


Study with the several resources on Docsity
Earn points by helping other students or get them with a premium plan
Prepare for your exams
Study with the several resources on Docsity
Earn points to download
Earn points by helping other students or get them with a premium plan
Community
Ask the community for help and clear up your study doubts
Discover the best universities in your country according to Docsity users
Free resources
Download our free guides on studying techniques, anxiety management strategies, and thesis advice from Docsity tutors
What is Zero Trust? - ✔✔It is the mindset of don't trust anything verify everything What is ZTNA? - ✔✔Sophos's Zero Trust Network Access What is Sophos Lateral Protection? - ✔✔It is a micro segmentation solution. If device becomes infected it will be isolated to stop the attack or regardless of the Network Topology What are the three key features of Sophos Firewall? - ✔✔It is a comprehensive security device, with a zone-based firewall and Identity-based policies at its core. It can expose hidden risk, stop unknown threats and isolate infected systems It supports ZTNA by providing network segmentation and lateral movement protection What are the phases of the Attack Kill Chain? - ✔✔1. Reconnaissance 2. Weaponization 3. Delivery 4. Exploitatio
Typology: Exams
1 / 4
This page cannot be seen from the preview
Don't miss anything!
What is Zero Trust? - ✔✔It is the mindset of don't trust anything verify everything What is ZTNA? - ✔✔Sophos's Zero Trust Network Access What is Sophos Lateral Protection? - ✔✔It is a micro segmentation solution. If device becomes infected it will be isolated to stop the attack or regardless of the Network Topology What are the three key features of Sophos Firewall? - ✔✔It is a comprehensive security device, with a zone-based firewall and Identity-based policies at its core. It can expose hidden risk, stop unknown threats and isolate infected systems It supports ZTNA by providing network segmentation and lateral movement protection What are the phases of the Attack Kill Chain? - ✔✔1. Reconnaissance
What does Sophos Web Protection do? - ✔✔By scanning http/https traffic for unwanted content and malware. What does Web Filtering do? - ✔✔Web filtering can allow or block sites based on content filters What is Email Encryption and Control? - ✔✔Sophos Firewall can scan incoming email for malicious content. IP reputation is enabled that allows you to accept/drop/block emails from known Spam IP's. File type detection can scan and block specific file types e.g any macro enabled files will be blocked. Email protection allows you to encrypt emails so you can send data securely out of the network using SPX What is SPX? - ✔✔Sophos Secure PDF Exchange Encryption What is Sophos Zero-Day Protection? - ✔✔Sophos Zero Day protection uses Hash files created when a Sophos Firewall scans an attachment with an executable. The hash file is then sent to the cloud database for review, and Firewall will then either block or allow it depending if it is deemed save or malicious. Zero-Day protection will also send in depth reports on all attack events as configured. What happens when Sophos Zero-Day Protection reviews a hash file it hasn't seen before? - ✔✔The a copy of the suspicious file is sent to Sophos where it is opened in a sandbox environment and monitored. Once analysed, the threat intelligence is sent to the firewall where it is either blocked or allowed depending. A report is then created for the threat incident. How does Sophos Deep Learning work? - ✔✔Millions of samples of both good and bad files are fed to the model, and each feature of the file is defined then labelled, such as Size, Vendor and Printable settings. This model is then used to review the suspicious file to recognise and predict if it is malicious or legitimate What is Application control? - ✔✔This is a service used to reduce the attack surface by restricting what applications are allowed What is Synchronized App control? - ✔✔Sophos Firewall sees app traffic that does not match a signature, but Sophos Endpoint shares the app name, path and category to the Sophos firewall for classification, so the firewall can categorise and control traffic
How does Sophos Automatic Device Isolation work? - ✔✔Server Protection and Intercept X are used to assign each device a health status. If a device is compromised, the device can be automatically isolated from other areas of the network via the firewall and communicating with other devices. This limits infection of other devices on the network What does Email protection Control do? - ✔✔Stops information being leaked outside of the organisation by email. You can create control lists to drop personal identifiable information and financial data types depending on the action configured in the policy