Docsity
Log inSign up
Docsity
Prepare for your exams
Prepare for your exams

Study with the several resources on Docsity

Earn points to download
Earn points to download

Earn points by helping other students or get them with a premium plan

Guidelines and tips
Guidelines and tips
Sell on Docsity
Sell on Docsity
Log inSign up

Prepare for your exams

Study with the several resources on Docsity

Find documents

Prepare for your exams with the study notes shared by other students like you on Docsity

Search Store documents

The best documents sold by students who completed their studies

Search through all study resources
Docsity AINEW

Summarize your documents, ask them questions, convert them into quizzes and concept maps

Explore questions

Clear up your doubts by reading the answers to questions asked by your fellow students

Earn points to download

Earn points by helping other students or get them with a premium plan

Share documents
download point icon20 Points

For each uploaded document

Answer questions
download point icon5 Points

For each given answer (max 1 per day)

All the ways to get free points
Get points immediately

Choose a premium plan with all the points you need

Study Opportunities

Choose your next study program

Get in touch with the best universities in the world. Search through thousands of universities and official partners

Community

Ask the community

Ask the community for help and clear up your study doubts

University Rankings

Discover the best universities in your country according to Docsity users

Free resources

Our save-the-student-ebooks!

Download our free guides on studying techniques, anxiety management strategies, and thesis advice from Docsity tutors

From our blog

Exams and Study
Go to the blog

Sophos Engineer ET80 - Sophos Firewall Overview | Actual Questions and Answers Latest Upda, Exams of Computer Security

State University of New York - New PaltzComputer Security

What is Zero Trust? - ✔✔It is the mindset of don't trust anything verify everything What is ZTNA? - ✔✔Sophos's Zero Trust Network Access What is Sophos Lateral Protection? - ✔✔It is a micro segmentation solution. If device becomes infected it will be isolated to stop the attack or regardless of the Network Topology What are the three key features of Sophos Firewall? - ✔✔It is a comprehensive security device, with a zone-based firewall and Identity-based policies at its core. It can expose hidden risk, stop unknown threats and isolate infected systems It supports ZTNA by providing network segmentation and lateral movement protection What are the phases of the Attack Kill Chain? - ✔✔1. Reconnaissance 2. Weaponization 3. Delivery 4. Exploitatio

Typology: Exams

2023/2024

Available from 08/30/2024

Holygrams
Holygrams 🇺🇸

3.7

(3)

2.2K documents

1 / 4

Toggle sidebar

This page cannot be seen from the preview

Don't miss anything!

bg1
Sophos Engineer ET80 - Sophos Firewall Overview | Actual Questions and
Answers Latest Updated 2024/2025 (Graded A+)
What is Zero Trust? - ✔✔It is the mindset of don't trust anything verify everything
What is ZTNA? - ✔✔Sophos's Zero Trust Network Access
What is Sophos Lateral Protection? - ✔✔It is a micro segmentation solution. If device becomes infected
it will be isolated to stop the attack or regardless of the Network Topology
What are the three key features of Sophos Firewall? - ✔✔It is a comprehensive security device, with a
zone-based firewall and Identity-based policies at its core.
It can expose hidden risk, stop unknown threats and isolate infected systems
It supports ZTNA by providing network segmentation and lateral movement protection
What are the phases of the Attack Kill Chain? - ✔✔1. Reconnaissance
2. Weaponization
3. Delivery
4. Exploitation
5. Installation
6. Command and control
7. Behaviour
What happens in the Reconnaissance and Weaponization phases of the Attack Kill Chain? - ✔✔The
attacker will passively harvest email addresses and company information, before actively scanning the
target environment using tools like port Scanners
What happens in the Delivery phase of the Attack Kill Chain? - ✔✔The attacker will access the estate to
deliver the malicious payload via methods such as Email or social engineering to direct the victim to a
malicious site
pf3
pf4

Partial preview of the text

Download Sophos Engineer ET80 - Sophos Firewall Overview | Actual Questions and Answers Latest Upda and more Exams Computer Security in PDF only on Docsity!

Sophos Engineer ET80 - Sophos Firewall Overview | Actual Questions and

Answers Latest Updated 2024/2025 (Graded A+)

What is Zero Trust? - ✔✔It is the mindset of don't trust anything verify everything What is ZTNA? - ✔✔Sophos's Zero Trust Network Access What is Sophos Lateral Protection? - ✔✔It is a micro segmentation solution. If device becomes infected it will be isolated to stop the attack or regardless of the Network Topology What are the three key features of Sophos Firewall? - ✔✔It is a comprehensive security device, with a zone-based firewall and Identity-based policies at its core. It can expose hidden risk, stop unknown threats and isolate infected systems It supports ZTNA by providing network segmentation and lateral movement protection What are the phases of the Attack Kill Chain? - ✔✔1. Reconnaissance

  1. Weaponization
  2. Delivery
  3. Exploitation
  4. Installation
  5. Command and control
  6. Behaviour What happens in the Reconnaissance and Weaponization phases of the Attack Kill Chain? - ✔✔The attacker will passively harvest email addresses and company information, before actively scanning the target environment using tools like port Scanners What happens in the Delivery phase of the Attack Kill Chain? - ✔✔The attacker will access the estate to deliver the malicious payload via methods such as Email or social engineering to direct the victim to a malicious site

What does Sophos Web Protection do? - ✔✔By scanning http/https traffic for unwanted content and malware. What does Web Filtering do? - ✔✔Web filtering can allow or block sites based on content filters What is Email Encryption and Control? - ✔✔Sophos Firewall can scan incoming email for malicious content. IP reputation is enabled that allows you to accept/drop/block emails from known Spam IP's. File type detection can scan and block specific file types e.g any macro enabled files will be blocked. Email protection allows you to encrypt emails so you can send data securely out of the network using SPX What is SPX? - ✔✔Sophos Secure PDF Exchange Encryption What is Sophos Zero-Day Protection? - ✔✔Sophos Zero Day protection uses Hash files created when a Sophos Firewall scans an attachment with an executable. The hash file is then sent to the cloud database for review, and Firewall will then either block or allow it depending if it is deemed save or malicious. Zero-Day protection will also send in depth reports on all attack events as configured. What happens when Sophos Zero-Day Protection reviews a hash file it hasn't seen before? - ✔✔The a copy of the suspicious file is sent to Sophos where it is opened in a sandbox environment and monitored. Once analysed, the threat intelligence is sent to the firewall where it is either blocked or allowed depending. A report is then created for the threat incident. How does Sophos Deep Learning work? - ✔✔Millions of samples of both good and bad files are fed to the model, and each feature of the file is defined then labelled, such as Size, Vendor and Printable settings. This model is then used to review the suspicious file to recognise and predict if it is malicious or legitimate What is Application control? - ✔✔This is a service used to reduce the attack surface by restricting what applications are allowed What is Synchronized App control? - ✔✔Sophos Firewall sees app traffic that does not match a signature, but Sophos Endpoint shares the app name, path and category to the Sophos firewall for classification, so the firewall can categorise and control traffic

How does Sophos Automatic Device Isolation work? - ✔✔Server Protection and Intercept X are used to assign each device a health status. If a device is compromised, the device can be automatically isolated from other areas of the network via the firewall and communicating with other devices. This limits infection of other devices on the network What does Email protection Control do? - ✔✔Stops information being leaked outside of the organisation by email. You can create control lists to drop personal identifiable information and financial data types depending on the action configured in the policy