Sophos Overview Reviewer Questions Answered 100% correct

Sophos Overview Reviewer Questions Answered 100% correct Sophos Central Cloud based centralized management platform. It is a console for managing your Sophos products using a single interface with an intuitive dashboard. Sophos Security Heartbeat A communication channel which can warn or alert centrally linked Sophos products when there has been an attack or suspected attack. Sophos Central Security Framework provides a detailed look into Sophos Central, it's development, deployment and maintenance as well as what data is collected, where it is stored and how data is protected. Server protection integrates anti-ransomware, application whitelisting, server lockdown and provides centralized management and security of your servers. Endpoint protection provides anti-malware protection to your endpoints across your network. It uses Intercept X. Control, Pre-execution, Code execution Endpoint three layers of security Sophos mobile is a unified endpoint management (UEM) and security solution that helps businesses spend less time and effort managing and securing traditional endpoint and mobile endpoints Sophos data protection encrypts the data on the hard disk of an endpoint so that when the endpoint is stolen, the thief will not be able to access the data on the device. Sophos Cloud Optix provides security and manageability for public cloud. Sophos Encryption · Full disk encryption · Prevent data loss · Configure encryption policy Sophos Wireless allows you to see which traffic is using your bandwidth to optimize the performance of your Wi-Fi and alert you to potential unwanted use of your resources. XG Firewall is an advanced and comprehensive network security device that helps expose hidden risks, block unknown threats and will automatically respond to incidents. · Provides visibility of activities on your network · Detects risky activities and suspicious traffic Intercept X protects devices from malicious attacks that re able to bypass traditional anti-virus solutions. Typically, these threats are zero-day and ransomware. Sophos Phish Threat educates and test your end users through automated attack simulations, quality security awareness training and actionable reporting metrics. Sophos Email Gateway keeps your users and business safe with instant protection from advanced threats. Our default setting provides anti-spam and anti-malware protection. Devices and users: summary display info. For user and endpoints, detailing whether they have the Sophos agent installed or the user is associated with a protected endpoint. Endpoint and server web control provides an overview of your web control statistics. Split into four categories of Web threats blocked, Policy violations blocked, Policy warnings issued and Policy warnings proceeded Threat analysis dashboard allows you to view threat information at a glance. Dashboard, Threat Cases and Threat Searches The dashboard consists of three areas Super Admin has access to everything in Sophos Central. This role is unable to be edited or deleted. Admin has access to almost everything, apart from the ability to manage roles and role assignments. Help Desk allows read only access for all settings in Sophos Central · Able to look at sensitive logs and reports · receive and clear alerts · update the Sophos agent software on an endpoint and scan endpoints. Does not allow a user to assign policies or change settings Read only · only access for all settings in Sophos Central · can look at sensitive logs and reports and receive alerts · They can't manage role and role assignments. Self Service Portal Allows users to protect their own devices, view quarantined emails and manage their device encryption. AD Sync Settings Displays the date of the last synchronization cycle, how many users and groups have been synchronized and the current settings Role Management View and manage administrator roles API Token Mangement Integrate SIEM solutions allowing the retrieval of event and alert data from Sophos Central Federated sign-in Allows users to sign in to Sophos Central and SSP using their Microsoft sign-in credentials Registered Firewall Appliances Register firewalls to enable security heartbeat which can assist with managing endpoint health Tamper protection · Password protects the protection settings for Sophos · Enabled by Default · Can be enabled/disable per device in the device details page Website management · Allows you to extend the website filtering · Control websites that are not in the Sophos categories · Tag websites to put them into groups · Override the Sophos category for a site Proxy Configuration · Enable devices to connect to Sophos or download Sophos software updates through a proxy server Scanning Exclusions · Exclude files, websites and applications from scanning for threats · Exclusions will apply to all your users and servers · Excluded items will still be checked for exploits Allowed Applications · Lists applications that you have allowed to run on your endpoint computers · Displays where the application was originally detected · Displays how to application was allowed Blocked Items · Lists blocked applications · Allows you to add an application to block based on SHA-2526 hash · Only available if you have intercept X advanced with EDR Bandwidth Usage · Set a custom bandwidth usage limit for endpoints and servers · The limit is enforced when the endpoints download Sophos software and threat detection updates · Sophos sets frequency of data updates to minimize bandwidth usage Synchronized Security Automates detection, isolation, and remediation results, this enables attacks to be neutralized in seconds Monitors outbound email Enterprise Dashboard · Management of multiple Sophos Center Admin account · Enables distributed security management · 5000 endpoint devices per sub-state (region) · allows you to view and apply global settings to multiple Sophos Central Accounts. Partner Dashboard · Allows action on customer alerts · A websed management tool for customer licenses, accounts, security, support, global policy configuration and control Multi-factor Authentication is mandatory for Sophos Enterprise and is automatically enabled provides an additional layer of security 99% Sophos email blocks ______% of spam at gateway and leverages SophosLabs threat intelligence to identify malicious emails. Sophos Email detects that a mailbox is compromised and is being used to send outbound spam emails. Isolates the mailbox and shares the status via the Security Heartbeat. Intercept X denies attackers by blocking the exploits and techniques used to distribute malware, steal credentials and escape detection. Has over 25 different anti-exploit and active adversary techniques. Malicious Traffic Detection monitors HTTP traffic for signs for connectivity to known bd URLs such as C2C. If the traffic is detected, its an early indicator that Summary tab tab contains an overview of recent events, devices, mailboxes, groups and logins Devices tab displays all of the devices the user has associated to them. Events tab displays all of the events logged for the user Policies tab displays the policies that apply to the user. Sophos Partner Portal An online resource that allows you to manage opportunities, renewals and register deals Includes training and certification links, access to sales and marketing tools and resources. Central Partner Dashboard allows you to manage your customer licenses for central products. enables you to mange multiple customer security settings, setting global policies. remotely access your customer sophos central admin consoles URL to access the Central Partner Dashboard URL to access Central Partner Dashboard directly Account Details Where in Sophos Central Admin Console can you enable remote assistance? Admin The minimum administrative role that will allow a user access to view and edit policies 90 days How long are activities stored for in the Enterprise Dashboard Master Licensing and Individual Licensing Two ways to license Enterprise Dashboard Read-only Minimum administrative role that will allow a user to view alerts and logs Once a day What is the Sophos recommended Active Directory sync interval? Help Desk Minimum administrative role that will allow a user to scan endpoints administrative role that will allow a user to view alerts, perform updates and scan endpoints. True You can choose to send email alerts immediately, hourly, daily or never. URL do you use to login to Sophos Central Partner Dashboard