Sophos Engineer Exam Questions With 100% Correct Answers

Sophos Engineer E xam Questions With 100% Correct Answers You have cloned the threat protection base policy, applied the policy to a group and saved it. When checking the endpoint, the policy changes have not taken effect. What do you check in the policy - answer✔✔That the clone d policy has been enforced Which TCP port is used to communicate policies to endpoint? - answer✔✔8190 What is the function of an update cache? - answer✔✔To download updates from Sophos Central and store them on a dedicated server on your network Which of t he following is a method of deploying endpoint protection? - answer✔✔Download and run the installer from Sophos Central Which TCP port is used to communicate Updates on endpoint? - answer✔✔8191 A message relay can be configured on a Server without an Updat e Cache. - answer✔✔False When protecting a MAC client, you must know the password of the administrator. - answer✔✔True What is the function of live protection? - answer✔✔Connects to a cloud server to check for the latest information about a file Which is t he function of Application control? - answer✔✔To block specific applications from running on protected endpoints What is the function of Sophos Synchronized Security? - answer✔✔To connect Sophos security solutions in real time What is the function of Web C ontrol? - answer✔✔Control access to websites based on their category What is the function of anti -exploit technology? - answer✔✔To detect and stop compromised vulnerable applications Which feature of intercept X is designed to detect malware before it can execute? - answer✔✔Exploit technique detection You want to change an action for 'confidential' content. Where in Sophos Central do you make this change - answer✔✔Data loss prevention rule Base policies can be disabled in Sophos Central. - answer✔✔False You are detecting low -reputation files and want to change the reputation level from recommended to strict. Which policy do you edit to make this change? - answer✔✔Threat Protection Which endpoint protection policy protects users against malicious network traf fic? - answer✔✔Threat protection TRUE or FALSE: Tamper protection must be disabled before removing Endpoint protection. - answer✔✔True Which endpoint protection policy do you edit to block users from visiting a specific website category? - answer✔✔Web Cont rol Which endpoint protection policy block access to malicious websites? - answer✔✔Threat Protection TRUE or FALSE: All Endpoints have the same endpoint password. - answer✔✔False Which feature allows you to restrict application? - answer✔✔Application Contr ol What is the first step you must take when deploying virtual environments? - answer✔✔Check system requirement Server policies are only applied to .... - answer✔✔Servers or server group Which 2 of the following are monitored when File Integrity Monitoring is enabled? - answer✔✔Files and registry entries Which 2 components are required for protecting virtual environments? - answer✔✔SVM (Security Virtual Machine) & Guest Virtual Machine (GVM) A Windows endpoint installation is failing. It is detecting competitor software. Which log file do you check to investigate this issue? - answer✔✔Avremove.log Which log provides a record of all activities? - answer✔✔Audit log For most detections, which cle an-up process is used to clean up the detection? - answer✔✔Automatic Clean up A malicious file has been detected on an endpoint and you want to prevent lateral movement through your network. From the threat case, which action do you take? - answer✔✔Isolate the computer You want to check an endpoint has received the latest policy updates from Sophos Central. Which tab do you select in the Endpoint Self -Help tool to view the last communication date and time? - answer✔✔Management Communications