SOPHOS ENGINEER EXAM QUESTIONS WITH
CORRECT ANSWERS GRADED A+
That the cloned policy has been enforced
You have cloned the threat protection base policy, applied the policy to a group and saved it. When
checking the endpoint, the policy changes have not taken effect. What do you check in the policy
8190
Which TCP port is used to communicate policies to endpoint?
To download updates from Sophos Central and store them on a dedicated server on your network
What is the function of an update cache?
Download and run the installer from Sophos Central
Which of the following is a method of deploying endpoint protection?
8191
Which TCP port is used to communicate Updates on endpoint?
False
A message relay can be configured on a Server without an Update Cache.
True
When protecting a MAC client, you must know the password of the administrator.
Connects to a cloud server to check for the latest information about a file
What is the function of live protection?
To block specific applications from running on protected endpoints
Which is the function of Application control?
To connect Sophos security solutions in real time
What is the function of Sophos Synchronized Security?
Control access to websites based on their category
What is the function of Web Control?
To detect and stop compromised vulnerable applications
What is the function of anti-exploit technology?
Exploit technique detection
Which feature of intercept X is designed to detect malware before it can execute?
Data loss prevention rule
, You want to change an action for 'confidential' content. Where in Sophos Central do you make this
change
False
Base policies can be disabled in Sophos Central.
Threat Protection
You are detecting low-reputation files and want to change the reputation level from recommended to
strict. Which policy do you edit to make this change?
Threat protection
Which endpoint protection policy protects users against malicious network traffic?
True
TRUE or FALSE: Tamper protection must be disabled before removing Endpoint protection.
Web Control
Which endpoint protection policy do you edit to block users from visiting a specific website category?
Threat Protection
Which endpoint protection policy block access to malicious websites?
False
TRUE or FALSE: All Endpoints have the same endpoint password.
Application Control
Which feature allows you to restrict application?
Check system requirement
What is the first step you must take when deploying virtual environments?
Servers or server group
Server policies are only applied to ....
Files and registry entries
Which 2 of the following are monitored when File Integrity Monitoring is enabled?
SVM (Security Virtual Machine) & Guest Virtual Machine (GVM)
Which 2 components are required for protecting virtual environments?
Avremove.log
A Windows endpoint installation is failing. It is detecting competitor software. Which log file do you
check to investigate this issue?
CORRECT ANSWERS GRADED A+
That the cloned policy has been enforced
You have cloned the threat protection base policy, applied the policy to a group and saved it. When
checking the endpoint, the policy changes have not taken effect. What do you check in the policy
8190
Which TCP port is used to communicate policies to endpoint?
To download updates from Sophos Central and store them on a dedicated server on your network
What is the function of an update cache?
Download and run the installer from Sophos Central
Which of the following is a method of deploying endpoint protection?
8191
Which TCP port is used to communicate Updates on endpoint?
False
A message relay can be configured on a Server without an Update Cache.
True
When protecting a MAC client, you must know the password of the administrator.
Connects to a cloud server to check for the latest information about a file
What is the function of live protection?
To block specific applications from running on protected endpoints
Which is the function of Application control?
To connect Sophos security solutions in real time
What is the function of Sophos Synchronized Security?
Control access to websites based on their category
What is the function of Web Control?
To detect and stop compromised vulnerable applications
What is the function of anti-exploit technology?
Exploit technique detection
Which feature of intercept X is designed to detect malware before it can execute?
Data loss prevention rule
, You want to change an action for 'confidential' content. Where in Sophos Central do you make this
change
False
Base policies can be disabled in Sophos Central.
Threat Protection
You are detecting low-reputation files and want to change the reputation level from recommended to
strict. Which policy do you edit to make this change?
Threat protection
Which endpoint protection policy protects users against malicious network traffic?
True
TRUE or FALSE: Tamper protection must be disabled before removing Endpoint protection.
Web Control
Which endpoint protection policy do you edit to block users from visiting a specific website category?
Threat Protection
Which endpoint protection policy block access to malicious websites?
False
TRUE or FALSE: All Endpoints have the same endpoint password.
Application Control
Which feature allows you to restrict application?
Check system requirement
What is the first step you must take when deploying virtual environments?
Servers or server group
Server policies are only applied to ....
Files and registry entries
Which 2 of the following are monitored when File Integrity Monitoring is enabled?
SVM (Security Virtual Machine) & Guest Virtual Machine (GVM)
Which 2 components are required for protecting virtual environments?
Avremove.log
A Windows endpoint installation is failing. It is detecting competitor software. Which log file do you
check to investigate this issue?
