Docsity
Docsity

Prepare for your exams
Prepare for your exams

Study with the several resources on Docsity


Earn points to download
Earn points to download

Earn points by helping other students or get them with a premium plan


Guidelines and tips
Guidelines and tips

Sophos Engineer ET80 - Sophos Firewall Overview | Actual Questions and Answers Latest Upda, Exams of Computer Security

What is Zero Trust? - ✔✔It is the mindset of don't trust anything verify everything What is ZTNA? - ✔✔Sophos's Zero Trust Network Access What is Sophos Lateral Protection? - ✔✔It is a micro segmentation solution. If device becomes infected it will be isolated to stop the attack or regardless of the Network Topology What are the three key features of Sophos Firewall? - ✔✔It is a comprehensive security device, with a zone-based firewall and Identity-based policies at its core. It can expose hidden risk, stop unknown threats and isolate infected systems It supports ZTNA by providing network segmentation and lateral movement protection What are the phases of the Attack Kill Chain? - ✔✔1. Reconnaissance 2. Weaponization 3. Delivery 4. Exploitatio

Typology: Exams

2023/2024

Available from 08/30/2024

Holygrams
Holygrams 🇺🇸

3.7

(3)

2.2K documents

1 / 4

Toggle sidebar

This page cannot be seen from the preview

Don't miss anything!

bg1
Sophos Engineer ET80 - Sophos Firewall Overview | Actual Questions and
Answers Latest Updated 2024/2025 (Graded A+)
What is Zero Trust? - ✔✔It is the mindset of don't trust anything verify everything
What is ZTNA? - ✔✔Sophos's Zero Trust Network Access
What is Sophos Lateral Protection? - ✔✔It is a micro segmentation solution. If device becomes infected
it will be isolated to stop the attack or regardless of the Network Topology
What are the three key features of Sophos Firewall? - ✔✔It is a comprehensive security device, with a
zone-based firewall and Identity-based policies at its core.
It can expose hidden risk, stop unknown threats and isolate infected systems
It supports ZTNA by providing network segmentation and lateral movement protection
What are the phases of the Attack Kill Chain? - ✔✔1. Reconnaissance
2. Weaponization
3. Delivery
4. Exploitation
5. Installation
6. Command and control
7. Behaviour
What happens in the Reconnaissance and Weaponization phases of the Attack Kill Chain? - ✔✔The
attacker will passively harvest email addresses and company information, before actively scanning the
target environment using tools like port Scanners
What happens in the Delivery phase of the Attack Kill Chain? - ✔✔The attacker will access the estate to
deliver the malicious payload via methods such as Email or social engineering to direct the victim to a
malicious site
pf3
pf4

Partial preview of the text

Download Sophos Engineer ET80 - Sophos Firewall Overview | Actual Questions and Answers Latest Upda and more Exams Computer Security in PDF only on Docsity!

Sophos Engineer ET80 - Sophos Firewall Overview | Actual Questions and

Answers Latest Updated 2024/2025 (Graded A+)

What is Zero Trust? - ✔✔It is the mindset of don't trust anything verify everything What is ZTNA? - ✔✔Sophos's Zero Trust Network Access What is Sophos Lateral Protection? - ✔✔It is a micro segmentation solution. If device becomes infected it will be isolated to stop the attack or regardless of the Network Topology What are the three key features of Sophos Firewall? - ✔✔It is a comprehensive security device, with a zone-based firewall and Identity-based policies at its core. It can expose hidden risk, stop unknown threats and isolate infected systems It supports ZTNA by providing network segmentation and lateral movement protection What are the phases of the Attack Kill Chain? - ✔✔1. Reconnaissance

  1. Weaponization
  2. Delivery
  3. Exploitation
  4. Installation
  5. Command and control
  6. Behaviour What happens in the Reconnaissance and Weaponization phases of the Attack Kill Chain? - ✔✔The attacker will passively harvest email addresses and company information, before actively scanning the target environment using tools like port Scanners What happens in the Delivery phase of the Attack Kill Chain? - ✔✔The attacker will access the estate to deliver the malicious payload via methods such as Email or social engineering to direct the victim to a malicious site

What does Sophos Web Protection do? - ✔✔By scanning http/https traffic for unwanted content and malware. What does Web Filtering do? - ✔✔Web filtering can allow or block sites based on content filters What is Email Encryption and Control? - ✔✔Sophos Firewall can scan incoming email for malicious content. IP reputation is enabled that allows you to accept/drop/block emails from known Spam IP's. File type detection can scan and block specific file types e.g any macro enabled files will be blocked. Email protection allows you to encrypt emails so you can send data securely out of the network using SPX What is SPX? - ✔✔Sophos Secure PDF Exchange Encryption What is Sophos Zero-Day Protection? - ✔✔Sophos Zero Day protection uses Hash files created when a Sophos Firewall scans an attachment with an executable. The hash file is then sent to the cloud database for review, and Firewall will then either block or allow it depending if it is deemed save or malicious. Zero-Day protection will also send in depth reports on all attack events as configured. What happens when Sophos Zero-Day Protection reviews a hash file it hasn't seen before? - ✔✔The a copy of the suspicious file is sent to Sophos where it is opened in a sandbox environment and monitored. Once analysed, the threat intelligence is sent to the firewall where it is either blocked or allowed depending. A report is then created for the threat incident. How does Sophos Deep Learning work? - ✔✔Millions of samples of both good and bad files are fed to the model, and each feature of the file is defined then labelled, such as Size, Vendor and Printable settings. This model is then used to review the suspicious file to recognise and predict if it is malicious or legitimate What is Application control? - ✔✔This is a service used to reduce the attack surface by restricting what applications are allowed What is Synchronized App control? - ✔✔Sophos Firewall sees app traffic that does not match a signature, but Sophos Endpoint shares the app name, path and category to the Sophos firewall for classification, so the firewall can categorise and control traffic

How does Sophos Automatic Device Isolation work? - ✔✔Server Protection and Intercept X are used to assign each device a health status. If a device is compromised, the device can be automatically isolated from other areas of the network via the firewall and communicating with other devices. This limits infection of other devices on the network What does Email protection Control do? - ✔✔Stops information being leaked outside of the organisation by email. You can create control lists to drop personal identifiable information and financial data types depending on the action configured in the policy