Sophos Engineer Exam Questions With 100% Correct Answers

Sophos Engineer Exam Questions With 100% Correct Answers You have cloned the threat protection base policy, applied the policy to a group and saved it. When checking the endpoint, the policy changes have not taken effect. What do you check in the policy - answerThat the cloned policy has been enforced Which TCP port is used to communicate policies to endpoint? - answer8190 What is the function of an update cache? - answerTo download updates from Sophos Central and store them on a dedicated server on your network Which of the following is a method of deploying endpoint protection? - answerDownload and run the installer from Sophos Central Which TCP port is used to communicate Updates on endpoint? - answer8191 A message relay can be configured on a Server without an Update Cache. - answerFalse When protecting a MAC client, you must know the password of the administrator. - answerTrue What is the function of live protection? - answerConnects to a cloud server to check for the latest information about a file Which is the function of Application control? - answerTo block specific applications from running on protected endpoints What is the function of Sophos Synchronized Security? - answerTo connect Sophos security solutions in real time What is the function of Web Control? - answerControl access to websites based on their category What is the function of anti-exploit technology? - answerTo detect and stop compromised vulnerable applications Which feature of intercept X is designed to detect malware before it can execute? - answerExploit technique detection You want to change an action for 'confidential' content. Where in Sophos Central do you make this change - answerData loss prevention rule Base policies can be disabled in Sophos Central. - answerFalse You are detecting low-reputation files and want to change the reputation level from recommended to strict. Which policy do you edit to make this change? - answerThreat Protection Which endpoint protection policy protects users against malicious network traffic? - answerThreat protection TRUE or FALSE: Tamper protection must be disabled before removing Endpoint protection. - answerTrue Which endpoint protection policy do you edit to block users from visiting a specific website category? - answerWeb Control Which endpoint protection policy block access to malicious websites? - answerThreat Protection TRUE or FALSE: All Endpoints have the same endpoint password. - answerFalse Which feature allows you to restrict application? - answerApplication Control What is the first step you must take when deploying virtual environments? - answerCheck system requirement Server policies are only applied to .... - answerServers or server group Which 2 of the following are monitored when File Integrity Monitoring is enabled? - answerFiles and registry entries Which 2 components are required for protecting virtual environments? - answerSVM (Security Virtual Machine) & Guest Virtual Machine (GVM) A Windows endpoint installation is failing. It is detecting competitor software. Which log file do you check to investigate this issue? - answerA Which log provides a record of all activities? - answerAudit log For most detections, which clean-up process is used to clean up the detection? - answerAutomatic Clean up A malicious file has been detected on an endpoint and you want to prevent lateral movement through your network. From the threat case, which action do you take? - answerIsolate the computer You want to check an endpoint has received the latest policy updates from Sophos Central. Which tab do you select in the Endpoint Self-Help tool to view the last communication date and time? - answerManagement Communications