RETAAAAKEEEEEEE

Question 1
What is the function of Live Protection?

Response: Connects to a cloud server to check for the latest information about a file
Score: 1 out of 1 Yes
Question 2
An endpoint is reporting that Sophos AutoUpdate is not installed. In the Self-Help Tool
which tab do you check to view whether AutoUpdate is listed as installed?
Response: Management Communication
Score: 0 out of 1 No
Question 3
TRUE or FALSE: The security VM installer is linked to your Sophos Central account.
Response: TRUE
Question 4
Which security threat does Intercept X protect against?
Response: Ransomware
Question 5
Which section in the Self-Help tool should be checked to start investigating an updating
issue on an endpoint
Response: Update
Question 6
What is the function of Peripheral Control?
Response: To prevent the use of removable media on protected endpoints
Question 7
TRUE or FALSE: You can deploy an update cache without a Message Relay.
Response: FALSE
Question 8
What is the minimum administrative role that will allow a user to manage user roles and
role assignments?
Response: Super Admin
Question 9
Which of the following is a pre-execution check performed by Intercept X?
Response: Signature-based scanning
Question 10
Which tab on the device details page displays the tamper protection information?
Response: SUMMARY
Question 11
TRUE or FALSE: All server protection features are enabled by default.
Response: FALSE
Question 12
Which 2 of the following are the methods for bulk importing users?
Response: Using the Active Directory Sync Utility
Response: Import using a CSV file
Question 13
Complete the sentence: The Virus Removal clean up tool is a…
Response: Separate download that detects and removes malware
Question 14
TRUE or FALSE: Tamper protection must be disabled before removing Endpoint
Protection.
Response: TRUE
Question 15
Your Enterprise Dashboard has been configured with multiple sub-estates. In which 2
ways can you manage the licenses associated with the sub-estates?
Response: In the sub-estate Central Admin Console
Response: In the Enterprise Dashboard
Question 16
In which policy do you enable deep learning?
Response: Threat Protection
Question 17
Complete the sentence: Server policies are only applied to…
Response: Servers or server groups
Question 18
Which 2 places in Sophos Central do you add exclusions for servers?
Response: Global Settings
Response: Exclusions tab
Question 19
In which 2 ways can you license the Enterprise Dashboard?
Response: Master Licensing
Response: Individual Licensing
Question 20
Which feature allows you to restrict applications on a server?
Response: Server lockdown
Question 21
You want to configure the login settings for all administrators to require two factors of
authentication. Which global setting do you enable?
Response: Multi-factor Authentication
Question 22
You want to prevent users from copying database files to USB drives without blocking
the use of all USB devices. Which policy do you need to configure?
Response: Peripheral Control
Question 23
What is the minimum administrative role that will allow a user to scan endpoints?
Response: Help Desk
Question 24
You want to change an action for 'confidential' content. Where in Sophos Central do
you make this change?
Response: In the Data Loss Prevention Rule
Question 25
What is the function of on-access scanning?
Response: Monitors running processes' behaviour
Question 26
TRUE or FALSE: You can search for a malicious item across your network using EDR
Response: TRUE
Question 27
What is the function of anti-exploit technology?
Response: To detect and stop compromised vulnerable applications
Question 28
Complete the sentence: Signature-based file scanning relies on…
Response: deep neural networks identifying specific characteristics
Question 29
What is the minimum administrative role that will allow a user to create and edit
policies?
Response: Admin
Question 30
Which 2 of the following does tamper protection prevent users from doing?
Response: Uninstalling the endpoint agent
Response: Modifying protection settings
Question 31
Which is the minimum administrative role that will allow a user access to view and edit
policies?
Response: Admin
Question 32
What is the Sophos recommended Active Directory sync interval?
Response: Once a day
Question 33
Which 2 components are required for protecting virtual environments?
Response: Security Virtual Machine (SVM)
Response: Guest Virtual Machine (GVM)
Question 34
TRUE or FALSE: Deleting an endpoint in Sophos Central will remove the Endpoint
agent from the endpoint.
Response: FALSE
Question 35
TRUE or FALSE: Tamper protection is enabled by default.
Response: TRUE
Question 36
When registering for a Sophos Central Trial, which of the following statements are
