Sophos Engineer Exam Questions with
Accurate Answers
You have cloned the threat protection base policy, applied the policy to a group and saved it.
When checking the endpoint, the policy changes have not taken effect. What do you check in
the policy - ✔✔That the cloned policy has been enforced
Which TCP port is used to communicate policies to endpoint? - ✔✔8190
What is the function of an update cache? - ✔✔To download updates from Sophos Central and
store them on a dedicated server on your network
Which of the following is a method of deploying endpoint protection? - ✔✔Download and run
the installer from Sophos Central
Which TCP port is used to communicate Updates on endpoint? - ✔✔8191
A message relay can be configured on a Server without an Update Cache. - ✔✔False
When protecting a MAC client, you must know the password of the administrator. - ✔✔True
What is the function of live protection? - ✔✔Connects to a cloud server to check for the latest
information about a file
Which is the function of Application control? - ✔✔To block specific applications from running
on protected endpoints
, What is the function of Sophos Synchronized Security? - ✔✔To connect Sophos security
solutions in real time
What is the function of Web Control? - ✔✔Control access to websites based on their category
What is the function of anti-exploit technology? - ✔✔To detect and stop compromised
vulnerable applications
Which feature of intercept X is designed to detect malware before it can execute? - ✔✔Exploit
technique detection
You want to change an action for 'confidential' content. Where in Sophos Central do you make
this change - ✔✔Data loss prevention rule
Base policies can be disabled in Sophos Central. - ✔✔False
You are detecting low-reputation files and want to change the reputation level from
recommended to strict. Which policy do you edit to make this change? - ✔✔Threat Protection
Which endpoint protection policy protects users against malicious network traffic? - ✔✔Threat
protection
TRUE or FALSE: Tamper protection must be disabled before removing Endpoint protection. -
✔✔True
Which endpoint protection policy do you edit to block users from visiting a specific website
category? - ✔✔Web Control
Which endpoint protection policy block access to malicious websites? - ✔✔Threat Protection
Accurate Answers
You have cloned the threat protection base policy, applied the policy to a group and saved it.
When checking the endpoint, the policy changes have not taken effect. What do you check in
the policy - ✔✔That the cloned policy has been enforced
Which TCP port is used to communicate policies to endpoint? - ✔✔8190
What is the function of an update cache? - ✔✔To download updates from Sophos Central and
store them on a dedicated server on your network
Which of the following is a method of deploying endpoint protection? - ✔✔Download and run
the installer from Sophos Central
Which TCP port is used to communicate Updates on endpoint? - ✔✔8191
A message relay can be configured on a Server without an Update Cache. - ✔✔False
When protecting a MAC client, you must know the password of the administrator. - ✔✔True
What is the function of live protection? - ✔✔Connects to a cloud server to check for the latest
information about a file
Which is the function of Application control? - ✔✔To block specific applications from running
on protected endpoints
, What is the function of Sophos Synchronized Security? - ✔✔To connect Sophos security
solutions in real time
What is the function of Web Control? - ✔✔Control access to websites based on their category
What is the function of anti-exploit technology? - ✔✔To detect and stop compromised
vulnerable applications
Which feature of intercept X is designed to detect malware before it can execute? - ✔✔Exploit
technique detection
You want to change an action for 'confidential' content. Where in Sophos Central do you make
this change - ✔✔Data loss prevention rule
Base policies can be disabled in Sophos Central. - ✔✔False
You are detecting low-reputation files and want to change the reputation level from
recommended to strict. Which policy do you edit to make this change? - ✔✔Threat Protection
Which endpoint protection policy protects users against malicious network traffic? - ✔✔Threat
protection
TRUE or FALSE: Tamper protection must be disabled before removing Endpoint protection. -
✔✔True
Which endpoint protection policy do you edit to block users from visiting a specific website
category? - ✔✔Web Control
Which endpoint protection policy block access to malicious websites? - ✔✔Threat Protection
