Download Sophos Firewall v19.5: Multiple Choice Questions and True/False Statements and more Exams Computer Science in PDF only on Docsity!
Sophos Firewall v19.5 newest version
2024 edition
Lateral movement protection is made possible by which of the following? - **Synchronized Security Which 2 of these are features of the Xstream achitecture? - **TLS 1. Decryption und Deep packet inspection Which feature of the Sophjos Firewall helps prevent a computer infected by a trojan from transmitting personal information out of theri network? - **Advanced Threat Protection Which feature of the Sophos firewall identifies unknown applications? - **Synchronized App Controll What cloud platfroms is Sophos Firewall supported on? - **AWS, Azure und Nutanix How many radios do the wireless XGS series models have? - ** True or False: The number of ports can be expanded using additional modules. - **True You have received a new hardware Sophos Firewall. What is the default IP addres and port that is used to access the device? - **172.16.16.16: You are preparing a Sophos Firewall for installation on a remote site. The order for the license hat not yet been processed. Which device registration oprion do you select in the Initial Suetup wizard? - **I do not want to register now.
Servic objects can be created for which of the following? - **TCP/UDP Ports, IP Protocol Number, ICMP Type and Code In which of these zones is an interface conffigured with a gateway? - **WAN How many gateways can you include in an SD-WAN profile? - ** Place the route types in the correct default order of precedence - **1. Static;
- SD-WAN; 3. VPN; 4. Default How many servers does Sophos Firewall suport for static DNS? - ** You have an existing DHCP server. What configuration allows Sophos firewall to forward lease requests to this? - **Relay Which of these are defined as Admin services in Device access? - **HTTPS and SSH You want a certificate to be signed by a third-party company. which option should you choose? - **Generate CSR What are the different types of traffic shaping policy you can create? - **Users, Web categories, Rules, Applications What do you need to configure before you can start using traffic shaping? - **Total WAN bandwidth True of False: NAT rules are processed in order from top to bottom - **True
You want to configure Security Heartbeat, what is the first thing you need to do? - **Register your Sophos Firewall with you Sophos Central account What information deas Sophos Firewall share about devices with a RED health status to prevent lateral movement protection? - **MAC Adress What 2 way can you register Sophos Firewall with Sophos Central - **OTP; Username and passwort Which 2 VPN protocols does Sophos Firewall suport for Site to Site - **SSL ;IPSEC True of False: RED connections are alway automatically added to the VPN Zone - **false What is the default SSL VPN port? - ** Where do you select the remote networks? - **Server configuration What types of authentication can be used for IPsec Site to Site VPNs? - **Digital certificate; RSA Key; PSK In wich type of IPsec VPN do you need to define the local and remote network - **policy based Which 2 ports do Remote Ethernet Devices use? REDs - **TCP 3400; UDP 3410 Standard/Split - **Sophos Firewall is the DHCP server and default gateway for the remote network. Only defined traffic is sent through the RED
Transparent/Split - **Sophos Firewall gets its IP adress from a DHCP server on the remote network Standard/Unified - **All traffic generated on the remote netwok is sent through the RED to Sophos firewall Which type of server is used for wireless authentication? - **RADIUS When are users who are not administrators able to login to the Web Admin? - **Users who are not administrator are not able to login to the WebAdmin If an authentication server is added to sophos firewall this will become the default authentication method - **false a user is a memer of multiple AD groups. what will happen when they first login too Sophos Firewall? - **They will be added to the first group they match on Sophos firewall When configuring Azure AD SSO for administrator; in the Sophos Firewall web console, where can you find the redirect URL that needs to be added to the app registration in Azure AD? - **Authentication Servers True or False: Azure AD SSO for the web console on Sophos Firewall requires a paid tier of Azure AD. - **false You need to create a user account to authenticate a Voip system that needs access to the Internet. What type of user is best? - **Clientless User which 3 of the following actions do you need to complete for Synchronized User ID to work? - **Configure an AD authentication server on the Sophs Firewall
True of False: Application filter rules are applied to users and groups - **false If a new application is added that matches an existing application control filter rule, which of the following statments is True? - **The application is automatically included in the existing rule wjhat can traffic shaping policies be addociated with? - **Users Web Categories Applications Firewall Rules It is possible to apply a default traffic shaping policy to all traffic - **true what is the default port fpr SSL VPNs? - ** where do you download the IPsec VPN configuration? - **WebAdmin Which 5 protocols does clientless SSL VPN access support? - **SSH VNC FTP RDP SMB What IP Adress do access points send discovery packets to? - **1.2.3. What are the different types of hotspot you can create on Sophos firewall - **Password of the day Voucher Terms of acceptence
True or False: You con only create hotspots on wireless interfacers - **false You have created a report that displays date that you wish to check daily. How can you make this data easily avaible in the Webadmin interface? - **create a bookmark for the report What is the maximum number of external syslog servers you can configure on Sophos Firewall? - ** Sophos firewall can send notifications using which of the following protocols?
