Sophos Firewall v19.5
Lateral movement protection is made possible by which of the following? -
answerSynchronized Security
Which 2 of these are features of the Xstream achitecture? - answerTLS 1.3 Decryption
und Deep packet inspection
Which feature of the Sophjos Firewall helps prevent a computer infected by a trojan
from transmitting personal information out of theri network? - answerAdvanced Threat
Protection
Which feature of the Sophos firewall identifies unknown applications? -
answerSynchronized App Controll
What cloud platfroms is Sophos Firewall supported on? - answerAWS, Azure und
Nutanix
How many radios do the wireless XGS series models have? - answer1
True or False: The number of ports can be expanded using additional modules. -
answerTrue
You have received a new hardware Sophos Firewall. What is the default IP addres and
port that is used to access the device? - answer172.16.16.16:4444
You are preparing a Sophos Firewall for installation on a remote site. The order for the
license hat not yet been processed. Which device registration oprion do you select in
the Initial Suetup wizard? - answerI do not want to register now.
Servic objects can be created for which of the following? - answerTCP/UDP Ports, IP
Protocol Number, ICMP Type and Code
In which of these zones is an interface conffigured with a gateway? - answerWAN
How many gateways can you include in an SD-WAN profile? - answer8
Place the route types in the correct default order of precedence - answer1. Static; 2.
SD-WAN; 3. VPN; 4. Default
How many servers does Sophos Firewall suport for static DNS? - answer3
You have an existing DHCP server. What configuration allows Sophos firewall to
forward lease requests to this? - answerRelay
, Which of these are defined as Admin services in Device access? - answerHTTPS and
SSH
You want a certificate to be signed by a third-party company. which option should you
choose? - answerGenerate CSR
What are the different types of traffic shaping policy you can create? - answerUsers,
Web categories, Rules, Applications
What do you need to configure before you can start using traffic shaping? - answerTotal
WAN bandwidth
True of False: NAT rules are processed in order from top to bottom - answerTrue
True or False: All firewall rules are evaluated and the best match is used. - answerfalse
Which 3 of the following are matching criteria Sophos Firewall uses to automatically
assign firewall rules to groups? - answerDestination ZONE, Source ZONE, Rule type
complete the sentence below:
When creating a firewall rule for DNAT, you select the ________ destination zone. -
answerPost NAT
Where would you exclude a website from TLS inspection? - answerWEB -> URL
Groups
Where would you configure which chiper algorithms to block? - answerDecryption
profile
What 2 things do you need to do to use IPS policies - answerSelect an IPS policy in a
firewall rule; Enable IPS using the switch
Spoof Protection - answerDrops traffic that is trying to pretend to come from a different
MAC of IP address to bypass protection
DoS Protection - answerDrops traffic that is maliciously trying to prevent legitimate
traffic from being able to accsess services.
IPS Policies - answerProtectes against exploits and malfromed traffic.
Which 2 actions can ATP be configured to perform when it detects traffic to a command-
and-control server? - answerLog; Log and Drop
You want to configure Security Heartbeat, what is the first thing you need to do? -
answerRegister your Sophos Firewall with you Sophos Central account
Lateral movement protection is made possible by which of the following? -
answerSynchronized Security
Which 2 of these are features of the Xstream achitecture? - answerTLS 1.3 Decryption
und Deep packet inspection
Which feature of the Sophjos Firewall helps prevent a computer infected by a trojan
from transmitting personal information out of theri network? - answerAdvanced Threat
Protection
Which feature of the Sophos firewall identifies unknown applications? -
answerSynchronized App Controll
What cloud platfroms is Sophos Firewall supported on? - answerAWS, Azure und
Nutanix
How many radios do the wireless XGS series models have? - answer1
True or False: The number of ports can be expanded using additional modules. -
answerTrue
You have received a new hardware Sophos Firewall. What is the default IP addres and
port that is used to access the device? - answer172.16.16.16:4444
You are preparing a Sophos Firewall for installation on a remote site. The order for the
license hat not yet been processed. Which device registration oprion do you select in
the Initial Suetup wizard? - answerI do not want to register now.
Servic objects can be created for which of the following? - answerTCP/UDP Ports, IP
Protocol Number, ICMP Type and Code
In which of these zones is an interface conffigured with a gateway? - answerWAN
How many gateways can you include in an SD-WAN profile? - answer8
Place the route types in the correct default order of precedence - answer1. Static; 2.
SD-WAN; 3. VPN; 4. Default
How many servers does Sophos Firewall suport for static DNS? - answer3
You have an existing DHCP server. What configuration allows Sophos firewall to
forward lease requests to this? - answerRelay
, Which of these are defined as Admin services in Device access? - answerHTTPS and
SSH
You want a certificate to be signed by a third-party company. which option should you
choose? - answerGenerate CSR
What are the different types of traffic shaping policy you can create? - answerUsers,
Web categories, Rules, Applications
What do you need to configure before you can start using traffic shaping? - answerTotal
WAN bandwidth
True of False: NAT rules are processed in order from top to bottom - answerTrue
True or False: All firewall rules are evaluated and the best match is used. - answerfalse
Which 3 of the following are matching criteria Sophos Firewall uses to automatically
assign firewall rules to groups? - answerDestination ZONE, Source ZONE, Rule type
complete the sentence below:
When creating a firewall rule for DNAT, you select the ________ destination zone. -
answerPost NAT
Where would you exclude a website from TLS inspection? - answerWEB -> URL
Groups
Where would you configure which chiper algorithms to block? - answerDecryption
profile
What 2 things do you need to do to use IPS policies - answerSelect an IPS policy in a
firewall rule; Enable IPS using the switch
Spoof Protection - answerDrops traffic that is trying to pretend to come from a different
MAC of IP address to bypass protection
DoS Protection - answerDrops traffic that is maliciously trying to prevent legitimate
traffic from being able to accsess services.
IPS Policies - answerProtectes against exploits and malfromed traffic.
Which 2 actions can ATP be configured to perform when it detects traffic to a command-
and-control server? - answerLog; Log and Drop
You want to configure Security Heartbeat, what is the first thing you need to do? -
answerRegister your Sophos Firewall with you Sophos Central account
