Download Sophos Firewall Exam Questions and Answers 2024 and more Exams Computer Security in PDF only on Docsity!
Sophos Firewall Exam 2024
When a RED is deployed in Standard/Unified mode, how do the computers on the remote network get their IP adresss? - ANSWER From a DHCP server running on the XG firewall
You are preparing a hardware XG Firewall for installation on a remote site. The order for the license has not yet been processed. Which registration option do you select in the Initial Setup wizard? - ANSWER I do not want to register now
You have created a repot that displays data that you wish to check on a daily basis. how can you make this data easily available in the WebAdmin interface?? - ANSWER Create a bookmark for the report
Which of the following best describes greylisting? - ANSWER The first attempt to deliver a message is temporarily denied.
One computer has a red health status. ON which 2 of the networks can the endpoints be protected from the computer with a a red health status? - ANSWER A. C
Sophos XG hardware devices come pre-loaded with software. - ANSWER True
Which 2 features are required if you want to make use of lateral movement protection? - ANSWER Server or endpoint protection. Intercept X
Which XG firewall feature is able to block access to command and control servers? - ANSWER Advanced Threat Protection
Which 2 methods are supported for logoff detection when using STAS - ANSWER PING, Workstation Polling
Type the name of the only zone that cannot have a physical port or interface assigned to it - ANSWER vpn
DHCP can be used to override the magic IP if the XG Firewall is not the default gateway. - ANSWER False
Which web filtering method can offload traffic to the FastPath? - ANSWER DPI
Which interface type is a virtual LAN created on an existing XG interface - ANSWER VLAN
Which of the following statements about zero-touch deployment are TRUE - ANSWER Zero-touch configuration rules can only be created for unregistered hardware serial numbers
What is the clientless Access portal used for? - ANSWER To provide access to internal resources without the need for a VPN client to be installed
Which firewall icon represents a disabled user Rule? - ANSWER C
Which page list all current applications that are connecting through the XG Firewall? - ANSWER Live connections
How many days of data is available in Sophos Central? - ANSWER 7 days
What do you need to do in order to use NTLM and Kerberos for web authentication? - ANSWER Enable AD SSO per zone on the Device Access page
The XG firewall's life implementation of Cloud Access security Broker blocks all cloud applications by default - ANSWER False
Below Below is an image of the XG Firewall Control Center. From here, what would you click to access the Policy Test Simulator -
You have configured one-time passwords. John Smith is trying to login to the User Portal; his password is 'xgfirewall' Below you can see the login screen and his token - ANSWER xgfirewall
Whre can an end user download the SSL VPN client from to install on their workstation? - ANSWER User Portal
Which of the following DoS and spoof protection modes will drop packets if the source MAC address is not configured as a trusted MAC? - ANSWER Mac filter
Which 2 of the following statements correctly describe how firewall rules are applied? - ANSWER Packets that don't math a firewall rule are dropped and logged Packets are tested against firewall rules in order and the first match is used
The Sophos Chromebook User ID app is deployed to Chromebook from the XG firewall - ANSWER False
Which is the control port in RED connections? - ANSWER TCP:
you are working with sensitive corporate data and want to ensure that traffic from remote locations is monitored and blocked from leaving the corporate LAN. What would be the most appropriate security mode to deploy the RED devices in - ANSWER Standard/Unified
NAT rules require firewall rules to allow traffic - ANSWER True
When creating a NAT rule which option allows you to select - ANSWER Override source translation
When creating a NAT rule which option allows you to select different source NATs based on the outbound interface within a single rule? - ANSWER Override source translation
Which 2 methods can be used to generate one-time passwords for authenticating with the XG Firewall - ANSWER Bridge, transparent
