Docsity
Docsity

Prepare for your exams
Prepare for your exams

Study with the several resources on Docsity


Earn points to download
Earn points to download

Earn points by helping other students or get them with a premium plan


Guidelines and tips
Guidelines and tips

SOPHOS TECHNICIAN | Actual Questions and Answers Latest Updated 2024/2025 (Graded A+), Exams of Computer Science

Read - ✔✔What permissions does the user need to connect to AD to gather the user and group information? True - ✔✔TRUE or FALSE: Only PE files can be restored from SafeStore through the user interface. Domain user - ✔✔What is the minimum type of user required to connect to AD to gather the user and group information? Global settings > Controlled Updates - ✔✔By default, computers get the latest Sophos product updates automatically, where can an admin change this to allow control over updates? telnet dc.sophos.local 636 - ✔✔You want to test the default SSL LDAP port for Active Directory synchronization. Enter the command you would use to verify connectivity to a domain controller named dc.sophos.local. _____

Typology: Exams

2023/2024

Available from 08/30/2024

Holygrams
Holygrams 🇺🇸

3

(2)

1.2K documents

1 / 10

Toggle sidebar

Related documents


Partial preview of the text

Download SOPHOS TECHNICIAN | Actual Questions and Answers Latest Updated 2024/2025 (Graded A+) and more Exams Computer Science in PDF only on Docsity! SOPHOS TECHNICIAN | Actual Questions and Answers Latest Updated 2024/2025 (Graded A+) Read - ✔✔What permissions does the user need to connect to AD to gather the user and group information? True - ✔✔TRUE or FALSE: Only PE files can be restored from SafeStore through the user interface. Domain user - ✔✔What is the minimum type of user required to connect to AD to gather the user and group information? Global settings > Controlled Updates - ✔✔By default, computers get the latest Sophos product updates automatically, where can an admin change this to allow control over updates? telnet dc.sophos.local 636 - ✔✔You want to test the default SSL LDAP port for Active Directory synchronization. Enter the command you would use to verify connectivity to a domain controller named dc.sophos.local. _____ %ProgramData%\sophos\sophos cloud AD sync\logs - ✔✔Where is the AD sync log location? nslookup - ✔✔The Central Admin Dashboard shows that none of your endpoints are using one of your update caches. When pinging the update cache by name it fails. What command do you use to investigate this further? True - ✔✔TRUE or FALSE: Tamper Protection is enabled by default in Sophos Central. (1) Sophos Endpoint Self Help (2) Sophos Central - ✔✔Which 2 methods does Sophos provide that will display the status of all Sophos services on Windows computers? Choose two (2). The connection was blocked but the root cause has NOT been cleaned up - ✔✔Which of the following statements is TRUE for a C2/Generic-C detection? Active Directory Sync Utility - ✔✔Where do you check to see if the AD sync schedule has been configured correctly? Global Settings - ✔✔Where can the AD Sync tool be obtained from? To detect man-in-the-middle attacks - ✔✔What is the function of Safe Browsing in Intercept X? (1) Program Data\Sophos\SafeStore (2) Program Data\Sophos\Sophos Anti-Virus\SafeStore - ✔✔Where can you find the SafeStore quarantine folders on a Windows Endpoint? Choose two (2). Resolve and verify - ✔✔What is the third step of the troubleshooting process? (1) The threat was found in an archive (2) The threat was found in a mailbox - ✔✔Which 2 of the following are reasons why manual cleanup may be required? Choose two (2). True - ✔✔TRUE or FALSE: You can recover the Tamper Protection password for a deleted endpoint in Sophos Central. True - ✔✔TRUE or FALSE: Sophos recommends disabling HTTPS inspection for Sophos updating traffic. 