Sophos ET80 - TLS Decryption On Sophos Firewall: :
Questions With A+ Solutions
What 3 action types can be configured in a TLS inspection rule? Right Ans -
Decrypt, Do not decrypt and Deny
What objects can the TLS Inspection rule be applied to? Right Ans - Source
Zones, Networks and devices, and Users and Groups.
Destination Zones, Networks and Services.
Websites, and Website categories
What can be found in the SSL/TLS inspection settings? Right Ans - The
default options for resigning CA's, Non-decryptable traffic and TLS 1.3
compatibility
What is a Decryption profile Right Ans - A decryption profile is a collection
of settings that are applied by a rule-by-rule basis
What can be configured in a decryption profile? Right Ans - Non-default
options for re-signing CA's and handling Non-decryptable traffic
What are the 3 default Decryption profiles? Right Ans - Block insecure,
Maximum Compatibility, and Strict Compliance
What is the Block Insecure default Decryption profile used for? Right Ans -
Blocks known weak protocols and ciphers
What is the Maximum Compatibility Default Profile used for? Right Ans -
The most relaxed profile, and is used to make sure restrictions do not cause
any unexpected problems. It does not enforce certificate validation or cipher
restrictions
What is the Strict compliance default Decryption profile used for? Right
Ans - For people who need to meet stricter compliance standards such as PCI
Where would you configure which cipher algorithms to block? Right Ans -
Decryption profile
Questions With A+ Solutions
What 3 action types can be configured in a TLS inspection rule? Right Ans -
Decrypt, Do not decrypt and Deny
What objects can the TLS Inspection rule be applied to? Right Ans - Source
Zones, Networks and devices, and Users and Groups.
Destination Zones, Networks and Services.
Websites, and Website categories
What can be found in the SSL/TLS inspection settings? Right Ans - The
default options for resigning CA's, Non-decryptable traffic and TLS 1.3
compatibility
What is a Decryption profile Right Ans - A decryption profile is a collection
of settings that are applied by a rule-by-rule basis
What can be configured in a decryption profile? Right Ans - Non-default
options for re-signing CA's and handling Non-decryptable traffic
What are the 3 default Decryption profiles? Right Ans - Block insecure,
Maximum Compatibility, and Strict Compliance
What is the Block Insecure default Decryption profile used for? Right Ans -
Blocks known weak protocols and ciphers
What is the Maximum Compatibility Default Profile used for? Right Ans -
The most relaxed profile, and is used to make sure restrictions do not cause
any unexpected problems. It does not enforce certificate validation or cipher
restrictions
What is the Strict compliance default Decryption profile used for? Right
Ans - For people who need to meet stricter compliance standards such as PCI
Where would you configure which cipher algorithms to block? Right Ans -
Decryption profile
