Download Sophos2 exam | Actual Questions and Answers Latest Updated 2024/2025 (Graded A+) and more Exams Computer Science in PDF only on Docsity! Sophos2 exam | Actual Questions and Answers Latest Updated 2024/2025 (Graded A+) An XG can be deployed in the following ways (choose all that apply) - ✔✔Select one or more: a. As a storage appliance b. As a virtual appliance c. As a software appliance d. As a hardware appliance e. As a firewall in the cloud What are ways that a network can be protected against attacks using zero trust? (Choose all that apply.) - ✔✔Select one or more: a. Micro-segmentation b. Identity-based policies c. Time-based policies d. Server-to-server authentication policies e. Device health policies True or false: XG and other UTM firewalls can only help to stop attacks before a network is breached. - ✔✔Select one: True False Which 4 virtualization platforms can XG firewall be deployed to? (Choose all that apply.) - ✔✔Select one or more: a. QEMU b. KVM c. XenServer d. VMware e.Hyper-V Select the correct description of Sophos Heartbeat. - ✔✔Select one: a. Heartbeat connects cryptographically secured endpoints and Sophos XG Firewall via Sophos Central b. Heartbeat exchanges information, like health status, between XG Firewall and endpoints c. Heartbeat synchronizes the health status between XG Firewall and Sophos Central Identify the correct order of route processing methods. - ✔✔a. Static Routes > VPN Routes > SD-WAN Policy Routes > Default Route b. Static Routes > SD-WAN Policy Routes > VPN Routes > Default Route True or false: For NAT rules, if there is no matching firewall rule, the traffic is dropped and logged. - ✔✔Select one: True False As the administrator for a non-profit, you need to grant all employees access to one specific server at 10.200.44.8 from the client subnet 172.25.0.0/20. However, one specific workstation (172.25.15.208) is a kiosk in the lobby of your headquarters, and should NOT have access to any of the servers within the server network. Finally, no employees should have access from the client subnet to other servers within 10.200.44.0/23. Administrative access to the servers is allowed from a separate subnet for authorized staff. Order the following firewall policies properly so that they will correctly control the traffic according to these objectives. (Syntax is ACTION SOURCE ADDRESS > DESTINATION ADDRESS.) - ✔✔1. DENY 172.25.15.208/32 > 10.200.44.8/32 2. ALLOW 172.25.0.0/20 > 10.200.44.8/32 3. DENY 172.25.0.0/20 > 10.200.44.0/23 Lateral movement protection involves an XG sharing the identity of an infected host with others on the same network segment using: - ✔✔Select one: a. The infected host's heartbeat pattern b. The infected host's NetBIOS name c. The infected host's user-agent string d. The infected host's MAC address e. The infected host's IP Choose which site-to-site connection method is best where: (i) there are skilled IT professionals at both sites; (ii) simplicity of configuration is the highest goal over security or bandwidth; and (iii) no additional hardware is desired - ✔✔Select one: a. SSL VPN b. IPSec VPN c. RED True or false: a Remote Ethernet Device (RED) requires configuration once it arrives at a branch sit - ✔✔Select one: True False Site-to-site connections are added to the ________ zone automatically once they are created. (Fill in the blank.) - ✔✔VPN Choose which site-to-site connection method is best where: (i) bandwidth and security matters; and (ii) the XG is connecting to a third-party device. - ✔✔Select one: a. SSL VPN b. RED c. IPSec VPN True or false: route-based IPSec VPNs create a virtual interface that can be used as a source or destination reference when creating new policies or routes governing traffic flow across the tunnel. - ✔✔Select one: True False The XG checks authentication for users in the following order - ✔✔1. Hotspot 2. Clientless Users 3. Single Sign‑On 4. Authentication Agent 5. Captive Portal The XG firewall can be configured to authenticate with external servers, such as (choose all that apply): - ✔✔Select one or more: a. TACACS+ b. LDAP(S) c. RADIUS d. Active Directory e. Novell eDirectory True or false: the authentication agent reports any user who logs into a host to an XG in order to restrict them to identity-based policies. - ✔✔Select one: True False By default, the user portal is only available to clients connecting from the__________ zone. (Fill in the blank.) - ✔✔LAN Controls access to applications by particular hosts or by time of d ________ is an endpoint-based solution that uses Security Heartbeat to obtain further information about, identify, classify, and control previously unknown applications on the network. (Fill in the blank.) - ✔✔Synchronized app control Traffic shaping policies can either be configured to________ the amount of bandwidth they can use, or to_________ an amount of bandwidth in the case of business critical applications. - ✔✔a) limit b) guarantee Under Protect > Applications > Cloud Applications, you can see all of the cloud applications that have been detected, and can do the following (choose all that apply): - ✔✔Select one or more: a. Sort them by volume of data b. Filter them by category c. Filter them by classification d. Cut off access to them directly from the Cloud Applications view e. Sort them by the number of users of the application These are the possible classifications you can set for cloud applications. (Choose all that apply.) - ✔✔Select one or more: a. Unsanctioned b. Sanctioned c. Potentially Unwanted d. New e. Tolerated Sophos' SPX encrypts messages and allows the recipient to decrypt them using: - ✔✔Select one: a. A password b. A public/private keypair c. An SMS one-time PIN sent by the XG d. A hard or soft token In its default mode for mail protection, as opposed to Legacy Mode, the XG acts as a full - ✔✔MTA True or false: a user can release a quarantined message from their user portal, even if it contains malware. - ✔✔Select one: True False What is the purpose of a Smarthost? - ✔✔Select one: a. A cloud email hosting and storage service that replaces an on-premise server or MTA. b. The XG bypasses any intermediate servers, and delivers messages directly to the recipient's server. c. A client machine that can send mail directly to a recipient domain without using an MTA. d. It allows you to route email via an alternate set of servers In the WedAdmin, an administrator has these options for dealing with quarantined messages. (Choose all that apply.) - ✔✔Select one or more: a. Reply b. Release the message c. Forward d. Download to view The following is true about the Clientless Access Portal (choose all that apply) - ✔✔Select one or more: a. Once a user connects to the portal, they use bookmarks configured for them by an administrator to access resources behind the XG b. Users do not have to download a client in order to connect c. Users download an MSI installer in order to connect d. Once a user connects to the portal, they launch native apps such as RDP or SSH from their workstation or device to connect to resources behind the XG True or false: Sophos Connect is the only way to connect to the XG using IPSec. - ✔✔Select one: True False