- **SNMP SMTP Which of the following statements are True about SD-WAN connections groups. - **Requires 2 or more firewalls Can limit access to authenticated users Can include Security Heartbeat configuration Can automatically create firewall rules How many backups can you store on Sophos Central - ** How many days of data is available in Sophos Central using the free Central Firewall Reporting? - ** How much storage is included with each Central Firewall Reporting Advanced license in GB? - ** Enter the URL address for Sophos support website - **www.sophos.com/support
What 3 methods can be used for setting the SPX encryption password? - **Sophos Firewall can generate password for encryption an email it to the sender The sender can specify the password in the subject line Sophos Firewall con email the recipient to create an encryption password You have enabled the option to block potentially unwanted applications in Web Protection. Where yould you exclude an application that you use on the network from being blocked? - **Protect -> Web -> Genalsettings You are configuration a secure wireless guest network that needs to have its traffic isolated. Whst mode would allow this to be done without any additional changes to the network configuration? - **Seperate Zones Which Sophoes Firewall feature sinds decrypted packets to IPS, application controll, web filterin and antivirus checking? - **SSL/TLS inspection Whjich 4 of the following are external authentication servers on Sophos Firewall - **Radius LDAP AD eDirectory What 2 methodes are available for users to manage their quarantined items?
- **Quarantine digest email User Portal You have configured one-time passwords. John is trying to login to the Portal; his password is 'firewall' Below you can see the login screen and his token '396145'
What does John Smith need to enter ad the passwort to login? - **firewall Web policy rules apply to wich 2 of the following? - **Users Groups You are checking the application risk meter which is reportion a rist score of 4.2. Which of the following statments are true in this circumstance? - **There are users performing risky actions on the network Im Email Protection, where do you enable the SPX PReplay Portal? - **SPX Template After enabling ATP on the Sophos Firewall, you test the ATP policies and connot get the block page to appear. You examine the configuration to see what is misconfigured. - **Policy -> Log Only You have been asked to install STAS on your servers. Which 3 of the following are required for the installation to be successful? - **An account with access to the Windows Security log Active direktory An account with logon as a service rights During troubleshooting you do not see as much information in the logfiles as you were expection. Whas needs to be changes to see all the traffic passing through a firewall rule? - **Log firewall traffic Which 3 of the following features are provided by application control? - **Protect against risky applications Guarantee bandwidth for business spplication Block or limit unproductive applications
SSL and IPsec VPN When a RED is deployed in Standard/Unified mode. how do the computers on the remote network geht their Ipadress? - **From a DHCP server Running on the Sophos Firewall Which 2 of the following statments about Firewall authentication servers are True? - **Authentication servers are processed in oder until one is matched Multiple authenication servers can be vonrifurated for redeundancy Which 2 methods are suported for log of detection when useing STAS - **PING Workstation Poling You are working with sensitive corporate date and want to ensure that traffic from remote locations is monitored and blocked from leaving the corporate LAN. What would be the most appropiate sucurity mode to deplay the RED devices in - **Standard/Unified Which of the following DoS and spoof protection modes wioll drop packets if the source IP address dead not match an entry on the firewalls routing table?
- **IP-Spoofing True or False: When Central Firewall Management is in use, local rules on the Sophos Firewall are only overwritten when a rule with the same name is created in Sophos Central. - **True Which 2 operating systems is the Sophos Connect IPsec VPN client available for? - **Windows MacOS
Which page lists all current applications that are connecting through the Sophos Firewall? - **Application connections When configuring SD-WAN profiles for load balancing, what two methods can be used? - **Session persistence Round Robin TRUE or FALSE. The Sophos Chromebook User ID app is deployed to Chromebooks from the Sophos Firewall. - **True What type of user can be created to allow temporary access to resources with the least amount of effort? - **Guest User Which method allows a web quota to be based on category and time? - **Web policy rule quota You have enabled active-active high availability on your Sophos Firewall and notice that synchronized application control is not working across your network. Why would this happen? - **Synchronized Application Control is not supported in this deployment scenario Which 2 features are required if you want to make use of lateral movement protection? - **Intercept X Which additional control available through the ellipses menu for firewall rules can be useful when troubleshooting? - **Resetting the data counter for the rule TRUE or FALSE. Applications which have been discovered via synchronized application control can be added as a traffic selector under SD WAN routing.
