Sophos Firewall Exam 2025 Questions
and Answers
When a RED is deployed in Standard/Unified mode, how do the computers on
the remote network get their IP adresss? - --CORRECT ANSWER--From a
DHCP server running on the XG firewall
You are preparing a hardware XG Firewall for installation on a remote site. The
order for the license has not yet been processed. Which registration option do you
select in the Initial Setup wizard? - --CORRECT ANSWER--I do not want to
register now
You have created a repot that displays data that you wish to check on a daily basis.
how can you make this data easily available in the WebAdmin interface?? - --
CORRECT ANSWER--Create a bookmark for the report
Which of the following best describes greylisting? - --CORRECT ANSWER--The
first attempt to deliver a message is temporarily denied.
One computer has a red health status. ON which 2 of the networks can the
endpoints be protected from the computer with a a red health status? - --
CORRECT ANSWER--A. C
....COPYRIGHT ©️ 2025 ALL RIGHTS RESERVED...TRUSTED & VERIFIED 1
, Sophos XG hardware devices come pre-loaded with software. - --CORRECT
ANSWER--True
Which 2 features are required if you want to make use of lateral movement
protection? - --CORRECT ANSWER--Server or endpoint protection. Intercept X
Which XG firewall feature is able to block access to command and control servers?
- --CORRECT ANSWER--Advanced Threat Protection
Which 2 methods are supported for logoff detection when using STAS - --
CORRECT ANSWER--PING, Workstation Polling
Type the name of the only zone that cannot have a physical port or interface
assigned to it - --CORRECT ANSWER--vpn
DHCP can be used to override the magic IP if the XG Firewall is not the default
gateway. - --CORRECT ANSWER--False
Which web filtering method can offload traffic to the FastPath? - --CORRECT
ANSWER--DPI
Which interface type is a virtual LAN created on an existing XG interface - --
CORRECT ANSWER--VLAN
Which of the following statements about zero-touch deployment are TRUE - --
CORRECT ANSWER--Zero-touch configuration rules can only be created for
unregistered hardware serial numbers
....COPYRIGHT ©️ 2025 ALL RIGHTS RESERVED...TRUSTED & VERIFIED 2
and Answers
When a RED is deployed in Standard/Unified mode, how do the computers on
the remote network get their IP adresss? - --CORRECT ANSWER--From a
DHCP server running on the XG firewall
You are preparing a hardware XG Firewall for installation on a remote site. The
order for the license has not yet been processed. Which registration option do you
select in the Initial Setup wizard? - --CORRECT ANSWER--I do not want to
register now
You have created a repot that displays data that you wish to check on a daily basis.
how can you make this data easily available in the WebAdmin interface?? - --
CORRECT ANSWER--Create a bookmark for the report
Which of the following best describes greylisting? - --CORRECT ANSWER--The
first attempt to deliver a message is temporarily denied.
One computer has a red health status. ON which 2 of the networks can the
endpoints be protected from the computer with a a red health status? - --
CORRECT ANSWER--A. C
....COPYRIGHT ©️ 2025 ALL RIGHTS RESERVED...TRUSTED & VERIFIED 1
, Sophos XG hardware devices come pre-loaded with software. - --CORRECT
ANSWER--True
Which 2 features are required if you want to make use of lateral movement
protection? - --CORRECT ANSWER--Server or endpoint protection. Intercept X
Which XG firewall feature is able to block access to command and control servers?
- --CORRECT ANSWER--Advanced Threat Protection
Which 2 methods are supported for logoff detection when using STAS - --
CORRECT ANSWER--PING, Workstation Polling
Type the name of the only zone that cannot have a physical port or interface
assigned to it - --CORRECT ANSWER--vpn
DHCP can be used to override the magic IP if the XG Firewall is not the default
gateway. - --CORRECT ANSWER--False
Which web filtering method can offload traffic to the FastPath? - --CORRECT
ANSWER--DPI
Which interface type is a virtual LAN created on an existing XG interface - --
CORRECT ANSWER--VLAN
Which of the following statements about zero-touch deployment are TRUE - --
CORRECT ANSWER--Zero-touch configuration rules can only be created for
unregistered hardware serial numbers
....COPYRIGHT ©️ 2025 ALL RIGHTS RESERVED...TRUSTED & VERIFIED 2