TRUE?
Response: You must use an email address that has not been used with Sophos Central
before
Question 37
Which 2 of the following does tamper protection prevent users from doing?
Response: Modifying protection settings
Response: Uninstalling the endpoint agent
Question 38
A Windows endpoint installation is failing. It is detecting competitor software. Which log
file do you check to investigate this issue?
Response: avremove.log
Question 39
What is the function of Web Control?
Response: To control access to websites based on their category
Question 40
Which Sophos Central manage product protects the data on a lost or stolen laptop?
Response: Encryption
Question 41
TRUE or FALSE: A Message Relay can be configured on a Server without an Update
Cache.
Response: FALSE
Question 42
What does HIPS do on a protected endpoint?
Response: Scans for potentially malicious behaviour
Question 43
Where can an administrator view the license management types in the Enterprise
Dashboard?
Response: Licensing
Question 44
Which report will give you information across all protected endpoints?
Response: Users report
Question 45
Which TCP port is used to communicate Updates on endpoints?
Response: 8191
Question 46
True or False: Multi-factor authentication is enabled by default for all Enterprise
Administrators.
Response: TRUE
Question 47
Complete the sentence: The Source of Infection clean up tool is a…
Response: Tool that identified where malicious files are written from
Question 48
Which endpoint protection policy block access to malicious websites?
Response: Web Control
Question 49
Which feature of Intercept X is designed to detect malware before it can execute?
Response: Exploit technique detection
Question 50
What is the function of Sophos Synchronized Security?
Response: To connect Sophos security solutions in real time
Question 51
What is the function of a Message Relay?
Response: To enable all devices to communicate all policy and reporting data using a
dedicated server on your network
Question 52
You have created a new policy. Which tab do you select to enable the policy?
Response: SETTINGS
Question 53
TRUE or FALSE: All Endpoints have the same tamper protection password.
Response: TRUE
Question 54
In which policy do you enable device isolation?
Question 55
TRUE or FALSE: Base policies can be disabled in Sophos Central.
Response: FALSE
Question 56
Which Sophos support tool do you use to find out the latest information about security
threats?
Response: Sophos Support
Question 57
Which of the following is a method of deploying endpoint protection?
Response: Download and run the installer from Sophos Central
Question 58
Which 2 components are required for protecting virtual environments?
Response: Security Virtual Machine (SVM)
Response: Guest Virtual Machine (GVM)
Question 59
What is the FIRST step you must take when deploying virtual environments?
Response: Check the system requirements
Question 60
Which log provides a record of all activities?
Response: Audit log
Question 61
You have cloned the threat protection base policy, applied the policy to a group and
saved it. When checking the endpoint, the policy changes have not taken effect. What
do you check in the policy?
Response: That the base policy is bypassed
Question 62
The option to stop the AutoUpdate service is greyed out in Windows Services. What is
the most likely reason for this?
Response: The service is corrupted
Question 63
How long are activities stored for in the Enterprise Dashboard?
Response: 90 days
Question 64
What is the function of an Update Cache?
Response: To enable all devices to communicate all policy and reporting data using a
dedicated server on your network
Question 65
What is the function of Data Loss Prevention?
Response: To monitor and restrict file transfers containing sensitive data
Question 66
Threat search results are split into which 2 of the following.
Response: Folders
Response: Files
Score: 0.17 out of 1
Question 67
Which TCP port is used to communicate policies to endpoints?
Response: 8190
Question 68
You have a suspicious file on your endpoint. Which tool do you use to quickly scan the
file?
Response: The full scan option on an endpoint
Question 69
Complete the sentence: The SAV32CLI clean-up tool is a…
Response: Command line tool included in Sophos Central installation
Question 70
Which is the minimum administrative role that will allow a user to view alerts and logs?
Response: Read Only
Question 71
TRUE or FALSE: The security VM installer is linked to your Sophos Central account.
Response: FALSE
Question 72
True or False: Marking an alert as acknowledge will resolve the threat on the endpoint.
Response: FALSE
Question 73
