SOPHOS Certified Engineer Exam Questions With Verified
Answers Graded A+
Which TCP port is used to communicate policies ANSWER -Check the system requirements
to endpoints? - ANSWER -8190
You want to prevent users from copying
Which Sophos Central manage product protects database files to USB drives without blocking the
the data on a lost or stolen laptop? - use of all USB devices. Which policy do you need
ANSWER -Encryption to configure? - ANSWER -Data Loss
Prevention
The option to stop the AutoUpdate service is
greyed out in Windows Services. What is the TRUE or FALSE: You can search for a malicious
most likely reason for this? - ANSWER - item across your network using EDR -
Tamper Protection is enabled ANSWER -TRUE
Complete the sentence: Signature-based file Which log provides a record of all activities? -
scanning relies on... - ANSWER -previously ANSWER -Audit log
detected malware characteristics
What is the function of anti-exploit technology? -
TRUE or FALSE: Tamper protection is enabled ANSWER -To detect and stop
by default. - ANSWER -TRUE compromised vulnerable applications
You are unable to edit policies in Sophos Complete the sentence: The SAV32CLI clean-up
Central. What do you check in Sophos Central? - tool is a... - ANSWER -Command line tool
ANSWER -That you have the correct role included in Sophos Central installation
assigned
When registering for a Sophos Central Trial,
Which URL address do you use to login to which of the following statements are TRUE? -
Sophos Central Partner Dashboard? - ANSWER -You must use an email address
ANSWER -partnerportal.sophos.com that has not been used with Sophos Central
before
You are detecting low-reputation files and want
to change the reputation level from Which tab on the device details page displays the
recommended to strict. Which policy do you edit tamper protection information? - ANSWER -
to make this change? - ANSWER -Threat SUMMARY
Protection
What is the function of Live Protection? -
What is the FIRST step you must take when ANSWER -Connects to a cloud server to
deploying virtual environments? -
1/7
, SOPHOS Certified Engineer Exam Questions With Verified
Answers Graded A+
check for the latest information about a file
Which TCP port is used to communicate Updates
How long are activities stored for in the on endpoints? - ANSWER -8191
Enterprise Dashboard? - ANSWER -90
days
TRUE or FALSE: The security VM installer is
linked to your Sophos Central account. -
What is the function of an Update Cache? - ANSWER -FALSE
ANSWER -To download updates from
Sophos Central and store them on a dedicated
server on your network TRUE or FALSE: You can deploy an update
cache without a Message Relay. -
ANSWER -TRUE
What is the function of on-access scanning? -
ANSWER -Monitors running processes'
behavior You want to change an action for 'confidential'
content. Where in Sophos Central do you make
this change? - ANSWER -In the Data Loss
Which of the following alerts is categorized as a Prevention Rule
high alert? - ANSWER -Failed to protect an
endpoint
What does HIPS do on a protected endpoint? -
ANSWER -Scans for potentially malicious
Which dashboard allows you to manage and behaviour
apply global settings to multiple Sophos Central
accounts? - ANSWER -The Partner
Dashboard You have cloned the threat protection base
policy, applied the policy to a group and saved it.
When checking the endpoint, the policy changes
Which detection feature can prevent attacks on have not taken effect. What do you check in the
the master boot record? - ANSWER - policy? - ANSWER -That the cloned policy
WipeGuard has been enforced
What is the function of a Message Relay? - In which 2 ways can you license the Enterprise
ANSWER -To enable all devices to Dashboard? - ANSWER -(1) Master
communicate all policy and reporting data using Licensing
a dedicated server on your network (2) Individual Licensing
True or False: Marking an alert as acknowledge What is the minimum administrative role that will
will resolve the threat on the endpoint. - allow a user to create and edit policies? -
ANSWER -FALSE ANSWER -Admin
2/7
Answers Graded A+
Which TCP port is used to communicate policies ANSWER -Check the system requirements
to endpoints? - ANSWER -8190
You want to prevent users from copying
Which Sophos Central manage product protects database files to USB drives without blocking the
the data on a lost or stolen laptop? - use of all USB devices. Which policy do you need
ANSWER -Encryption to configure? - ANSWER -Data Loss
Prevention
The option to stop the AutoUpdate service is
greyed out in Windows Services. What is the TRUE or FALSE: You can search for a malicious
most likely reason for this? - ANSWER - item across your network using EDR -
Tamper Protection is enabled ANSWER -TRUE
Complete the sentence: Signature-based file Which log provides a record of all activities? -
scanning relies on... - ANSWER -previously ANSWER -Audit log
detected malware characteristics
What is the function of anti-exploit technology? -
TRUE or FALSE: Tamper protection is enabled ANSWER -To detect and stop
by default. - ANSWER -TRUE compromised vulnerable applications
You are unable to edit policies in Sophos Complete the sentence: The SAV32CLI clean-up
Central. What do you check in Sophos Central? - tool is a... - ANSWER -Command line tool
ANSWER -That you have the correct role included in Sophos Central installation
assigned
When registering for a Sophos Central Trial,
Which URL address do you use to login to which of the following statements are TRUE? -
Sophos Central Partner Dashboard? - ANSWER -You must use an email address
ANSWER -partnerportal.sophos.com that has not been used with Sophos Central
before
You are detecting low-reputation files and want
to change the reputation level from Which tab on the device details page displays the
recommended to strict. Which policy do you edit tamper protection information? - ANSWER -
to make this change? - ANSWER -Threat SUMMARY
Protection
What is the function of Live Protection? -
What is the FIRST step you must take when ANSWER -Connects to a cloud server to
deploying virtual environments? -
1/7
, SOPHOS Certified Engineer Exam Questions With Verified
Answers Graded A+
check for the latest information about a file
Which TCP port is used to communicate Updates
How long are activities stored for in the on endpoints? - ANSWER -8191
Enterprise Dashboard? - ANSWER -90
days
TRUE or FALSE: The security VM installer is
linked to your Sophos Central account. -
What is the function of an Update Cache? - ANSWER -FALSE
ANSWER -To download updates from
Sophos Central and store them on a dedicated
server on your network TRUE or FALSE: You can deploy an update
cache without a Message Relay. -
ANSWER -TRUE
What is the function of on-access scanning? -
ANSWER -Monitors running processes'
behavior You want to change an action for 'confidential'
content. Where in Sophos Central do you make
this change? - ANSWER -In the Data Loss
Which of the following alerts is categorized as a Prevention Rule
high alert? - ANSWER -Failed to protect an
endpoint
What does HIPS do on a protected endpoint? -
ANSWER -Scans for potentially malicious
Which dashboard allows you to manage and behaviour
apply global settings to multiple Sophos Central
accounts? - ANSWER -The Partner
Dashboard You have cloned the threat protection base
policy, applied the policy to a group and saved it.
When checking the endpoint, the policy changes
Which detection feature can prevent attacks on have not taken effect. What do you check in the
the master boot record? - ANSWER - policy? - ANSWER -That the cloned policy
WipeGuard has been enforced
What is the function of a Message Relay? - In which 2 ways can you license the Enterprise
ANSWER -To enable all devices to Dashboard? - ANSWER -(1) Master
communicate all policy and reporting data using Licensing
a dedicated server on your network (2) Individual Licensing
True or False: Marking an alert as acknowledge What is the minimum administrative role that will
will resolve the threat on the endpoint. - allow a user to create and edit policies? -
ANSWER -FALSE ANSWER -Admin
2/7
