SOPHOS CERTIFIED ENGINEER EXAM QUESTIONS WITH CORRECT ANSWERS REVISED 2024

1. Which TCP port is used to communicate policies to endpoints?:: 8190 2. Which Sophos Central manage product protects the data on a lost or stolen correct answer laptop?:: Encryption correct answer correct answer correct 3. The option to stop the AutoUpdate service is greyed out in Windows Ser-vices. What is the most likely reason for this?:: Tamper Protection is enabled 4. TRUE or FALSE::Tamper protection is enabled by default.: answer: TRUE correct answer correct answer 5. Complete the sentence:: Signature-based file scanning relies on...:: previouslydetected malware characteristics 6. You are unable to edit policies in Sophos Central.What do you check inSophos correct answer Central?:: That you have the correct role assigned correct answer 7. Which URL address do you use to login to Sophos Central Partner Dashboard?:: 8. You are detecting low-reputation files and want to change the reputationlevel from correct answer recommended to strict. Which policy do you edit to make this change?:: Threat Protection 9. What is the FIRST step you must take when deploying virtual environ- correct answer ments?:: Check the system requirements correct 10. You want to prevent users from copying database files to USB driveswithout blocking the use of all USB devices. Which policy do you need toconfigure?: answer: Data Loss Prevention 11. TRUE or FALSE:correct answer:You can search for a malicious item across your networkusing EDR:correct answer: TRUE 12. Which log provides a record of all activities?:correct answer: Audit log 13. What is the function of anti-exploit technology?:correct answer: To detect and stop compro-mised vulnerable applications correct answer correct answer 14. Complete the sentence::The SAV32CLI clean-up tool is a...:: Command linetool included in Sophos Central installation correct answer 15. When registering for a Sophos Central Trial, which of the following statements are TRUE?:: You must use an email address that has not been used with Sophos Central before 16. Which tab on the device details page displays the tamper protection infor- correct answer correct answer mation?:: SUMMARY 17. What is the function of Live Protection?:: Connects to a cloud server to checkfor the latest information about a file correct 18. How long are activities stored for in the Enterprise Dashboard?: answer: 90 days correct answer 19. What is the function of an Update Cache?:: To download updates from SophosCentral and store them on a dedicated server on your network correct answer 20. What is the function of on-access scanning?:: Monitors running processes'behavior correct answer 21. Which of the following alerts is categorized as a high alert?:: Failed to protectan endpoint 22. Which dashboard allows you to manage and apply global settings tomultiple correct answer Sophos Central accounts?:: The Partner Dashboard 23. Which detection feature can prevent attacks on the master boot correct answer record?:: - WipeGuard correct answer 24. What is the function of a Message Relay?:: To enable all devices to commu-nicate all policy and reporting data using a dedicated server on your network 25. True or False:correct answer: Marking an alert as acknowledge will resolve the threat onthe endpoint.:correct answer: FALSE correct 26. Which TCP port is used to communicate Updates on endpoints?: answer: 8191 27. TRUE or FALSE:correct answer:The securityVM installer is linked to your Sophos Centralaccount.:correct answer: FALSE 28. TRUE or FALSE:correct answer:You can deploy an update cache without a MessageRelay.:correct answer: TRUE 29. You want to change an action for 'confidential' content.Where in Sophos correct answer correct answer Central do you make this change?:: In the Data Loss Prevention Rule 30. What does HIPS do on a protected endpoint?:: Scans for potentially maliciousbehaviour correct answer 31. You have cloned the threat protection base policy, applied the policy to a group and saved it.When checking the endpoint, the policy changes have nottaken effect.What do you check in the policy?:: That the cloned policy has beenenforced correct answer 32. In which 2 ways can you license the Enterprise Dashboard?:: (1) MasterLicensing (2) Individual Licensing 33. What is the minimum administrative role that will allow a user to create andedit correct answer correct answer correct answer policies?:: Admin 34. Complete the following sentence::The default protection base policy isconfigured with...:: Sophos' recommended settings 35. Which section in the Self-Help tool should be checked to start investigatingan correct answer updating issue on an endpoint:: System correct answer 36. What does tamper protection prevent a user from doing on their endpoint with Sophos Central agent installed?:: Prevents a user from uninstalling the Sophos agent software correct answer 37. TRUE or FALSE:: All server protection features are enabled correct answer by default.:: - FALSE