Sophos Engineer Exam Questions with
Accurate Answers
That the cloned policy has been enforced - ✔✔You have cloned the threat protection base
policy, applied the policy to a group and saved it. When checking the endpoint, the policy
changes have not taken effect. What do you check in the policy
8190 - ✔✔Which TCP port is used to communicate policies to endpoint?
To download updates from Sophos Central and store them on a dedicated server on your
network - ✔✔What is the function of an update cache?
Download and run the installer from Sophos Central - ✔✔Which of the following is a method of
deploying endpoint protection?
8191 - ✔✔Which TCP port is used to communicate Updates on endpoint?
False - ✔✔A message relay can be configured on a Server without an Update Cache.
True - ✔✔When protecting a MAC client, you must know the password of the administrator.
Connects to a cloud server to check for the latest information about a file - ✔✔What is the
function of live protection?
To block specific applications from running on protected endpoints - ✔✔Which is the function
of Application control?
, To connect Sophos security solutions in real time - ✔✔What is the function of Sophos
Synchronized Security?
Control access to websites based on their category - ✔✔What is the function of Web Control?
To detect and stop compromised vulnerable applications - ✔✔What is the function of anti-
exploit technology?
Exploit technique detection - ✔✔Which feature of intercept X is designed to detect malware
before it can execute?
Data loss prevention rule - ✔✔You want to change an action for 'confidential' content. Where
in Sophos Central do you make this change
False - ✔✔Base policies can be disabled in Sophos Central.
Threat Protection - ✔✔You are detecting low-reputation files and want to change the
reputation level from recommended to strict. Which policy do you edit to make this change?
Threat protection - ✔✔Which endpoint protection policy protects users against malicious
network traffic?
True - ✔✔TRUE or FALSE: Tamper protection must be disabled before removing Endpoint
protection.
Web Control - ✔✔Which endpoint protection policy do you edit to block users from visiting a
specific website category?
Threat Protection - ✔✔Which endpoint protection policy block access to malicious websites?
Accurate Answers
That the cloned policy has been enforced - ✔✔You have cloned the threat protection base
policy, applied the policy to a group and saved it. When checking the endpoint, the policy
changes have not taken effect. What do you check in the policy
8190 - ✔✔Which TCP port is used to communicate policies to endpoint?
To download updates from Sophos Central and store them on a dedicated server on your
network - ✔✔What is the function of an update cache?
Download and run the installer from Sophos Central - ✔✔Which of the following is a method of
deploying endpoint protection?
8191 - ✔✔Which TCP port is used to communicate Updates on endpoint?
False - ✔✔A message relay can be configured on a Server without an Update Cache.
True - ✔✔When protecting a MAC client, you must know the password of the administrator.
Connects to a cloud server to check for the latest information about a file - ✔✔What is the
function of live protection?
To block specific applications from running on protected endpoints - ✔✔Which is the function
of Application control?
, To connect Sophos security solutions in real time - ✔✔What is the function of Sophos
Synchronized Security?
Control access to websites based on their category - ✔✔What is the function of Web Control?
To detect and stop compromised vulnerable applications - ✔✔What is the function of anti-
exploit technology?
Exploit technique detection - ✔✔Which feature of intercept X is designed to detect malware
before it can execute?
Data loss prevention rule - ✔✔You want to change an action for 'confidential' content. Where
in Sophos Central do you make this change
False - ✔✔Base policies can be disabled in Sophos Central.
Threat Protection - ✔✔You are detecting low-reputation files and want to change the
reputation level from recommended to strict. Which policy do you edit to make this change?
Threat protection - ✔✔Which endpoint protection policy protects users against malicious
network traffic?
True - ✔✔TRUE or FALSE: Tamper protection must be disabled before removing Endpoint
protection.
Web Control - ✔✔Which endpoint protection policy do you edit to block users from visiting a
specific website category?
Threat Protection - ✔✔Which endpoint protection policy block access to malicious websites?
