SOPHOS FIREWALL EXAM 2025/2026
QUESTIONS AND ANSWERS 100% PASS
When a RED is deployed in Standard/Unified mode, how do the computers on the remote
network get their IP adresss? - ANS From a DHCP server running on the XG firewall
You are preparing a hardware XG Firewall for installation on a remote site. The order for the
license has not yet been processed. Which registration option do you select in the Initial Setup
wizard? - ANS I do not want to register now
You have created a repot that displays data that you wish to check on a daily basis. how can you
make this data easily available in the WebAdmin interface?? - ANS Create a bookmark for
the report
Which of the following best describes greylisting? - ANS The first attempt to deliver a
message is temporarily denied.
One computer has a red health status. ON which 2 of the networks can the endpoints be
protected from the computer with a a red health status? - ANS A. C
Sophos XG hardware devices come pre-loaded with software. - ANS True
1 @COPYRIGHT 2025/2026 ALLRIGHTS RESERVED
, Which 2 features are required if you want to make use of lateral movement protection? -
ANS Server or endpoint protection. Intercept X
Which XG firewall feature is able to block access to command and control servers? -
ANS Advanced Threat Protection
Which 2 methods are supported for logoff detection when using STAS - ANS PING,
Workstation Polling
Type the name of the only zone that cannot have a physical port or interface assigned to it -
ANS vpn
DHCP can be used to override the magic IP if the XG Firewall is not the default gateway. -
ANS False
Which web filtering method can offload traffic to the FastPath? - ANS DPI
Which interface type is a virtual LAN created on an existing XG interface - ANS VLAN
Which of the following statements about zero-touch deployment are TRUE - ANS Zero-touch
configuration rules can only be created for unregistered hardware serial numbers
What is the clientless Access portal used for? - ANS To provide access to internal resources
without the need for a VPN client to be installed
Which firewall icon represents a disabled user Rule? - ANS C
Which page list all current applications that are connecting through the XG Firewall? -
ANS Live connections
2 @COPYRIGHT 2025/2026 ALLRIGHTS RESERVED
QUESTIONS AND ANSWERS 100% PASS
When a RED is deployed in Standard/Unified mode, how do the computers on the remote
network get their IP adresss? - ANS From a DHCP server running on the XG firewall
You are preparing a hardware XG Firewall for installation on a remote site. The order for the
license has not yet been processed. Which registration option do you select in the Initial Setup
wizard? - ANS I do not want to register now
You have created a repot that displays data that you wish to check on a daily basis. how can you
make this data easily available in the WebAdmin interface?? - ANS Create a bookmark for
the report
Which of the following best describes greylisting? - ANS The first attempt to deliver a
message is temporarily denied.
One computer has a red health status. ON which 2 of the networks can the endpoints be
protected from the computer with a a red health status? - ANS A. C
Sophos XG hardware devices come pre-loaded with software. - ANS True
1 @COPYRIGHT 2025/2026 ALLRIGHTS RESERVED
, Which 2 features are required if you want to make use of lateral movement protection? -
ANS Server or endpoint protection. Intercept X
Which XG firewall feature is able to block access to command and control servers? -
ANS Advanced Threat Protection
Which 2 methods are supported for logoff detection when using STAS - ANS PING,
Workstation Polling
Type the name of the only zone that cannot have a physical port or interface assigned to it -
ANS vpn
DHCP can be used to override the magic IP if the XG Firewall is not the default gateway. -
ANS False
Which web filtering method can offload traffic to the FastPath? - ANS DPI
Which interface type is a virtual LAN created on an existing XG interface - ANS VLAN
Which of the following statements about zero-touch deployment are TRUE - ANS Zero-touch
configuration rules can only be created for unregistered hardware serial numbers
What is the clientless Access portal used for? - ANS To provide access to internal resources
without the need for a VPN client to be installed
Which firewall icon represents a disabled user Rule? - ANS C
Which page list all current applications that are connecting through the XG Firewall? -
ANS Live connections
2 @COPYRIGHT 2025/2026 ALLRIGHTS RESERVED
