system settings, monitoring system performance, and
troubleshooting issues.

- Applications: In addition to the core operating system components, Unix and Linux support
a vast ecosystem of applications and software packages tailored for various use cases and
industries. From web servers and databases to development tools and productivity applications,
Unix and Linux platforms offer a wide range of software options to meet diverse needs and
requirements.

By gaining insights into Unix and Linux architecture, I developed a solid foundation in system
administration, shell scripting, and application deployment, essential for supporting the
company's infrastructure and ensuring its reliability and performance.

4. Advantages of Unix and Linux for Servers:

17
 CSE AIML

Unix and Linux are widely regarded as preferred choices for server environments due to their
numerous advantages, including:

- Stability and Reliability: Unix and Linux operating systems are renowned for their stability,
reliability, and robustness, making them ideal platforms for hosting critical services and
applications. Their mature and battle-tested architectures, coupled with extensive community
support and continuous development efforts, ensure dependable performance and uptime for
server deployments.

- Scalability and Performance: Unix and Linux platforms offer excellent scalability and
performance capabilities, allowing organizations to scale their server infrastructure to meet
growing demand and handle increasing workloads effectively. Their efficient resource
management, multi-user support, and optimized kernel design enable superior performance and
responsiveness, even under heavy loads.

- Security: Unix and Linux systems are inherently secure by design, with built-in security
features and mechanisms to protect against common threats and vulnerabilities. Their privilege
separation model, discretionary access control (DAC), mandatory access control (MAC), and
robust authentication mechanisms contribute to a strong security posture, reducing the risk of
unauthorized access and data breaches.

-Open-Source Ecosystem: Unix and Linux benefit from vibrant open-source ecosystems,
comprising a vast array of software packages, tools, and utilities freely available for use and
customization. This rich ecosystem fosters innovation, collaboration, and community-driven
development, empowering organizations to leverage cutting-edge technologies and solutions
to address their unique server requirements.

-Cost-Effectiveness:Unix and Linux offer compelling cost advantages compared to proprietary

alternatives, with no licensing fees or vendor lock-in. Organizations can leverage open-source
software and community-supported distributions to build and maintain their server
infrastructure at a fraction of the cost, optimizing resource allocation and maximizing return
on investment (ROI).

By leveraging the advantages of Unix and Linux for server deployments, organizations can
achieve greater flexibility, scalability, performance, and cost-effectiveness, driving business
growth and innovation in today's dynamic digital landscape.

18
 CSE AIML

5.FreeBSD and its Features:

Exploring FreeBSD, a Unix-like operating system renowned for its performance, reliability,
and advanced networking capabilities, I discovered its unique features and advantages.
FreeBSD offers several key features that make it well-suited for server environments,
including:

Networking Stack: FreeBSD boasts a highly optimized and scalable networking stack, capable
of handling high volumes of network traffic

19
 CSE AIML

CHAPTER 3
Conclusion:

In wrapping up my internship, I've gained invaluable insights and practical skills in quality
assurance, cybersecurity, infrastructure automation, and server management, all tailored to my
role as an Associate Software Engineer in Quality Assurance (ASE QA). Through hands-on
exploration and guided learning, I've deepened my understanding of technologies such as
Zscaler Internet Access (ZIA), Unix and Linux architecture, FreeBSD cybersecurity best
practices and automation techniques, directly relevant to my responsibilities in ensuring the
quality and reliability of our software products.

During my internship tenure, I've delved into the intricacies of Zscaler Internet Access (ZIA),
comprehending its pivotal role in furnishing secure internet access while bolstering defenses
against cyber threats. My exploration extended to understanding ZIA's architecture,
configuration options, and operational best practices, granting me hands-on experience with
core components like Zscaler Enforcement Nodes (ZENs) and Zscaler Central Authority
(ZCA). This knowledge equips me to contribute effectively to cybersecurity initiatives and
fortify our organization's security posture from a QA perspective, ensuring the integrity of our
software products.

