Sophos ET80 - Sophos Firewall Deployment
Part 2 UPDATED ACTUAL Exam
Questions and CORRECT Answers
What are the 5 supported virtualisation platforms for Sophos OS? - CORRECT
ANSWER - Hyper-V, VMware, KVM, Citrix Hypervisor and Nutanix Prism
What scenario would Sophos Firewall be deployed in Gateway mode? - CORRECT
ANSWER - Port A is configured for LAN, port B is configured for WAN and Port C is
configured for DMZ. This means that any threats trying to get to the LAN or DMZ will be
blocked by the firewall
What scenario would Sophos Firewall be deployed in Bridge mode? - CORRECT
ANSWER - When the Sophos is installed behind an existing firewall that only deals with
WAN connectivity and the Sophos is configured for LAN and DMZ. This provides additional
protection that isn't provided by the existing firewall, such as Sophos's Synchronized security,
IPS or ATP services
What is Bridge mode also known as? - CORRECT ANSWER - Transparent or In-line
mode
What scenario would Sophos firewall be deployed in Discover mode? - CORRECT
ANSWER - When a Sophos firewall is used behind the existing firewall to evaluating the
additional security capabilities it provides without making changes to the current infrastructure.
It would be connected to a port on the switch which would have port mirroring enabled and a
copy of all data following through passed to the Sophos for evaluation. It cannot influence live
traffic but provide security reports
What are the 4 most common ways a Sophos Firewall can be deployed? - CORRECT
ANSWER - Default gateway mode, bridge mode, web server protection and discover
mode
Part 2 UPDATED ACTUAL Exam
Questions and CORRECT Answers
What are the 5 supported virtualisation platforms for Sophos OS? - CORRECT
ANSWER - Hyper-V, VMware, KVM, Citrix Hypervisor and Nutanix Prism
What scenario would Sophos Firewall be deployed in Gateway mode? - CORRECT
ANSWER - Port A is configured for LAN, port B is configured for WAN and Port C is
configured for DMZ. This means that any threats trying to get to the LAN or DMZ will be
blocked by the firewall
What scenario would Sophos Firewall be deployed in Bridge mode? - CORRECT
ANSWER - When the Sophos is installed behind an existing firewall that only deals with
WAN connectivity and the Sophos is configured for LAN and DMZ. This provides additional
protection that isn't provided by the existing firewall, such as Sophos's Synchronized security,
IPS or ATP services
What is Bridge mode also known as? - CORRECT ANSWER - Transparent or In-line
mode
What scenario would Sophos firewall be deployed in Discover mode? - CORRECT
ANSWER - When a Sophos firewall is used behind the existing firewall to evaluating the
additional security capabilities it provides without making changes to the current infrastructure.
It would be connected to a port on the switch which would have port mirroring enabled and a
copy of all data following through passed to the Sophos for evaluation. It cannot influence live
traffic but provide security reports
What are the 4 most common ways a Sophos Firewall can be deployed? - CORRECT
ANSWER - Default gateway mode, bridge mode, web server protection and discover
mode
