Docsity
Docsity

Prepare for your exams
Prepare for your exams

Study with the several resources on Docsity


Earn points to download
Earn points to download

Earn points by helping other students or get them with a premium plan


Guidelines and tips
Guidelines and tips

Sophos engineer exam | Actual Questions and Answers Latest Updated 2024/2025 (Graded A+), Exams of Computer Security

That the cloned policy has been enforced - ✔✔You have cloned the threat protection base policy, applied the policy to a group and saved it. When checking the endpoint, the policy changes have not taken effect. What do you check in the policy 8190 - ✔✔Which TCP port is used to communicate policies to endpoint? To download updates from Sophos Central and store them on a dedicated server on your network - ✔✔What is the function of an update cache? Download and run the installer from Sophos Central - ✔✔Which of the following is a method of deploying endpoint protection? 8191 - ✔✔Which TCP port is used to communicate Updates on endpoint? False - ✔✔A message relay can be configured on a Server without an Update Cache.

Typology: Exams

2023/2024

Available from 08/30/2024

Holygrams
Holygrams 🇺🇸

3

(2)

1.2K documents

1 / 9

Toggle sidebar

Related documents


Partial preview of the text

Download Sophos engineer exam | Actual Questions and Answers Latest Updated 2024/2025 (Graded A+) and more Exams Computer Security in PDF only on Docsity! Sophos engineer exam | Actual Questions and Answers Latest Updated 2024/2025 (Graded A+) That the cloned policy has been enforced - ✔✔You have cloned the threat protection base policy, applied the policy to a group and saved it. When checking the endpoint, the policy changes have not taken effect. What do you check in the policy 8190 - ✔✔Which TCP port is used to communicate policies to endpoint? To download updates from Sophos Central and store them on a dedicated server on your network - ✔✔What is the function of an update cache? Download and run the installer from Sophos Central - ✔✔Which of the following is a method of deploying endpoint protection? 8191 - ✔✔Which TCP port is used to communicate Updates on endpoint? False - ✔✔A message relay can be configured on a Server without an Update Cache. True - ✔✔When protecting a MAC client, you must know the password of the administrator. Connects to a cloud server to check for the latest information about a file - ✔✔What is the function of live protection? To block specific applications from running on protected endpoints - ✔✔Which is the function of Application control? To connect Sophos security solutions in real time - ✔✔What is the function of Sophos Synchronized Security? Control access to websites based on their category - ✔✔What is the function of Web Control? To detect and stop compromised vulnerable applications - ✔✔What is the function of anti-exploit technology? Exploit technique detection - ✔✔Which feature of intercept X is designed to detect malware before it can execute? Data loss prevention rule - ✔✔You want to change an action for 'confidential' content. Where in Sophos Central do you make this change False - ✔✔Base policies can be disabled in Sophos Central. Threat Protection - ✔✔You are detecting low-reputation files and want to change the reputation level from recommended to strict. Which policy do you edit to make this change? Threat protection - ✔✔Which endpoint protection policy protects users against malicious network traffic? True - ✔✔TRUE or FALSE: Tamper protection must be disabled before removing Endpoint protection. Web Control - ✔✔Which endpoint protection policy do you edit to block users from visiting a specific website category? Threat Protection - ✔✔Which endpoint protection policy block access to malicious websites? False - ✔✔TRUE or FALSE: All Endpoints have the same endpoint password. Application Control - ✔✔Which feature allows you to restrict application? Add the path of the application to the server lockdown policy - ✔✔What is the recommended way to allow a new application to a locked down server? SophosLabs - ✔✔Which Sophos support tool do you use to find out the latest information about security threats? False - ✔✔TRUE or FALSE: All server protection features are enabled by default. Server lockdown - ✔✔Which feature allows you to restrict applications on a server True - ✔✔True or False: You can choose to send email alerts immediately, hourly, daily or never. Separate download that detects and removes malware - ✔✔The Virus Removal clean up tool is a... Licensing - ✔✔Where can an administrator view the license management types in the Enterprise Dashboard? The Partner Dashboard - ✔✔Which dashboard allows you to manage and apply global settings to multiple Sophos Central accounts? Account Details - ✔✔Where in Sophos Central Admin Console can you enable remote assistance? To enable all devices to communicate all policy and reporting data using a dedicated server on your network - ✔✔What is the function of a Message Relay? To prevent the use of removable media on protected endpoints - ✔✔What is the function of Peripheral Control? Global Settings and sever policy - ✔✔Which 2 places in Sophos Central do you add exclusions for servers? partnerportal.sophos.com - ✔✔Which URL address do you use to login to Sophos Central Partner Dashboard? True - ✔✔TRUE or FALSE: You can search for a malicious item across your network using EDR Data Loss Prevention - ✔✔You want to prevent users from copying database files to USB drives without blocking the use of all USB devices. Which policy do you need to configure? The Enterprise Dashboard - ✔✔Which dashboard allows you to view and apply global settings to multiple Sophos Central Accounts? Threat Protection - ✔✔In which policy do you enable deep learning? central.sophos.com - ✔✔Which URL address do you use to login to Sophos Central Admin Console? Login using the Launch Sophos Central Admin button in the Partner Dashboard - ✔✔How do you access a managed Sophos Central account to resolve alerts for your customer Using the Active Directory Sync Utility and import using CSV file - ✔✔Which 2 of the following are the methods for bulk importing users? Disable tamper protection in Sophos Central - ✔✔What is the first step you must take when removing Sophos Endpoint Protection from a Windows endpoint Monitors running processes' behaviour - ✔✔What is the function of on-access scanning The file info tab in the self-help tool - ✔✔You have a suspicious file on your endpoint. Which tool do you use to quickly scan the file System - ✔✔Which section in the Self-Help tool should be checked to start investigating an updating issue on an endpoint Tamper Protection is enabled - ✔✔The option to stop the AutoUpdate service is greyed out in Windows Services. What is the most likely reason for this? Encryption - ✔✔Which Sophos Central manage product protects the data on a lost or stolen laptop? False - ✔✔TRUE or FALSE: The security VM installer is linked to your Sophos Central account. That you have the correct role assigned - ✔✔You are unable to edit policies in Sophos Central. What do you check in Sophos Central? Master Licensing, Individual Licensing - ✔✔In which 2 ways can you license the Enterprise Dashboard? Prevents a user from uninstalling the Sophos agent software - ✔✔What does tamper protection prevent a user from doing on their endpoint with Sophos Central agent installed Events report - ✔✔Which report will give you information across all protected endpoints? The Self-Service Portal - ✔✔How do users view quarantined emails and manage device encryption for their protected endpoints SUMMARY - ✔✔Which tab on the device details page displays the tamper protection information Failed to protect an endpoint - ✔✔Which of the following alerts is categorized as a high alert? Failed to protect an endpoint - ✔✔Which of the following alerts is categorized as a high alert? False - ✔✔TRUE or FALSE: All Endpoints have the same tamper protection password.