Sophos Technician UPDATED ACTUAL
Exam Questions and CORRECT Answers
Global Settings - CORRECT ANSWER - Where can the AD Sync tool be obtained from?
The connection was blocked but the root cause has NOT been cleaned up - CORRECT
ANSWER - Which of the following statements is TRUE for a C2/Generic-C detection?
Update > Update configuration - CORRECT ANSWER - Where in the Endpoint Self Help
Tool will show if an endpoint is using a proxy for updating?
DC=SOPHOS,DC=LOCAL - CORRECT ANSWER - When configuring AD
synchronization, what location was defined by default in filters under the User Discovery Filters
tab?
ping 172.16.2.20 - CORRECT ANSWER - Enter the command you would use to test IP
network connectivity to the address 172.16.2.20. _____
Tamper Protection - CORRECT ANSWER - Which feature would protect the Sophos
installation from becoming disabled by malware?
389 - CORRECT ANSWER - AD Sync is not working, you have successfully pinged the
DC by both name and IP address. Which port do you use with telnet to confirm the LDAP port is
accessible?
netsh winhttp reset proxy - CORRECT ANSWER - Enter the command you would use to
remove the currently configured system proxy.
%ProgramData%\Sophos\CloudInstaller\Logs - CORRECT ANSWER - Where is the
'SophosCloudInstaller_<time_and_date_stamp>.log' found?
, To prevent malicious behavior in software - CORRECT ANSWER - What is the function
of application lockdown in Intercept X?
Virus Removal tool - CORRECT ANSWER - Which of these cleanup tools will scan for
root kits?
Domain user - CORRECT ANSWER - What is the minimum type of user required to
connect to AD to gather the user and group information?
True - CORRECT ANSWER - TRUE or FALSE: Sophos recommends disabling HTTPS
inspection for Sophos updating traffic.
Sophos Intercept X - CORRECT ANSWER - On a Windows computer, which component
logs information to the 'Sophos.log' file?
nslookup - CORRECT ANSWER - The Central Admin Dashboard shows that none of
your endpoints are using one of your update caches. When pinging the update cache by name it
fails. What command do you use to investigate this further?
Resolve and verify - CORRECT ANSWER - What is the third step of the troubleshooting
process?
Global settings > Controlled Updates - CORRECT ANSWER - By default, computers get
the latest Sophos product updates automatically, where can an admin change this to allow control
over updates?
SHA-256
The file paths
The certificate - CORRECT ANSWER - In which 3 ways can you allow a quarantined file
to be restored?
Exam Questions and CORRECT Answers
Global Settings - CORRECT ANSWER - Where can the AD Sync tool be obtained from?
The connection was blocked but the root cause has NOT been cleaned up - CORRECT
ANSWER - Which of the following statements is TRUE for a C2/Generic-C detection?
Update > Update configuration - CORRECT ANSWER - Where in the Endpoint Self Help
Tool will show if an endpoint is using a proxy for updating?
DC=SOPHOS,DC=LOCAL - CORRECT ANSWER - When configuring AD
synchronization, what location was defined by default in filters under the User Discovery Filters
tab?
ping 172.16.2.20 - CORRECT ANSWER - Enter the command you would use to test IP
network connectivity to the address 172.16.2.20. _____
Tamper Protection - CORRECT ANSWER - Which feature would protect the Sophos
installation from becoming disabled by malware?
389 - CORRECT ANSWER - AD Sync is not working, you have successfully pinged the
DC by both name and IP address. Which port do you use with telnet to confirm the LDAP port is
accessible?
netsh winhttp reset proxy - CORRECT ANSWER - Enter the command you would use to
remove the currently configured system proxy.
%ProgramData%\Sophos\CloudInstaller\Logs - CORRECT ANSWER - Where is the
'SophosCloudInstaller_<time_and_date_stamp>.log' found?
, To prevent malicious behavior in software - CORRECT ANSWER - What is the function
of application lockdown in Intercept X?
Virus Removal tool - CORRECT ANSWER - Which of these cleanup tools will scan for
root kits?
Domain user - CORRECT ANSWER - What is the minimum type of user required to
connect to AD to gather the user and group information?
True - CORRECT ANSWER - TRUE or FALSE: Sophos recommends disabling HTTPS
inspection for Sophos updating traffic.
Sophos Intercept X - CORRECT ANSWER - On a Windows computer, which component
logs information to the 'Sophos.log' file?
nslookup - CORRECT ANSWER - The Central Admin Dashboard shows that none of
your endpoints are using one of your update caches. When pinging the update cache by name it
fails. What command do you use to investigate this further?
Resolve and verify - CORRECT ANSWER - What is the third step of the troubleshooting
process?
Global settings > Controlled Updates - CORRECT ANSWER - By default, computers get
the latest Sophos product updates automatically, where can an admin change this to allow control
over updates?
SHA-256
The file paths
The certificate - CORRECT ANSWER - In which 3 ways can you allow a quarantined file
to be restored?
