SOPHOS FIREWALL V19.5
PRACTICE EXAM QUESTIONS
WITH CORRECT DETAILED
ANSWERS | ALREADY GRADED
A+<RECENT VERSION>
1. Which 2 of these are features of the Xstream achitecture? - ANSWER
TLS 1.3 Decryption und Deep packet inspection
2. Which feature of the Sophjos Firewall helps prevent a computer infected
by a trojan from transmitting personal information out of theri network? -
ANSWER Advanced Threat Protection
3. Which feature of the Sophos firewall identifies unknown applications? -
ANSWER Synchronized App Controll
4. What cloud platfroms is Sophos Firewall supported on? - ANSWER
AWS, Azure und Nutanix
5. How many radios do the wireless XGS series models have? -
ANSWER 1
6. True or False: The number of ports can be expanded using additional
modules. - ANSWER True
,7. You have received a new hardware Sophos Firewall. What is the default
IP addres and port that is used to access the device? - ANSWER
172.16.16.16:4444
8. You are preparing a Sophos Firewall for installation on a remote site. The
order for the license hat not yet been processed. Which device registration
oprion do you select in the Initial Suetup wizard? - ANSWER I do not
want to register now.
9. Servic objects can be created for which of the following? - ANSWER
TCP/UDP Ports, IP Protocol Number, ICMP Type and Code
10.In which of these zones is an interface conffigured with a gateway? -
ANSWER WAN
11.How many gateways can you include in an SD-WAN profile? -
ANSWER 8
12.Place the route types in the correct default order of precedence -
ANSWER 1. Static; 2. SD-WAN; 3. VPN; 4. Default
13.How many servers does Sophos Firewall suport for static DNS? -
ANSWER 3
14.You have an existing DHCP server. What configuration allows Sophos
firewall to forward lease requests to this? - ANSWER Relay
15.Which of these are defined as Admin services in Device access? -
ANSWER HTTPS and SSH
,16.You want a certificate to be signed by a third-party company. Which
option should you choose? - ANSWER Generate CSR
17.What are the different types of traffic shaping policy you can create? -
ANSWER Users, Web categories, Rules, Applications
18.What do you need to configure before you can start using traffic shaping?
- ANSWER Total WAN bandwidth
19.True of False: NAT rules are processed in order from top to bottom -
ANSWER True
20.True or False: All firewall rules are evaluated and the best match is used.
- ANSWER false
21.Which 3 of the following are matching criteria Sophos Firewall uses to
automatically assign firewall rules to groups? - ANSWER Destination
ZONE, Source ZONE, Rule type
22.Complete the sentence below:
23.When creating a firewall rule for DNAT, you select the ________
destination zone. - ANSWER Post NAT
24.Where would you exclude a website from TLS inspection? -
ANSWER WEB -> URL Groups
25.Where would you configure which chiper algorithms to block? -
ANSWER Decryption profile
, 26.What 2 things do you need to do to use IPS policies - ANSWER
Select an IPS policy in a firewall rule; Enable IPS using the switch
27.Spoof Protection - ANSWER Drops traffic that is trying to pretend to
come from a different MAC of IP address to bypass protection
28.Dos Protection - ANSWER Drops traffic that is maliciously trying to
prevent legitimate traffic from being able to accsess services.
29.IPS Policies - ANSWER Protectes against exploits and malfromed
traffic.
