Sophos Certified Engineer Exam Questions With Complete Solutions
Which TCP port is used to communicate policies to endpoints? - (ANSWER)8190
Which Sophos Central manage product protects the data on a lost or stolen laptop? -
(ANSWER)Encryption
The option to stop the AutoUpdate service is greyed out in Windows Services. What is the most likely
reason for this? - (ANSWER)Tamper Protection is enabled
Complete the sentence: Signature-based file scanning relies on... - (ANSWER)previously detected
malware characteristics
TRUE or FALSE: Tamper protection is enabled by default. - (ANSWER)TRUE
You are unable to edit policies in Sophos Central. What do you check in Sophos Central? - (ANSWER)That
you have the correct role assigned
Which URL address do you use to login to Sophos Central Partner Dashboard? -
(ANSWER)partnerportal.sophos.com
You are detecting low-reputation files and want to change the reputation level from recommended to
strict. Which policy do you edit to make this change? - (ANSWER)Threat Protection
What is the FIRST step you must take when deploying virtual environments? - (ANSWER)Check the
system requirements
You want to prevent users from copying database files to USB drives without blocking the use of all USB
devices. Which policy do you need to configure? - (ANSWER)Data Loss Prevention
TRUE or FALSE: You can search for a malicious item across your network using EDR - (ANSWER)TRUE
, Sophos Certified Engineer Exam Questions With Complete Solutions
Which log provides a record of all activities? - (ANSWER)Audit log
What is the function of anti-exploit technology? - (ANSWER)To detect and stop compromised vulnerable
applications
Complete the sentence: The SAV32CLI clean-up tool is a... - (ANSWER)Command line tool included in
Sophos Central installation
When registering for a Sophos Central Trial, which of the following statements are TRUE? -
(ANSWER)You must use an email address that has not been used with Sophos Central before
Which tab on the device details page displays the tamper protection information? -
(ANSWER)SUMMARY
What is the function of Live Protection? - (ANSWER)Connects to a cloud server to check for the latest
information about a file
How long are activities stored for in the Enterprise Dashboard? - (ANSWER)90 days
What is the function of an Update Cache? - (ANSWER)To download updates from Sophos Central and
store them on a dedicated server on your network
What is the function of on-access scanning? - (ANSWER)Monitors running processes' behavior
Which of the following alerts is categorized as a high alert? - (ANSWER)Failed to protect an endpoint
Which dashboard allows you to manage and apply global settings to multiple Sophos Central accounts? -
(ANSWER)The Partner Dashboard
Which detection feature can prevent attacks on the master boot record? - (ANSWER)WipeGuard
Which TCP port is used to communicate policies to endpoints? - (ANSWER)8190
Which Sophos Central manage product protects the data on a lost or stolen laptop? -
(ANSWER)Encryption
The option to stop the AutoUpdate service is greyed out in Windows Services. What is the most likely
reason for this? - (ANSWER)Tamper Protection is enabled
Complete the sentence: Signature-based file scanning relies on... - (ANSWER)previously detected
malware characteristics
TRUE or FALSE: Tamper protection is enabled by default. - (ANSWER)TRUE
You are unable to edit policies in Sophos Central. What do you check in Sophos Central? - (ANSWER)That
you have the correct role assigned
Which URL address do you use to login to Sophos Central Partner Dashboard? -
(ANSWER)partnerportal.sophos.com
You are detecting low-reputation files and want to change the reputation level from recommended to
strict. Which policy do you edit to make this change? - (ANSWER)Threat Protection
What is the FIRST step you must take when deploying virtual environments? - (ANSWER)Check the
system requirements
You want to prevent users from copying database files to USB drives without blocking the use of all USB
devices. Which policy do you need to configure? - (ANSWER)Data Loss Prevention
TRUE or FALSE: You can search for a malicious item across your network using EDR - (ANSWER)TRUE
, Sophos Certified Engineer Exam Questions With Complete Solutions
Which log provides a record of all activities? - (ANSWER)Audit log
What is the function of anti-exploit technology? - (ANSWER)To detect and stop compromised vulnerable
applications
Complete the sentence: The SAV32CLI clean-up tool is a... - (ANSWER)Command line tool included in
Sophos Central installation
When registering for a Sophos Central Trial, which of the following statements are TRUE? -
(ANSWER)You must use an email address that has not been used with Sophos Central before
Which tab on the device details page displays the tamper protection information? -
(ANSWER)SUMMARY
What is the function of Live Protection? - (ANSWER)Connects to a cloud server to check for the latest
information about a file
How long are activities stored for in the Enterprise Dashboard? - (ANSWER)90 days
What is the function of an Update Cache? - (ANSWER)To download updates from Sophos Central and
store them on a dedicated server on your network
What is the function of on-access scanning? - (ANSWER)Monitors running processes' behavior
Which of the following alerts is categorized as a high alert? - (ANSWER)Failed to protect an endpoint
Which dashboard allows you to manage and apply global settings to multiple Sophos Central accounts? -
(ANSWER)The Partner Dashboard
Which detection feature can prevent attacks on the master boot record? - (ANSWER)WipeGuard
