Sophos engineer Exam A With Complete Solutions!!

You have cloned the threat protection base policy, applied the policy to a group and saved it. When checking the endpoint, the policy changes have not taken effect. What do you check in the policy - Answer-That the cloned policy has been enforced Which TCP port is used to communicate policies to endpoint? - Answer-8190 What is the function of an update cache? - Answer-To download updates from Sophos Central and store them on a dedicated server on your network Which of the following is a method of deploying endpoint protection? - Answer-Download and run the installer from Sophos Central Which TCP port is used to communicate Updates on endpoint? - Answer-8191 A message relay can be configured on a Server without an Update Cache. - Answer-False When protecting a MAC client, you must know the password of the administrator. - Answer-True What is the function of live protection? - Answer-Connects to a cloud server to check for the latest information about a file Which is the function of Application control? - Answer-To block specific applications from running on protected endpoints What is the function of Sophos Synchronized Security? - Answer-To connect Sophos security solutions in real time What is the function of Web Control? - Answer-Control access to websites based on their categoryWhat is the function of anti-exploit technology? - Answer-To detect and stop compromised vulnerable applications Which feature of intercept X is designed to detect malware before it can execute? - Answer-Exploit technique detection You want to change an action for 'confidential' content. Where in Sophos Central do you make this change - Answer-Data loss prevention rule Base policies can be disabled in Sophos Central. - Answer-False You are detecting low-reputation files and want to change the reputation level from recommended to strict. Which policy do you edit to make this change? - Answer-Threat Protection Which endpoint protection policy protects users against malicious network traffic? - Answer-Threat protection TRUE or FALSE: Tamper protection must be disabled before removing Endpoint protection. - Answer-True Which endpoint protection policy do you edit to block users from visiting a specific website category? - Answer-Web Control Which endpoint protection policy block access to malicious websites? - Answer-Threat Protection TRUE or FALSE: All Endpoints have the same endpoint password. - Answer-False Which feature allows you to restrict application? - Answer-Application Control What is the first step you must take when deploying virtual environments? - Answer-Check system requirementServer policies are only applied to .... - Answer-Servers or server group Which 2 of the following are monitored when File Integrity Monitoring is enabled? - Answer-Files and registry entries Which 2 components are required for protecting virtual environments? - Answer-SVM (Security Virtual Machine) & Guest Virtual Machine (GVM) A Windows endpoint installation is failing. It is detecting competitor software. Which log file do you check to investigate this issue? - Answer-A Which log provides a record of all activities? - Answer-Audit log