Sophos Engineer ET80 - Sophos Firewall Overview|Complete
Questions with A+ Graded Answers
What is Zero Trust?
It is the mindset of don't trust anything verify everything
What is ZTNA?
Sophos's Zero Trust Network Access
What is Sophos Lateral Protection?
It is a micro segmentation solution. If device becomes infected it will be isolated to stop the attack or
regardless of the Network Topology
What are the three key features of Sophos Firewall?
It is a comprehensive security device, with a zone-based firewall and Identity-based policies at its
core.
It can expose hidden risk, stop unknown threats and isolate infected systems
It supports ZTNA by providing network segmentation and lateral movement protection
What are the phases of the Attack Kill Chain?
1. Reconnaissance
2. Weaponization
3. Delivery
4. Exploitation
5. Installation
6. Command and control
7. Behaviour
What happens in the Reconnaissance and Weaponization phases of the Attack Kill Chain?
The attacker will passively harvest email addresses and company information, before actively
scanning the target environment using tools like port Scanners
What happens in the Delivery phase of the Attack Kill Chain?
The attacker will access the estate to deliver the malicious payload via methods such as Email or social
engineering to direct the victim to a malicious site
What does Sophos Web Protection do?
By scanning http/https traffic for unwanted content and malware.
What does Web Filtering do?
Web filtering can allow or block sites based on content filters
What is Email Encryption and Control?
Sophos Firewall can scan incoming email for malicious content. IP reputation is enabled that allows
you to accept/drop/block emails from known Spam IP's. File type detection can scan and block
specific file types e.g any macro enabled files will be blocked. Email protection allows you to encrypt
emails so you can send data securely out of the network using SPX
Questions with A+ Graded Answers
What is Zero Trust?
It is the mindset of don't trust anything verify everything
What is ZTNA?
Sophos's Zero Trust Network Access
What is Sophos Lateral Protection?
It is a micro segmentation solution. If device becomes infected it will be isolated to stop the attack or
regardless of the Network Topology
What are the three key features of Sophos Firewall?
It is a comprehensive security device, with a zone-based firewall and Identity-based policies at its
core.
It can expose hidden risk, stop unknown threats and isolate infected systems
It supports ZTNA by providing network segmentation and lateral movement protection
What are the phases of the Attack Kill Chain?
1. Reconnaissance
2. Weaponization
3. Delivery
4. Exploitation
5. Installation
6. Command and control
7. Behaviour
What happens in the Reconnaissance and Weaponization phases of the Attack Kill Chain?
The attacker will passively harvest email addresses and company information, before actively
scanning the target environment using tools like port Scanners
What happens in the Delivery phase of the Attack Kill Chain?
The attacker will access the estate to deliver the malicious payload via methods such as Email or social
engineering to direct the victim to a malicious site
What does Sophos Web Protection do?
By scanning http/https traffic for unwanted content and malware.
What does Web Filtering do?
Web filtering can allow or block sites based on content filters
What is Email Encryption and Control?
Sophos Firewall can scan incoming email for malicious content. IP reputation is enabled that allows
you to accept/drop/block emails from known Spam IP's. File type detection can scan and block
specific file types e.g any macro enabled files will be blocked. Email protection allows you to encrypt
emails so you can send data securely out of the network using SPX
