SOPHOS ENGINEER COMPREHENSIVE
STUDY GUIDE 2026 SECURITY PRACTICE
QUESTIONS AND ANSWERS GRADED A+
●● Which TCP port is used to communicate policies to endpoint?.
Answer: 8190
●● What is the function of an update cache?.
Answer: To download updates from Sophos Central and store them on a
dedicated server on your network
●● Which of the following is a method of deploying endpoint
protection?.
Answer: Download and run the installer from Sophos Central
●● Which TCP port is used to communicate Updates on endpoint?.
Answer: 8191
●● A message relay can be configured on a Server without an Update
Cache..
Answer: False
,●● When protecting a MAC client, you must know the password of the
administrator..
Answer: True
●● What is the function of live protection?.
Answer: Connects to a cloud server to check for the latest information
about a file
●● Which is the function of Application control?.
Answer: To block specific applications from running on protected
endpoints
●● What is the function of Sophos Synchronized Security?.
Answer: To connect Sophos security solutions in real time
●● What is the function of Web Control?.
Answer: Control access to websites based on their category
●● What is the function of anti-exploit technology?.
Answer: To detect and stop compromised vulnerable applications
●● Which feature of intercept X is designed to detect malware before it
can execute?.
, Answer: Exploit technique detection
●● You want to change an action for 'confidential' content. Where in
Sophos Central do you make this change.
Answer: Data loss prevention rule
●● Base policies can be disabled in Sophos Central..
Answer: False
●● You are detecting low-reputation files and want to change the
reputation level from recommended to strict. Which policy do you edit
to make this change?.
Answer: Threat Protection
●● Which endpoint protection policy protects users against malicious
network traffic?.
Answer: Threat protection
●● TRUE or FALSE: Tamper protection must be disabled before
removing Endpoint protection..
Answer: True
●● Which endpoint protection policy do you edit to block users from
visiting a specific website category?.
STUDY GUIDE 2026 SECURITY PRACTICE
QUESTIONS AND ANSWERS GRADED A+
●● Which TCP port is used to communicate policies to endpoint?.
Answer: 8190
●● What is the function of an update cache?.
Answer: To download updates from Sophos Central and store them on a
dedicated server on your network
●● Which of the following is a method of deploying endpoint
protection?.
Answer: Download and run the installer from Sophos Central
●● Which TCP port is used to communicate Updates on endpoint?.
Answer: 8191
●● A message relay can be configured on a Server without an Update
Cache..
Answer: False
,●● When protecting a MAC client, you must know the password of the
administrator..
Answer: True
●● What is the function of live protection?.
Answer: Connects to a cloud server to check for the latest information
about a file
●● Which is the function of Application control?.
Answer: To block specific applications from running on protected
endpoints
●● What is the function of Sophos Synchronized Security?.
Answer: To connect Sophos security solutions in real time
●● What is the function of Web Control?.
Answer: Control access to websites based on their category
●● What is the function of anti-exploit technology?.
Answer: To detect and stop compromised vulnerable applications
●● Which feature of intercept X is designed to detect malware before it
can execute?.
, Answer: Exploit technique detection
●● You want to change an action for 'confidential' content. Where in
Sophos Central do you make this change.
Answer: Data loss prevention rule
●● Base policies can be disabled in Sophos Central..
Answer: False
●● You are detecting low-reputation files and want to change the
reputation level from recommended to strict. Which policy do you edit
to make this change?.
Answer: Threat Protection
●● Which endpoint protection policy protects users against malicious
network traffic?.
Answer: Threat protection
●● TRUE or FALSE: Tamper protection must be disabled before
removing Endpoint protection..
Answer: True
●● Which endpoint protection policy do you edit to block users from
visiting a specific website category?.
