SOPHOS CERTIFIED ENGINEER EXAM 2026
FINAL REVIEW EXAM
◉ DNS poisoning. Answer: Technique used by criminals to alter DNS
records and drive users to fake sites, to committing phishing.
◉ Universal resource locator redirection. Answer:
◉ Domain reputation. Answer:
◉ Distributed Denial of Service (DDoS). Answer: An attack that uses
many computers to perform a DoS attack.
◉ DDOS network. Answer:
◉ DDOS application. Answer:
◉ DDOS operational technology. Answer:
◉ Malicious code or script execution. Answer:
◉ Powershell. Answer:
,◉ Python. Answer:
◉ Bash. Answer:
◉ Macros. Answer:
◉ Visual Basic for Applications (VBA). Answer: programming
language you can use to create macros
◉ Advanced Persistent Threat (APT). Answer: a sophisticated,
possibly long-running computer hack that is perpetrated by large,
well-funded organizations such as governments
◉ Insider threats. Answer: Current or former employee, contractor
or other partner that has or had authorized access and intentionally
misused that access
◉ State actors. Answer:
◉ Hacktivists. Answer: A protester seeking to make a political point
by leveraging technology tools, often through system infiltration,
defacement, or damage.
,◉ Script kiddies. Answer: Individuals who want to break into
computers to create damage, yet lack the advanced knowledge of
computers and networks needed to do so.
◉ Criminal syndicates. Answer:
◉ Authorized Hackers. Answer:
◉ Unauthorized hackers. Answer:
◉ Semi-authorized hackers. Answer:
◉ Shadow IT. Answer:
◉ Competitors. Answer:
◉ Internal/external actors. Answer:
◉ Level of sophistication/capability in actors. Answer:
◉ Resources/funding (attributes of actors). Answer: APTs, and
nation states have a penchant for long-term attacks, which requires
, this which only major organizations or government can manage over
time.
◉ Intent/motivation (attributes of actors). Answer: This can be
simple or multifold in nature. A script kiddie is just trying to make a
technique work. A more skilled threat actor is usually pursuing a
specific objective, such as trying to make a point as a hacktivist. At
the top of the intent pyramid is the APT threat actor, whose intent or
motivation is at least threefold.
◉ Vectors direct access. Answer:
◉ Wireless Vectors. Answer:
◉ Vector Email. Answer:
◉ Vector Supply Chain. Answer:
◉ Vector Social Media. Answer:
◉ Vector Removable Media. Answer:
◉ Vector Cloud. Answer:
FINAL REVIEW EXAM
◉ DNS poisoning. Answer: Technique used by criminals to alter DNS
records and drive users to fake sites, to committing phishing.
◉ Universal resource locator redirection. Answer:
◉ Domain reputation. Answer:
◉ Distributed Denial of Service (DDoS). Answer: An attack that uses
many computers to perform a DoS attack.
◉ DDOS network. Answer:
◉ DDOS application. Answer:
◉ DDOS operational technology. Answer:
◉ Malicious code or script execution. Answer:
◉ Powershell. Answer:
,◉ Python. Answer:
◉ Bash. Answer:
◉ Macros. Answer:
◉ Visual Basic for Applications (VBA). Answer: programming
language you can use to create macros
◉ Advanced Persistent Threat (APT). Answer: a sophisticated,
possibly long-running computer hack that is perpetrated by large,
well-funded organizations such as governments
◉ Insider threats. Answer: Current or former employee, contractor
or other partner that has or had authorized access and intentionally
misused that access
◉ State actors. Answer:
◉ Hacktivists. Answer: A protester seeking to make a political point
by leveraging technology tools, often through system infiltration,
defacement, or damage.
,◉ Script kiddies. Answer: Individuals who want to break into
computers to create damage, yet lack the advanced knowledge of
computers and networks needed to do so.
◉ Criminal syndicates. Answer:
◉ Authorized Hackers. Answer:
◉ Unauthorized hackers. Answer:
◉ Semi-authorized hackers. Answer:
◉ Shadow IT. Answer:
◉ Competitors. Answer:
◉ Internal/external actors. Answer:
◉ Level of sophistication/capability in actors. Answer:
◉ Resources/funding (attributes of actors). Answer: APTs, and
nation states have a penchant for long-term attacks, which requires
, this which only major organizations or government can manage over
time.
◉ Intent/motivation (attributes of actors). Answer: This can be
simple or multifold in nature. A script kiddie is just trying to make a
technique work. A more skilled threat actor is usually pursuing a
specific objective, such as trying to make a point as a hacktivist. At
the top of the intent pyramid is the APT threat actor, whose intent or
motivation is at least threefold.
◉ Vectors direct access. Answer:
◉ Wireless Vectors. Answer:
◉ Vector Email. Answer:
◉ Vector Supply Chain. Answer:
◉ Vector Social Media. Answer:
◉ Vector Removable Media. Answer:
◉ Vector Cloud. Answer:
