SOPHOS CERTIFIED TECHNICIAN EXAM QUESTIONS WITH
VERIFIED ANSWERS ALREADY GRADED A+
1. The certificate In which 3 ways can you allow a quarantined file to be restored? Choose
2. SHA-256 three (3).
3. The file paths
Which switch can be used with SophosSetup.exe to point to the
--crtcatalogpath
name and location of a custom catalog file?
You have added a new Threat Protection policy that will
POLICY ENFORCED apply to all Windows endpoints but want to disable it until you
can test the settings. Which tab should you use to disable it?
TRUE or FALSE: The Sophos Diagnostic Utility is
False
available for Windows endpoints only.
Date and time are incorrect on the Why would the 'Last time updated from cache' status show as 'in a year'?
Update Cache server
1. Isolate an endpoint Which 3 of the following actions are available following a threat search?
2. Clean and block
3. Generate a threat case
What is the minimum type of user required to connect to AD to
Domain user
gather the user and group information?
/private/var/log Where is the 'install.log' found on a Mac OS X endpoint?
When configuring AD synchronization, what location was
DC=SOPHOS,DC=LOCAL
defined by default in filters under the User Discovery Filters
tab?
8190 Enter the port number that a Message Relay will use. _____
True TRUE or FALSE: C:\TEMP should never be whitelisted in Sophos
Central.
True TRUE or FALSE: All quarantined data is encrypted in SafeStore.
The option to stop the AutoUpdate service is greyed out in
Tamper Protection is enabled
Windows Services. What is the most likely reason for this?
Root Cause Analysis What is the second step of the troubleshooting process?
False TRUE or FALSE: All the default policies in Sophos Central can be
disabled.
What permissions does the user need to connect to AD to gather
Read
the user and group information?
True TRUE or FALSE: You can deploy an update cache without a Message
, Relay.
Which of the following Windows tools do you use to test
Telnet
connectivity to a specific port or service?
Which Windows service must be disabled when recovering
Sophos Anti-Virus
a tamper protected endpoint?
To detect malicious file What is the function of CryptoGuard?
encryption by ransomware
False TRUE or FALSE: The default Update Cache TCP port of 8191 can be
modified.
To protect against Why is it important to apply updates and patches to all
vulnerabilities in applications and operating systems across your network?
software
When creating a server policy for Threat Protection in Sophos
Devices and device groups
Central, what can it be assigned to?
1. To remove malware and PUA's What are the 2 primary functions of Sophos Clean? Choose two (2).
2. To move all detected items to
SafeStore
The connection was blocked but Which of the following statements is TRUE for a C2/Generic-C
the root detection?
cause has NOT been cleaned up
VERIFIED ANSWERS ALREADY GRADED A+
1. The certificate In which 3 ways can you allow a quarantined file to be restored? Choose
2. SHA-256 three (3).
3. The file paths
Which switch can be used with SophosSetup.exe to point to the
--crtcatalogpath
name and location of a custom catalog file?
You have added a new Threat Protection policy that will
POLICY ENFORCED apply to all Windows endpoints but want to disable it until you
can test the settings. Which tab should you use to disable it?
TRUE or FALSE: The Sophos Diagnostic Utility is
False
available for Windows endpoints only.
Date and time are incorrect on the Why would the 'Last time updated from cache' status show as 'in a year'?
Update Cache server
1. Isolate an endpoint Which 3 of the following actions are available following a threat search?
2. Clean and block
3. Generate a threat case
What is the minimum type of user required to connect to AD to
Domain user
gather the user and group information?
/private/var/log Where is the 'install.log' found on a Mac OS X endpoint?
When configuring AD synchronization, what location was
DC=SOPHOS,DC=LOCAL
defined by default in filters under the User Discovery Filters
tab?
8190 Enter the port number that a Message Relay will use. _____
True TRUE or FALSE: C:\TEMP should never be whitelisted in Sophos
Central.
True TRUE or FALSE: All quarantined data is encrypted in SafeStore.
The option to stop the AutoUpdate service is greyed out in
Tamper Protection is enabled
Windows Services. What is the most likely reason for this?
Root Cause Analysis What is the second step of the troubleshooting process?
False TRUE or FALSE: All the default policies in Sophos Central can be
disabled.
What permissions does the user need to connect to AD to gather
Read
the user and group information?
True TRUE or FALSE: You can deploy an update cache without a Message
, Relay.
Which of the following Windows tools do you use to test
Telnet
connectivity to a specific port or service?
Which Windows service must be disabled when recovering
Sophos Anti-Virus
a tamper protected endpoint?
To detect malicious file What is the function of CryptoGuard?
encryption by ransomware
False TRUE or FALSE: The default Update Cache TCP port of 8191 can be
modified.
To protect against Why is it important to apply updates and patches to all
vulnerabilities in applications and operating systems across your network?
software
When creating a server policy for Threat Protection in Sophos
Devices and device groups
Central, what can it be assigned to?
1. To remove malware and PUA's What are the 2 primary functions of Sophos Clean? Choose two (2).
2. To move all detected items to
SafeStore
The connection was blocked but Which of the following statements is TRUE for a C2/Generic-C
the root detection?
cause has NOT been cleaned up