Additionally, I've gained practical experience in leveraging pytest and selenium, an automation
tool, which are crucial for ensuring the quality and reliability of our software products.

Overall, this internship has been a transformative experience, furnishing me with a solid
foundation in site reliability engineering, cybersecurity, and infrastructure automation, all of
which are directly pertinent to my role as an ASE QA. I've cultivated valuable skills and
competencies that hold relevance in today's dynamic and evolving IT landscape, positioning
me to effectively ensure the quality, functionality, and reliability of our software products from
a quality assurance standpoint.

Future Work:

20
 CSE AIML

Looking ahead, I'm enthusiastic about exploring several areas of future work and development,
building on the knowledge and skills acquired during my internship:

1. Advanced Cybersecurity Training: Given the evolving nature of cyber threats, I aim to
undergo advanced cybersecurity training tailored to my role in quality assurance. Specialized
certifications in areas such as ethical hacking, incident response, and threat intelligence
analysis will equip me with the expertise to detect, mitigate, and respond to cyber threats
effectively, thereby ensuring the security and integrity of our software products from a quality
assurance standpoint.

2. Infrastructure Automation and Orchestration: Building on my experience with Ansible, I

aspire to delve into advanced automation and orchestration tools and techniques for managing
complex IT environments at scale, all of which are crucial for ensuring the quality,
functionality, and reliability of our software products from a quality assurance standpoint. This
entails exploring containerization platforms like Docker and Kubernetes, infrastructure as code
(IaC) frameworks such as Terraform, and continuous integration and continuous deployment
(CI/CD) pipelines for automated software delivery.

3. Cloud Computing and DevOps Practices: With the escalating adoption of cloud computing
and DevOps methodologies, I'm keen on enhancing my proficiency in cloud platforms like
AWS, Azure, and Google Cloud Platform (GCP), alongside DevOps practices and principles.
Practical exposure to cloud-native technologies, microservices architectures, and automated
deployment pipelines will enable me to spearhead digital transformation initiatives and
expedite software delivery cycles, thereby ensuring the quality, functionality, and reliability of
our software products from a quality assurance standpoint.

By pursuing these avenues of future work and development, I aim to further expand my
expertise, advance my career, and make meaningful contributions to the realms of IT operations
and cybersecurity, all of which are directly relevant to my role as an ASE QA. I'm excited
about the opportunities that lie ahead and remain steadfast in my commitment to continuous
learning and professional growth in pursuit of excellence.

21
 CSE AIML

REFERENCES
1. Zscaler. (n.d.). Zscaler Internet Access (ZIA). Retrieved from
https://www.zscaler.com/products/zscaler-internet-access
2. Zscaler. (n.d.). Zscaler Nanolog Streaming Service (NSS). Retrieved from
https://www.zscaler.com/products/nanolog-streaming-service
3. Stallings, W. (2015). Operating Systems: Internals and Design Principles (8th
Edition). Pearson.
4. FreeBSD. (n.d.). Introduction to FreeBSD. Retrieved from
https://www.freebsd.org/doc/en_US.ISO8859-
1/books/handbook/introduction.html
5. Ansible. (n.d.). Ansible Documentation. Retrieved from
https://docs.ansible.com/
6. Red Hat. (n.d.). What is Ansible? Retrieved from
https://www.redhat.com/en/topics/automation/what-is-ansible
7. Nishanth, S. (2021). Mastering Ansible - Third Edition. Packt Publishing.
8. National Institute of Standards and Technology (NIST). (n.d.). NIST Special
Publication 800-53 Revision 5: Security and Privacy Controls for Information
Systems and Organizations. Retrieved from
https://csrc.nist.gov/publications/detail/sp/800-53/rev-5/final
9. Zscaler. (n.d.). Zscaler Private Access (ZPA). Retrieved from
https://www.zscaler.com/products/zscaler-private-access

22