Sophos Central Overview Exam Questions & Answers Already Graded A+

Cloud based centralized management platform. It is a console for managing your Sophos products using a single interface with an intuitive dashboard. - Answer-Sophos Central A communication channel which can warn or alert centrally linked Sophos products when there has been an attack or suspected attack. - Answer-Sophos Security Heartbeat provides a detailed look into Sophos Central, it's development, deployment and maintenance as well as what data is collected, where it is stored and how data is protected. - Answer-Sophos Central Security Framework integrates anti-ransomware, application whitelisting, server lockdown and provides centralized management and security of your servers. - Answer-Server protection provides anti-malware protection to your endpoints across your network. It uses Intercept X. - AnswerEndpoint protection Endpoint three layers of security - Answer-Control, Pre-execution, Code execution is a unified endpoint management (UEM) and security solution that helps businesses spend less time and effort managing and securing traditional endpoint and mobile endpoints - Answer-Sophos mobile encrypts the data on the hard disk of an endpoint so that when the endpoint is stolen, the thief will not be able to access the data on the device. - Answer-Sophos data protection provides security and manageability for public cloud. - Answer-Sophos Cloud Optix · Full disk encryption · Prevent data loss · Configure encryption policy - Answer-Sophos Encryptionallows you to see which traffic is using your bandwidth to optimize the performance of your Wi-Fi and alert you to potential unwanted use of your resources. - Answer-Sophos Wireless is an advanced and comprehensive network security device that helps expose hidden risks, block unknown threats and will automatically respond to incidents. · Provides visibility of activities on your network · Detects risky activities and suspicious traffic - Answer-XG Firewall protects devices from malicious attacks that re able to bypass traditional anti-virus solutions. Typically, these threats are zero-day and ransomware. - Answer-Intercept X educates and test your end users through automated attack simulations, quality security awareness training and actionable reporting metrics. - Answer-Sophos Phish Threat keeps your users and business safe with instant protection from advanced threats. Our default setting provides anti-spam and anti-malware protection. - Answer-Sophos Email Gateway display info. For user and endpoints, detailing whether they have the Sophos agent installed or the user is associated with a protected endpoint. - Answer-Devices and users: summary provides an overview of your web control statistics. Split into four categories of Web threats blocked, Policy violations blocked, Policy warnings issued and Policy warnings proceeded - Answer-Endpoint and server web control allows you to view threat information at a glance. - Answer-Threat analysis dashboard The dashboard consists of three areas - Answer-Dashboard, Threat Cases and Threat Searches has access to everything in Sophos Central. This role is unable to be edited or deleted. - Answer-Super Adminhas access to almost everything, apart from the ability to manage roles and role assignments. - AnswerAdmin allows read only access for all settings in Sophos Central · Able to look at sensitive logs and reports · receive and clear alerts · update the Sophos agent software on an endpoint and scan endpoints. Does not allow a user to assign policies or change settings - Answer-Help Desk · only access for all settings in Sophos Central · can look at sensitive logs and reports and receive alerts · They can't manage role and role assignments. - Answer-Read only Allows users to protect their own devices, view quarantined emails and manage their device encryption. - Answer-Self Service Portal Displays the date of the last synchronization cycle, how many users and groups have been synchronized and the current settings - Answer-AD Sync Settings View and manage administrator roles - Answer-Role Management Integrate SIEM solutions allowing the retrieval of event and alert data from Sophos Central - Answer-API Token Mangement Allows users to sign in to Sophos Central and SSP using their Microsoft sign-in credentials - AnswerFederated sign-in Register firewalls to enable security heartbeat which can assist with managing endpoint health - AnswerRegistered Firewall Appliances · Password protects the protection settings for Sophos· Enabled by Default · Can be enabled/disable per device in the device details page - Answer-Tamper protection · Allows you to extend the website filtering · Control websites that are not in the Sophos categories · Tag websites to put them into groups · Override the Sophos category for a site - Answer-Website management · Enable devices to connect to Sophos or download Sophos software updates through a proxy server - Answer-Proxy Configuration · Exclude files, websites and applications from scanning for threats · Exclusions will apply to all your users and servers · Excluded items will still be checked for exploits - Answer-Scanning Exclusions · Lists applications that you have allowed to run on your endpoint computers · Displays where the application was originally detected · Displays how to application was allowed - Answer-Allowed Applications · Lists blocked applications · Allows you to add an application to block based on SHA-2526 hash · Only available if you have intercept X advanced with EDR - Answer-Blocked Items · Set a custom bandwidth usage limit for endpoints and servers · The limit is enforced when the endpoints download Sophos software and threat detection updates · Sophos sets frequency of data updates to minimize bandwidth usage - Answer-Bandwidth Usage Automates detection, isolation, and remediation results, this enables attacks to be neutralized in secondsMonitors outbound email - Answer-Synchronized Security · Management of multiple Sophos Center Admin account · Enables distributed security management · 5000 endpoint devices per sub-state (region) · allows you to view and apply global settings to multiple Sophos Central Accounts. - Answer-Enterprise Dashboard · Allows action on customer alerts · A websed management tool for customer licenses, accounts, security, support, global policy configuration and control - Answer-Partner Dashboard is mandatory for Sophos Enterprise and is automatically enabled provides an additional layer of security - Answer-Multi-factor Authentication Sophos email blocks ______% of spam at gateway and leverages SophosLabs threat intelligence to identify malicious emails. - Answer-99% detects that a mailbox is compromised and is being used to send outbound spam emails. Isolates the mailbox and shares the status via the Security Heartbeat. - Answer-Sophos Email denies attackers by blocking the exploits and techniques used to distribute malware, steal credentials and escape detection. Has over 25 different anti-exploit and active adversary techniques. - Answer-Intercept X monitors HTTP traffic for signs for connectivity to known bd URLs such as C2C. If the traffic is detected, its an early indicator that - Answer-Malicious Traffic Detectiontab contains an overview of recent events, devices, mailboxes, groups and logins - Answer-Summary tab displays all of the devices the user has associated to them. - Answer-Devices tab displays all of the events logged for the user - Answer-Events tab displays the policies that apply to the user. - Answer-Policies tab An online resource that allows you to manage opportunities, renewals and register deals Includes training and certification links, access to sales and marketing tools and resources. - AnswerSophos Partner Portal allows you to manage your customer licenses for central products. enables you to mange multiple customer security settings, setting global policies. remotely access your customer sophos central admin consoles - Answer-Central Partner Dashboard URL to access the Central Partner Dashboard - A URL to access Central Partner Dashboard directly - A Where in Sophos Central Admin Console can you enable remote assistance? - Answer-Account Details The minimum administrative role that will allow a user access to view and edit policies - Answer-Admin How long are activities stored for in the Enterprise Dashboard - Answer-90 daysTwo ways to license Enterprise Dashboard - Answer-Master Licensing and Individual Licensing Minimum administrative role that will allow a user to view alerts and logs - Answer-Read-only What is the Sophos recommended Active Directory sync interval? - Answer-Once a day Minimum administrative role that will allow a user to scan endpoints administrative role that will allow a user to view alerts, perform updates and scan endpoints. - AnswerHelp Desk You can choose to send email alerts immediately, hourly, daily or never. - Answer-True URL do you use to login to Sophos Central Admin Console - A Which Sophos Central manage product protects the data on a lost or stolen laptop - Answer-Encryption You have created a new policy tab you select to enable policy - Answer-Policy Enforced