30.Which 2 actions can ATP be configured to perform when it detects traffic
to a command-and-control server? - ANSWER Log; Log and Drop
31.You want to configure Security Heartbeat, what is the first thing you need
to do? - ANSWER Register your Sophos Firewall with you Sophos
Central account
32.What information deas Sophos Firewall share about devices with a RED
health status to prevent lateral movement protection? - ANSWER
MAC Adress
33.What 2 way can you register Sophos Firewall with Sophos Central -
ANSWER OTP; Username and passwort
34.Which 2 VPN protocols does Sophos Firewall suport for Site to Site -
ANSWER SSL ;IPSEC
PRACTICE EXAM QUESTIONS
WITH CORRECT DETAILED
ANSWERS | ALREADY GRADED
A+<RECENT VERSION>
1. Which 2 of these are features of the Xstream achitecture? - ANSWER
TLS 1.3 Decryption und Deep packet inspection
2. Which feature of the Sophjos Firewall helps prevent a computer infected
by a trojan from transmitting personal information out of theri network? -
ANSWER Advanced Threat Protection
3. Which feature of the Sophos firewall identifies unknown applications? -
ANSWER Synchronized App Controll
4. What cloud platfroms is Sophos Firewall supported on? - ANSWER
AWS, Azure und Nutanix
5. How many radios do the wireless XGS series models have? -
ANSWER 1
6. True or False: The number of ports can be expanded using additional
modules. - ANSWER True
,7. You have received a new hardware Sophos Firewall. What is the default
IP addres and port that is used to access the device? - ANSWER
172.16.16.16:4444
8. You are preparing a Sophos Firewall for installation on a remote site. The
order for the license hat not yet been processed. Which device registration
oprion do you select in the Initial Suetup wizard? - ANSWER I do not
want to register now.
9. Servic objects can be created for which of the following? - ANSWER
TCP/UDP Ports, IP Protocol Number, ICMP Type and Code
10.In which of these zones is an interface conffigured with a gateway? -
ANSWER WAN
11.How many gateways can you include in an SD-WAN profile? -
ANSWER 8
12.Place the route types in the correct default order of precedence -
ANSWER 1. Static; 2. SD-WAN; 3. VPN; 4. Default
13.How many servers does Sophos Firewall suport for static DNS? -
ANSWER 3
14.You have an existing DHCP server. What configuration allows Sophos
firewall to forward lease requests to this? - ANSWER Relay
15.Which of these are defined as Admin services in Device access? -
ANSWER HTTPS and SSH
,16.You want a certificate to be signed by a third-party company. Which
option should you choose? - ANSWER Generate CSR
17.What are the different types of traffic shaping policy you can create? -
ANSWER Users, Web categories, Rules, Applications
18.What do you need to configure before you can start using traffic shaping?
- ANSWER Total WAN bandwidth
19.True of False: NAT rules are processed in order from top to bottom -
ANSWER True
20.True or False: All firewall rules are evaluated and the best match is used.
- ANSWER false
21.Which 3 of the following are matching criteria Sophos Firewall uses to
automatically assign firewall rules to groups? - ANSWER Destination
ZONE, Source ZONE, Rule type
22.Complete the sentence below:
23.When creating a firewall rule for DNAT, you select the ________
destination zone. - ANSWER Post NAT
24.Where would you exclude a website from TLS inspection? -
ANSWER WEB -> URL Groups
25.Where would you configure which chiper algorithms to block? -
ANSWER Decryption profile
, 26.What 2 things do you need to do to use IPS policies - ANSWER
Select an IPS policy in a firewall rule; Enable IPS using the switch
27.Spoof Protection - ANSWER Drops traffic that is trying to pretend to
come from a different MAC of IP address to bypass protection
28.Dos Protection - ANSWER Drops traffic that is maliciously trying to
prevent legitimate traffic from being able to accsess services.
29.IPS Policies - ANSWER Protectes against exploits and malfromed
traffic.
30.Which 2 actions can ATP be configured to perform when it detects traffic
to a command-and-control server? - ANSWER Log; Log and Drop
31.You want to configure Security Heartbeat, what is the first thing you need
to do? - ANSWER Register your Sophos Firewall with you Sophos
Central account
32.What information deas Sophos Firewall share about devices with a RED
health status to prevent lateral movement protection? - ANSWER
MAC Adress
33.What 2 way can you register Sophos Firewall with Sophos Central -
ANSWER OTP; Username and passwort
34.Which 2 VPN protocols does Sophos Firewall suport for Site to Site -
ANSWER SSL ;IPSEC
