I’m still pretty new to Zscaler in general, so it may be something glaringly obvious. I’ve created a FTC policy to block most file types (exe as an example) and have it scoped to a group which my test user belongs to and is for all protocols and all categories. I’ve been testing by downloading notepad++ exe from their site. The download is still being allowed what exactly am I missing? I’ve also tested with multiple browsers, Chrome being my main one with QUIC disabled. I’m only using ZIA at the moment and am off a trusted network. URL filtering is working as intended. What other information is needed to troubleshoot.