Sophos engineer exam UPDATED ACTUAL
Exam Questions and CORRECT Answers
That the cloned policy has been enforced - CORRECT ANSWER - You have cloned the
threat protection base policy, applied the policy to a group and saved it. When checking the
endpoint, the policy changes have not taken effect. What do you check in the policy
8190 - CORRECT ANSWER - Which TCP port is used to communicate policies to
endpoint?
To download updates from Sophos Central and store them on a dedicated server on your network
- CORRECT ANSWER - What is the function of an update cache?
Download and run the installer from Sophos Central - CORRECT ANSWER - Which of
the following is a method of deploying endpoint protection?
8191 - CORRECT ANSWER - Which TCP port is used to communicate Updates on
endpoint?
False - CORRECT ANSWER - A message relay can be configured on a Server without an
Update Cache.
True - CORRECT ANSWER - When protecting a MAC client, you must know the
password of the administrator.
Connects to a cloud server to check for the latest information about a file - CORRECT
ANSWER - What is the function of live protection?
To block specific applications from running on protected endpoints - CORRECT
ANSWER - Which is the function of Application control?
, To connect Sophos security solutions in real time - CORRECT ANSWER - What is the
function of Sophos Synchronized Security?
Control access to websites based on their category - CORRECT ANSWER - What is the
function of Web Control?
To detect and stop compromised vulnerable applications - CORRECT ANSWER - What is
the function of anti-exploit technology?
Exploit technique detection - CORRECT ANSWER - Which feature of intercept X is
designed to detect malware before it can execute?
Data loss prevention rule - CORRECT ANSWER - You want to change an action for
'confidential' content. Where in Sophos Central do you make this change
False - CORRECT ANSWER - Base policies can be disabled in Sophos Central.
Threat Protection - CORRECT ANSWER - You are detecting low-reputation files and
want to change the reputation level from recommended to strict. Which policy do you edit to
make this change?
Threat protection - CORRECT ANSWER - Which endpoint protection policy protects
users against malicious network traffic?
True - CORRECT ANSWER - TRUE or FALSE: Tamper protection must be disabled
before removing Endpoint protection.
Web Control - CORRECT ANSWER - Which endpoint protection policy do you edit to
block users from visiting a specific website category?
Exam Questions and CORRECT Answers
That the cloned policy has been enforced - CORRECT ANSWER - You have cloned the
threat protection base policy, applied the policy to a group and saved it. When checking the
endpoint, the policy changes have not taken effect. What do you check in the policy
8190 - CORRECT ANSWER - Which TCP port is used to communicate policies to
endpoint?
To download updates from Sophos Central and store them on a dedicated server on your network
- CORRECT ANSWER - What is the function of an update cache?
Download and run the installer from Sophos Central - CORRECT ANSWER - Which of
the following is a method of deploying endpoint protection?
8191 - CORRECT ANSWER - Which TCP port is used to communicate Updates on
endpoint?
False - CORRECT ANSWER - A message relay can be configured on a Server without an
Update Cache.
True - CORRECT ANSWER - When protecting a MAC client, you must know the
password of the administrator.
Connects to a cloud server to check for the latest information about a file - CORRECT
ANSWER - What is the function of live protection?
To block specific applications from running on protected endpoints - CORRECT
ANSWER - Which is the function of Application control?
, To connect Sophos security solutions in real time - CORRECT ANSWER - What is the
function of Sophos Synchronized Security?
Control access to websites based on their category - CORRECT ANSWER - What is the
function of Web Control?
To detect and stop compromised vulnerable applications - CORRECT ANSWER - What is
the function of anti-exploit technology?
Exploit technique detection - CORRECT ANSWER - Which feature of intercept X is
designed to detect malware before it can execute?
Data loss prevention rule - CORRECT ANSWER - You want to change an action for
'confidential' content. Where in Sophos Central do you make this change
False - CORRECT ANSWER - Base policies can be disabled in Sophos Central.
Threat Protection - CORRECT ANSWER - You are detecting low-reputation files and
want to change the reputation level from recommended to strict. Which policy do you edit to
make this change?
Threat protection - CORRECT ANSWER - Which endpoint protection policy protects
users against malicious network traffic?
True - CORRECT ANSWER - TRUE or FALSE: Tamper protection must be disabled
before removing Endpoint protection.
Web Control - CORRECT ANSWER - Which endpoint protection policy do you edit to
block users from visiting a specific website category?
