SOPHOS TECHNICIAN UPDATED
ACTUAL Exam Questions and CORRECT
Answers
Read - CORRECT ANSWER - What permissions does the user need to connect to AD to
gather the user and group information?
True - CORRECT ANSWER - TRUE or FALSE: Only PE files can be restored from
SafeStore through the user interface.
Domain user - CORRECT ANSWER - What is the minimum type of user required to
connect to AD to gather the user and group information?
Global settings > Controlled Updates - CORRECT ANSWER - By default, computers get
the latest Sophos product updates automatically, where can an admin change this to allow control
over updates?
telnet dc.sophos.local 636 - CORRECT ANSWER - You want to test the default SSL
LDAP port for Active Directory synchronization. Enter the command you would use to verify
connectivity to a domain controller named dc.sophos.local. _____
%ProgramData%\sophos\sophos cloud AD sync\logs - CORRECT ANSWER - Where is
the AD sync log location?
nslookup - CORRECT ANSWER - The Central Admin Dashboard shows that none of
your endpoints are using one of your update caches. When pinging the update cache by name it
fails. What command do you use to investigate this further?
True - CORRECT ANSWER - TRUE or FALSE: Tamper Protection is enabled by default
in Sophos Central.
, (1) Sophos Endpoint Self Help
(2) Sophos Central - CORRECT ANSWER - Which 2 methods does Sophos provide that
will display the status of all Sophos services on Windows computers? Choose two (2).
The connection was blocked but the root cause has NOT been cleaned up - CORRECT
ANSWER - Which of the following statements is TRUE for a C2/Generic-C detection?
Active Directory Sync Utility - CORRECT ANSWER - Where do you check to see if the
AD sync schedule has been configured correctly?
Global Settings - CORRECT ANSWER - Where can the AD Sync tool be obtained from?
To detect man-in-the-middle attacks - CORRECT ANSWER - What is the function of
Safe Browsing in Intercept X?
(1) Program Data\Sophos\SafeStore
(2) Program Data\Sophos\Sophos Anti-Virus\SafeStore - CORRECT ANSWER - Where
can you find the SafeStore quarantine folders on a Windows Endpoint? Choose two (2).
Resolve and verify - CORRECT ANSWER - What is the third step of the troubleshooting
process?
(1) The threat was found in an archive
(2) The threat was found in a mailbox - CORRECT ANSWER - Which 2 of the following
are reasons why manual cleanup may be required? Choose two (2).
True - CORRECT ANSWER - TRUE or FALSE: You can recover the Tamper Protection
password for a deleted endpoint in Sophos Central.
ACTUAL Exam Questions and CORRECT
Answers
Read - CORRECT ANSWER - What permissions does the user need to connect to AD to
gather the user and group information?
True - CORRECT ANSWER - TRUE or FALSE: Only PE files can be restored from
SafeStore through the user interface.
Domain user - CORRECT ANSWER - What is the minimum type of user required to
connect to AD to gather the user and group information?
Global settings > Controlled Updates - CORRECT ANSWER - By default, computers get
the latest Sophos product updates automatically, where can an admin change this to allow control
over updates?
telnet dc.sophos.local 636 - CORRECT ANSWER - You want to test the default SSL
LDAP port for Active Directory synchronization. Enter the command you would use to verify
connectivity to a domain controller named dc.sophos.local. _____
%ProgramData%\sophos\sophos cloud AD sync\logs - CORRECT ANSWER - Where is
the AD sync log location?
nslookup - CORRECT ANSWER - The Central Admin Dashboard shows that none of
your endpoints are using one of your update caches. When pinging the update cache by name it
fails. What command do you use to investigate this further?
True - CORRECT ANSWER - TRUE or FALSE: Tamper Protection is enabled by default
in Sophos Central.
, (1) Sophos Endpoint Self Help
(2) Sophos Central - CORRECT ANSWER - Which 2 methods does Sophos provide that
will display the status of all Sophos services on Windows computers? Choose two (2).
The connection was blocked but the root cause has NOT been cleaned up - CORRECT
ANSWER - Which of the following statements is TRUE for a C2/Generic-C detection?
Active Directory Sync Utility - CORRECT ANSWER - Where do you check to see if the
AD sync schedule has been configured correctly?
Global Settings - CORRECT ANSWER - Where can the AD Sync tool be obtained from?
To detect man-in-the-middle attacks - CORRECT ANSWER - What is the function of
Safe Browsing in Intercept X?
(1) Program Data\Sophos\SafeStore
(2) Program Data\Sophos\Sophos Anti-Virus\SafeStore - CORRECT ANSWER - Where
can you find the SafeStore quarantine folders on a Windows Endpoint? Choose two (2).
Resolve and verify - CORRECT ANSWER - What is the third step of the troubleshooting
process?
(1) The threat was found in an archive
(2) The threat was found in a mailbox - CORRECT ANSWER - Which 2 of the following
are reasons why manual cleanup may be required? Choose two (2).
True - CORRECT ANSWER - TRUE or FALSE: You can recover the Tamper Protection
password for a deleted endpoint in Sophos Central.
