Download Sophos engineer exam | Actual Questions and Answers Latest Updated 2024/2025 (Graded A+) and more Exams Computer Security in PDF only on Docsity! Sophos engineer exam | Actual Questions and Answers Latest Updated 2024/2025 (Graded A+) That the cloned policy has been enforced - ✔✔You have cloned the threat protection base policy, applied the policy to a group and saved it. When checking the endpoint, the policy changes have not taken effect. What do you check in the policy 8190 - ✔✔Which TCP port is used to communicate policies to endpoint? To download updates from Sophos Central and store them on a dedicated server on your network - ✔✔What is the function of an update cache? Download and run the installer from Sophos Central - ✔✔Which of the following is a method of deploying endpoint protection? 8191 - ✔✔Which TCP port is used to communicate Updates on endpoint? False - ✔✔A message relay can be configured on a Server without an Update Cache. True - ✔✔When protecting a MAC client, you must know the password of the administrator. Connects to a cloud server to check for the latest information about a file - ✔✔What is the function of live protection? To block specific applications from running on protected endpoints - ✔✔Which is the function of Application control? To connect Sophos security solutions in real time - ✔✔What is the function of Sophos Synchronized Security? Control access to websites based on their category - ✔✔What is the function of Web Control? To detect and stop compromised vulnerable applications - ✔✔What is the function of anti-exploit technology? Exploit technique detection - ✔✔Which feature of intercept X is designed to detect malware before it can execute? Data loss prevention rule - ✔✔You want to change an action for 'confidential' content. Where in Sophos Central do you make this change False - ✔✔Base policies can be disabled in Sophos Central. Threat Protection - ✔✔You are detecting low-reputation files and want to change the reputation level from recommended to strict. Which policy do you edit to make this change? Threat protection - ✔✔Which endpoint protection policy protects users against malicious network traffic? True - ✔✔TRUE or FALSE: Tamper protection must be disabled before removing Endpoint protection. Web Control - ✔✔Which endpoint protection policy do you edit to block users from visiting a specific website category? Threat Protection - ✔✔Which endpoint protection policy block access to malicious websites? False - ✔✔TRUE or FALSE: All Endpoints have the same endpoint password. Application Control - ✔✔Which feature allows you to restrict application? Add the path of the application to the server lockdown policy - ✔✔What is the recommended way to allow a new application to a locked down server? SophosLabs - ✔✔Which Sophos support tool do you use to find out the latest information about security threats? False - ✔✔TRUE or FALSE: All server protection features are enabled by default. Server lockdown - ✔✔Which feature allows you to restrict applications on a server True - ✔✔True or False: You can choose to send email alerts immediately, hourly, daily or never. Separate download that detects and removes malware - ✔✔The Virus Removal clean up tool is a... Licensing - ✔✔Where can an administrator view the license management types in the Enterprise Dashboard? The Partner Dashboard - ✔✔Which dashboard allows you to manage and apply global settings to multiple Sophos Central accounts? Account Details - ✔✔Where in Sophos Central Admin Console can you enable remote assistance? To enable all devices to communicate all policy and reporting data using a dedicated server on your network - ✔✔What is the function of a Message Relay? To prevent the use of removable media on protected endpoints - ✔✔What is the function of Peripheral Control? Global Settings and sever policy - ✔✔Which 2 places in Sophos Central do you add exclusions for servers? partnerportal.sophos.com - ✔✔Which URL address do you use to login to Sophos Central Partner Dashboard? True - ✔✔TRUE or FALSE: You can search for a malicious item across your network using EDR Data Loss Prevention - ✔✔You want to prevent users from copying database files to USB drives without blocking the use of all USB devices. Which policy do you need to configure? The Enterprise Dashboard - ✔✔Which dashboard allows you to view and apply global settings to multiple Sophos Central Accounts? Threat Protection - ✔✔In which policy do you enable deep learning? central.sophos.com - ✔✔Which URL address do you use to login to Sophos Central Admin Console? Login using the Launch Sophos Central Admin button in the Partner Dashboard - ✔✔How do you access a managed Sophos Central account to resolve alerts for your customer Using the Active Directory Sync Utility and import using CSV file - ✔✔Which 2 of the following are the methods for bulk importing users? Disable tamper protection in Sophos Central - ✔✔What is the first step you must take when removing Sophos Endpoint Protection from a Windows endpoint Monitors running processes' behaviour - ✔✔What is the function of on-access scanning The file info tab in the self-help tool - ✔✔You have a suspicious file on your endpoint. Which tool do you use to quickly scan the file System - ✔✔Which section in the Self-Help tool should be checked to start investigating an updating issue on an endpoint Tamper Protection is enabled - ✔✔The option to stop the AutoUpdate service is greyed out in Windows Services. What is the most likely reason for this? Encryption - ✔✔Which Sophos Central manage product protects the data on a lost or stolen laptop? False - ✔✔TRUE or FALSE: The security VM installer is linked to your Sophos Central account. That you have the correct role assigned - ✔✔You are unable to edit policies in Sophos Central. What do you check in Sophos Central? Master Licensing, Individual Licensing - ✔✔In which 2 ways can you license the Enterprise Dashboard? Prevents a user from uninstalling the Sophos agent software - ✔✔What does tamper protection prevent a user from doing on their endpoint with Sophos Central agent installed Events report - ✔✔Which report will give you information across all protected endpoints? The Self-Service Portal - ✔✔How do users view quarantined emails and manage device encryption for their protected endpoints SUMMARY - ✔✔Which tab on the device details page displays the tamper protection information Failed to protect an endpoint - ✔✔Which of the following alerts is categorized as a high alert? Failed to protect an endpoint - ✔✔Which of the following alerts is categorized as a high alert? False - ✔✔TRUE or FALSE: All Endpoints have the same tamper protection password.