SOPHOS CERTIFIED ENGINEER EXAM
SCRIPT EXAMS SET FULL SOLUTION 2026
100% CORRECT.
◍ You have cloned the threat protection base policy, applied the
policy to a group and saved it. When checking the endpoint, the
policy changes have not taken effect. What do you check in the
policy? Answer: That the cloned policy has been enforced
◍ In which 2 ways can you license the Enterprise Dashboard?
Answer: (1) Master Licensing
(2) Individual Licensing
◍ What is the minimum administrative role that will allow a user to
create and edit policies? Answer: Admin
◍ Complete the following sentence: The default protection base
policy is configured with... Answer: Sophos' recommended settings
◍ Which section in the Self-Help tool should be checked to start
investigating an updating issue on an endpoint Answer: System
◍ What does tamper protection prevent a user from doing on their
endpoint with Sophos Central agent installed? Answer: Prevents a
user from uninstalling the Sophos agent software
, ◍ TRUE or FALSE: All server protection features are enabled by
default. Answer: FALSE
◍ Which endpoint protection policy protects users against malicious
network traffic? Answer: Threat Protection
◍ Which is the minimum administrative role that will allow a user to
view alerts, perform updates and scan endpoints? Answer: Help Desk
◍ Your Enterprise Dashboard has been configured with multiple sub-
estates. In which 2 ways can you manage the licenses associated with
the sub-estates? Answer: (1) In the sub-estate Central Admin Console
(2) In the Enterprise Dashboard
◍ Threat search results are split into which 2 of the following.
Answer: (1) Files
(2) Network
◍ In which policy do you configure anti-virus scanning? Answer:
Threat Protection
◍ Which feature of Intercept X is designed to detect malware before
it can execute? Answer: Exploit technique detection
SCRIPT EXAMS SET FULL SOLUTION 2026
100% CORRECT.
◍ You have cloned the threat protection base policy, applied the
policy to a group and saved it. When checking the endpoint, the
policy changes have not taken effect. What do you check in the
policy? Answer: That the cloned policy has been enforced
◍ In which 2 ways can you license the Enterprise Dashboard?
Answer: (1) Master Licensing
(2) Individual Licensing
◍ What is the minimum administrative role that will allow a user to
create and edit policies? Answer: Admin
◍ Complete the following sentence: The default protection base
policy is configured with... Answer: Sophos' recommended settings
◍ Which section in the Self-Help tool should be checked to start
investigating an updating issue on an endpoint Answer: System
◍ What does tamper protection prevent a user from doing on their
endpoint with Sophos Central agent installed? Answer: Prevents a
user from uninstalling the Sophos agent software
, ◍ TRUE or FALSE: All server protection features are enabled by
default. Answer: FALSE
◍ Which endpoint protection policy protects users against malicious
network traffic? Answer: Threat Protection
◍ Which is the minimum administrative role that will allow a user to
view alerts, perform updates and scan endpoints? Answer: Help Desk
◍ Your Enterprise Dashboard has been configured with multiple sub-
estates. In which 2 ways can you manage the licenses associated with
the sub-estates? Answer: (1) In the sub-estate Central Admin Console
(2) In the Enterprise Dashboard
◍ Threat search results are split into which 2 of the following.
Answer: (1) Files
(2) Network
◍ In which policy do you configure anti-virus scanning? Answer:
Threat Protection
◍ Which feature of Intercept X is designed to detect malware before
it can execute? Answer: Exploit technique detection
