Scribd Logo
Upload

Welcome to Scribd!

  • Examen para Sophos Angel

    Uploaded by

    Carlos Aynaguano
    607 views19 pages
    examen sophos

    Original Title

    Examen Para Sophos Angel

    Copyright

    © © All Rights Reserved

    Available Formats

    DOCX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    examen sophos

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    607 views19 pages

    Examen para Sophos Angel

    Uploaded by

    Carlos Aynaguano
    examen sophos

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 19

    EXAMEN PARA SOPHOS

    . Overview and Deployment v19.0


     1. You have received a new hardware Sophos Firewall and are preparing to connect to it for the first time.
    What is the default IP address and port that is used to access the device?

     2. Which feature can harden forms, sign cookies and scan for malware?

     3. Which Sophos Firewall feature is able to block access to command and control servers?
    2. Getting Started v19.0
     1. In which 3 ways can you add a certificate that can be used in place of the default Appliance
    Certificate?
    This answer can be found in the Managing Device Access and Certificates chapter.

    RESPUESTAS CORRECTAS 1 2 3

     2. Which of these routes has the lowest precedence?

     3. When configuring a route, which of the following allows you to select traffic for routing based on user and
    application?
    3. Interfaces and Zones v19.0
     1. Which interface type allows two or more interfaces to be used to create a transparent layer 2 or
    3 bridged interface for seamless communication between interfaces?

    4. Firewall v19.0
     1. Which 3 of the following are the default decryption profiles available in Sophos Firewall?
    This answer can be found in the Configuring TLS Decryption on Sophos Firewall chapter.

    RESPUESTA CORRECTA
     2. After creating various rules, you find that HTTP access is being blocked from the LAN to the Internet.
    Looking at the firewall rules shown above, why is this happening?
    This answer can be found in the Getting Started with Firewall and NAT Rules on Sophos Firewall chapter.

     3. Users complain that when working long hours, they often lose access to Internet resources.
    5. Firewall Icons v19.0
     1. Which firewall icon shown represents a user rule that allows traffic?

    6. Network Protection v19.0


     1. How do healthy endpoints identify endpoints with a RED health status for lateral movement
    protection?
    This answer can be found in the Getting Started with Security Heartbeat on Sophos Firewall chapter.
    RESPUESTA CORRECTA MAC ADDRESS
     2. Which of the following drops traffic that is trying to pretend to come from a different MAC or IP address to
    bypass protection?

     3. Which 2 actions can ATP be configured to perform when it detects traffic to a command-and-control
    server?
    This answer can be found in the Enabling Advanced Threat Protection on Sophos Firewall chapter.

    RESPUESTA CORRECTA LOG AND LOG-AND-DROP

    7. Site-to-Site Connections v19.0


     1. Which 3 types of authentication can be used for IPsec site-to-site VPNs?
    This answer can be found in the Getting Started with IPsec Site-to-Site VPNs on Sophos Firewall
    chapter.

    RESPUESTA CORRECTA PRE SHARED KEY, RSA KEY, DIGITAL CERTIFICATE

     2. What is required when creating an IPsec VPN policy?

     3. You are working with sensitive corporate data and want to ensure that traffic from remote locations is
    monitored and blocked from leaving the corporate LAN. What would be the most appropriate security mode to
    deploy the RED devices in?
     4. Where do you select the remote networks for site-to-site SSL VPNs?

    8. Authentication v19.0
     1. You have been asked to install STAS on your servers. Which 3 of the following are required for
    the installation to be successful?
    This answer can be found in the Getting Started with Sophos Firewall Authentication chapter.

    RESPUESTA CORRECTA AN ACCOUNT WITH ACCESS, AN ACCOUNT WITH LOGON Y ACTIVE


    DIRECTORY

     2. Which 4 of the following are supported external authentication servers on Sophos Firewall 19.0?
    This answer can be found in the Introducing Authentication on Sophos Firewall chapter.
     3. Which 2 of the following are requirements for the secret when creating a multi-factor authentication token
    manually?

     4. You need to create a user account to authenticate a VoIP system that needs access to the Internet. The
    system does not have the ability to authenticate with your directory service. What type of user would you create
    to accomplish this?

    9. Web Protection v19.0


     1. Which 3 options should be configured to ensure the most secure scanning settings are in place
    to protect users as they browse the web?
    This answer can be found in the Configuring Web Protection on Sophos Firewall chapter.
    RESPUESTA CORRECTA ENGINE SELECTION DUAL ENGINE, malware SCAN MODE,
     2. You have enabled the option to block potentially unwanted applications in Web Protection. Where would
    you exclude an application that you use on the network from being blocked?

     3. When testing a new web policy, you are still able to access pages that should be blocked. What is the
    most likely reason for this?
    This answer can be found in the Configuring Web Protection on Sophos Firewall chapter.

    RESPUESTA POSIBLE THE DEFAULT ACTION


    10. Web Quotas and Shaping v19.0
     1. Which method controls the amount of time users and groups spend on the Internet and applies
    to all Internet traffic?
    This answer can be found in the Sophos Firewall Web Protection Quotas and Traffic Shaping chapter.

    RESPUESTA CORRECTA SURFING QUOTAS

    11. Web Quota Configuration v19.0


     1. You have been asked to create a surfing quota for guests that allows access to the Internet for
    20 hours in a week and then terminates the connection with no recurrence.

    Which image shows the best way to configure the surfing quota?
    12. Application Control v19.0
     1. TRUE or FALSE. Application traffic shaping policies can be configured to limit the amount of
    bandwidth or to guarantee an amount of bandwidth.

     2. If a new application is added that matches an existing application control filter rule, which of the following
    statements is TRUE?
    13. Remote Access v19.0
     1. Which 2 protocols does the Sophos Connect IPsec VPN client support?

     2. Where can an end user download the Sophos Connect VPN client from to install on their workstation?
    This answer can be found in the Getting Started with Remote Access VPNs on Sophos Firewall chapter.

    RESPUESTA CORRECTA USER PORTAL


     3. Which 5 protocols does clientless SSL VPN access support?
    14. Wireless Security Modes v19.0
     1. Which client traffic mode routes traffic to a specific VLAN using the first device it encounters that
    can route the VLAN traffic?
    This answer can be found in Introduction to Wireless Protection on Sophos Firewall chapter.

    RESPUESTA BRIDGE TO VLAN


    15. Wireless v19.0
     1. What are the 3 different types of hotspot you can create on Sophos Firewall?
     2. TRUE or FALSE. DHCP can be used to override the wireless magic IP if the Sophos Firewall is not the
    default gateway.
    This answer can be found in the Deploying Wireless Protection on Sophos Firewall chapter.

    RESPUESTA CORRECTA TRUE


    16. Logging and Reporting v19.0
     1. What is the maximum number of external syslog servers you can configure on Sophos Firewall?

     2. Where would you view information on files that have been referred to Sophos' zero-day protection?
    17. Central Management and Reporting v19.0
     1. When using Central Firewall Management, which of the following statements is TRUE?

     2. Which 4 of the following statements are TRUE about SD-WAN connection groups in Sophos Central?

    You might also like