389 - ✔✔AD Sync is not working, you have successfully pinged the DC by both name and IP address. Which port do you use with telnet to confirm the LDAP port is accessible? C:\ProgramData\Sophos\AutoUpdate\data\warehouse - ✔✔What is the location of AutoUpdate's warehouse on a protected endpoint? Test the deployment script - ✔✔What step do you need to take before you bulk deploy Sophos Central to endpoints using a startup script in GPO? Sophos Anti-Virus - ✔✔Which installer runs the Competitor Removal Tool (CRT)? Root Cause Analysis - ✔✔What is the second step of the troubleshooting process? Update > Update configuration - ✔✔Where in the Endpoint Self Help Tool will show if an endpoint is using a proxy for updating? Restart the Update Cache service - ✔✔If the Windows Firewall service is stopped or disabled when the Update Cache is deployed, then the firewall rule to allow TCP 8191 will not have been created. How do you resolve this? True - ✔✔TRUE or FALSE: All quarantined data is encrypted in SafeStore. (1) Warehouse (2) Decoded - ✔✔When clearing the local AutoUpdate cache prior to forcing an update, which 2 of the following folders do you need to rename? Choose two (2). /private/var/log - ✔✔Where is the 'install.log' found on a Mac OS X endpoint? zero-day threats - ✔✔What is the term for an attack that uses techniques that anti-virus does not yet detect? Virus Removal tool - ✔✔Which of these cleanup tools will scan for root kits? The Update Cache server has run out of disc space - ✔✔You see the following error in the SophosUpdate.log: WARN [WARN] copy from upstream failed: Cannot write resource: C:/Programdata/sophos/autoupdate/data/warehouse/9548-885 What could this indicate? False - ✔✔TRUE or FALSE: AD sync needs to be installed on a DC? Tamper Protection is enabled - ✔✔The option to stop the AutoUpdate service is greyed out in Windows Services. What is the most likely reason for this? ipconfig - ✔✔Which of the following Windows tools do you use to display the network configuration? ping srv.sophos.local - ✔✔Enter the command you would use to resolve the IP address of srv.sophos.local and test network connectivity to the server at the same time. _____ ping 172.16.2.20 - ✔✔Enter the command you would use to test IP network connectivity to the address 172.16.2.20. _____ netsh winhttp reset proxy - ✔✔Enter the command you would use to remove the currently configured system proxy. _____ 4 hours - ✔✔When troubleshooting an endpoint, how long can you override the Sophos Central policy for? (1) Boot into Safe Mode and disable Tamper Protection via the Registry (2) Retrieve the password for the deleted endpoint within Central so you can then enter this within the local Endpoint UI - ✔✔You wish to uninstall the Sophos Endpoint software from a Windows 10 computer. However, Tamper Protection is enabled, and the device is no longer present within Central Admin. Which 2 of following are supported methods of removal? Choose two (2). To protect against vulnerabilities in software - ✔✔Why is it important to apply updates and patches to all applications and operating systems across your network? 60 mins - ✔✔AutoUpdate performs its first check 5 minutes after the service starts. At what interval does AutoUpdate then check for software, threat detection data and other available updates? Alerts are created when an action is required - ✔✔Which of the following statements is TRUE about alerts? To detect malicious file encryption by ransomware - ✔✔What is the function of CryptoGuard? True - ✔✔TRUE or FALSE: AD Sync will delete groups and users with no Central Admin role when they are no longer present in the search results? (1) An unknown file (2) An executable file in a temporary file location - ✔✔Which 2 of the following are malicious file indicators? Choose two (2). The Threat Library - ✔✔Where can you find more information about a specific threat? True - ✔✔TRUE or FALSE: C:\TEMP should never be whitelisted in Sophos Central. (1) uc.log (2) downloader.log - ✔✔You suspect an issue with you Update Cache. Which 2 logs do you need to examine? Choose two (2). Tamper Protection - ✔✔Which feature would protect the Sophos installation from becoming disabled by malware? The connection was NOT blocked and the threat has NOT been cleaned up - ✔✔Which of the following statements is TRUE for a C2/Generic-B detection? Define the issue - ✔✔What is the first step of the troubleshooting process?