Which URL address do you use to login to Sophos Central Admin Console?
Response: central.sophos.com
Question 74
You want to mitigate exploits in vulnerable applications. Which policy do you enable the
features in?
Question 75
How do you access a managed Sophos Central account to resolve alerts for your
customer?
Response: Login using the Launch Sophos Central Admin button in the Partner
Dashboard
Question 76
True or False: You can choose to send email alerts immediately, hourly, daily or never.
Response: True
Question 77
Which endpoint protection policy protects users against malicious network traffic?
Question 78
How do users view quarantined emails and manage device encryption for their
protected endpoints?
Response: The Self-Service Portal
Question 79
You are detecting low-reputation files and want to change the reputation level from
recommended to strict. Which policy do you edit to make this change?
Response: Data Loss Prevention
Question 80
In which policy do you configure anti-virus scanning?
Question 81
Complete the following sentence: The default protection base policy is configured
with…
Response: Sophos' recommended settings
Question 82
You need to give a user access to change their protection settings in an emergency.
Which 2 of the following allow you to do this?
Response: Provide the user with the tamper protection password
Response: Give the user administrator rights to the endpoint
Question 83
True or False: Multi-factor authentication is enabled by default for all Enterprise
Administrators.
Response: TRUE
Question 84
You are unable to edit policies in Sophos Central. What do you check in Sophos
Central?
Response: That you have the correct role assigned
Question 85
What does tamper protection prevent a user from doing on their endpoint with Sophos
Central agent installed?
Response: Prevents a user from uninstalling the Sophos agent software
Question 86
TRUE or FALSE: All Endpoints have the same endpo password.
Response: FALSE
Question 87
Where in Sophos Central Admin Console can you enable remote assistance?
Response: Account Details
Question 88
Which 2 of the following are monitored when File Integrity Monitoring is enabled?
Response: Files
Response: Registry Entries
Question 89
Which is the minimum administrative role that will allow a user to view alerts, perform
updates and scan endpoints?
Response: Help Desk
Question 90
What is the recommended way to allow a new application to a locked down server?
Response: Add the path of the application to the server lockdown policy
Question 91
Which URL address do you use to login to Sophos Central Partner Dashboard?
Response: partnerportal.sophos.com
Question 92
Which dashboard allows you to manage and apply global settings to multiple Sophos
Central accounts?
Response: The Partner Dashboard
Question 93
True or False: The Sophos Central Partner Portal can be used to manage customers'
XG Firewalls.
Response: TRUE
Question 94
When protecting a Mac client, you must know the password of the administrator.
Response: TRUE
Question 95
Which is the function of Application Control?
Response: To block specific applications from running on protected endpoints
Question 96
You want to check an endpoint has received the latest policy updates from Sophos
Central. Which tab do you select in the Endpoint Self-Help tool to view the last
communication date and time?
Response: Management Communication
Question 97
What is the first step you must take when removing Sophos Endpoint Protection from a
Windows endpoint?
Response: Disable tamper protection in Sophos Central
Question 98
A malicious file has been detected on an endpoint and you want to prevent lateral
movement through your network. From the threat case, which action do you take?
Response: Isolate the computer
Question 99
Which of the following is a configuration option for setting the frequency of email alerts
from the Partner Dashboard?
Response: By Severity
Question 100
Which of the following alerts is categorized as a high alert?
Response: Failed to protect an endpoint
Question 101
For most detections, which clean-up process is used to clean up the detection?
Response: Automatic Clean Up
Question 102
Which dashboard allows you to view and apply global settings to multiple Sophos
Central Accounts?
Response: The Enterprise Dashboard
Question 103
Which endpoint protection policy do you edit to block users from visiting a specific
website category?
Response: Web Control
Question 104
Which detection feature can prevent attacks on the master boot record?
Response: WipeGuard

RETAAAAKEEEEEEE

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

RETAAAAKEEEEEEE

Uploaded by

Copyright:

Available Formats

Question 1

What is the function of Live Protection?

You might also like