Sophos Engineer ET80 - Sophos Firewall Overview Final
Exam 2025 update|comprehensive questions and verified
answers (complete solutions) GRADE A+!!
What is Zero Trust? - ✔✔ANSW✔✔..It is the mindset of don't
trust anything verify everything
What is ZTNA? - ✔✔ANSW✔✔..Sophos's Zero Trust Network
Access
What is Sophos Zero-Day Protection? - ✔✔ANSW✔✔..Sophos
Zero Day protection uses Hash files created when a Sophos
Firewall scans an attachment with an executable. The hash file is
then sent to the cloud database for review, and Firewall will then
either block or allow it depending if it is deemed save or
malicious. Zero-Day protection will also send in depth reports
on all attack events as configured.
What happens when Sophos Zero-Day Protection reviews a hash
file it hasn't seen before? - ✔✔ANSW✔✔..The a copy of the
suspicious file is sent to Sophos where it is opened in a sandbox
environment and monitored. Once analysed, the threat
intelligence is sent to the firewall where it is either blocked or
allowed depending. A report is then created for the threat
incident.
, How does Sophos Deep Learning work? -
✔✔ANSW✔✔..Millions of samples of both good and bad files
are fed to the model, and each feature of the file is defined then
labelled, such as Size, Vendor and Printable settings. This model
is then used to review the suspicious file to recognise and
predict if it is malicious or legitimate
What is Application control? - ✔✔ANSW✔✔..This is a service
used to reduce the attack surface by restricting what applications
are allowed
What is Synchronized App control? - ✔✔ANSW✔✔..Sophos
Firewall sees app traffic that does not match a signature, but
Sophos Endpoint shares the app name, path and category to the
Sophos firewall for classification, so the firewall can categorise
and control traffic
What happens in the Exploitation Phase of the Attack Kill
Chain? - ✔✔ANSW✔✔..The use of a vulnerability to execute
code on the victims machine
What types of attacks are used to exploit Web Servers? -
✔✔ANSW✔✔..XSS, SQL Injection, Protocol Violations and
Cross Site Scripting
How does Sophos Web Server Protection work? -
✔✔ANSW✔✔..It use pre-configured templates to protect Web
Servers. It works as a reverse proxy in the DMZ for inbound
traffic. It uses a Web Application firewall to filter traffic, sign
Exam 2025 update|comprehensive questions and verified
answers (complete solutions) GRADE A+!!
What is Zero Trust? - ✔✔ANSW✔✔..It is the mindset of don't
trust anything verify everything
What is ZTNA? - ✔✔ANSW✔✔..Sophos's Zero Trust Network
Access
What is Sophos Zero-Day Protection? - ✔✔ANSW✔✔..Sophos
Zero Day protection uses Hash files created when a Sophos
Firewall scans an attachment with an executable. The hash file is
then sent to the cloud database for review, and Firewall will then
either block or allow it depending if it is deemed save or
malicious. Zero-Day protection will also send in depth reports
on all attack events as configured.
What happens when Sophos Zero-Day Protection reviews a hash
file it hasn't seen before? - ✔✔ANSW✔✔..The a copy of the
suspicious file is sent to Sophos where it is opened in a sandbox
environment and monitored. Once analysed, the threat
intelligence is sent to the firewall where it is either blocked or
allowed depending. A report is then created for the threat
incident.
, How does Sophos Deep Learning work? -
✔✔ANSW✔✔..Millions of samples of both good and bad files
are fed to the model, and each feature of the file is defined then
labelled, such as Size, Vendor and Printable settings. This model
is then used to review the suspicious file to recognise and
predict if it is malicious or legitimate
What is Application control? - ✔✔ANSW✔✔..This is a service
used to reduce the attack surface by restricting what applications
are allowed
What is Synchronized App control? - ✔✔ANSW✔✔..Sophos
Firewall sees app traffic that does not match a signature, but
Sophos Endpoint shares the app name, path and category to the
Sophos firewall for classification, so the firewall can categorise
and control traffic
What happens in the Exploitation Phase of the Attack Kill
Chain? - ✔✔ANSW✔✔..The use of a vulnerability to execute
code on the victims machine
What types of attacks are used to exploit Web Servers? -
✔✔ANSW✔✔..XSS, SQL Injection, Protocol Violations and
Cross Site Scripting
How does Sophos Web Server Protection work? -
✔✔ANSW✔✔..It use pre-configured templates to protect Web
Servers. It works as a reverse proxy in the DMZ for inbound
traffic. It uses a Web Application firewall to filter traffic, sign
