Download SOPHOS FIREWALL V19.5 2024 NEWEST ACTUAL EXAM 170 DETAILED QUESTIONS AND GUARANTEED ANSWER and more Exams Computer Security in PDF only on Docsity!
SOPHOS FIREWALL V19.5 2024 NEWEST
ACTUAL EXAM 170 DETAILED QUESTIONS
AND GUARANTEED ANSWERS ALREADY
GRADED A+.
You want to configure Security Heartbeat, what is the first thing you need to do? - ANSWER- Register your Sophos Firewall with you Sophos Central account What information deas Sophos Firewall share about devices with a RED health status to prevent lateral movement protection? - ANSWER- MAC Adress What 2 way can you register Sophos Firewall with Sophos Central - ANSWER- OTP; Username and passwort Which 2 VPN protocols does Sophos Firewall suport for Site to Site - ANSWER- SSL ;IPSEC True of False: RED connections are alway automatically added to the VPN Zone - ANSWER- false
What is the default SSL VPN port? - ANSWER- 8443 Where do you select the remote networks? - ANSWER- Server configuration What types of authentication can be used for IPsec Site to Site VPNs? - ANSWER- Digital certificate; RSA Key; PSK In wich type of IPsec VPN do you need to define the local and remote network - ANSWER- policy based Which 2 ports do Remote Ethernet Devices use? REDs - ANSWER- TCP 3400; UDP 3410 Standard/Split - ANSWER- Sophos Firewall is the DHCP server and default gateway for the remote network. Only defined traffic is sent through the RED
When configuring Azure AD SSO for administrator; in the Sophos Firewall web console, where can you find the redirect URL that needs to be added to the app registration in Azure AD? - ANSWER- Authentication Servers True or False: Azure AD SSO for the web console on Sophos Firewall requires a paid tier of Azure AD. - ANSWER- false You need to create a user account to authenticate a Voip system that needs access to the Internet. What type of user is best? - ANSWER- Clientless User which 3 of the following actions do you need to complete for Synchronized User ID to work? - ANSWER- Configure an AD authentication server on the Sophs Firewall Enable AD server in the Firewall authentication mehtos Import groups from AD into the Sophos firewall What port is used by Captive portal? - ANSWER- 8090
You are installing STAS on a single domain controller. Which installation type do you select? - ANSWER- SSO Suite which 2 of the following are requirements for the secret when creating a token manually - ANSWER- Minimum of 32 characters; HEX a user hat lost their phone with the Authenticator App. What is the most secure way to allow authentication? - ANSWER- Manually create single use codes and provide the user with these What are the 2 ways in which web filtering can be deploed on Sophos firewall? - ANSWER- transparent ; Explicite If you are using the Sophos firewall as an explicit proxy, which web filtering ooption will be used? - ANSWER- web proxy which of these options IS supported when using the DPI Engine? - ANSWER- Configure quota time
Which feature of the Sophos firewall identifies unknown applications? - ANSWER- Synchronized App Controll What cloud platfroms is Sophos Firewall supported on? - ANSWER- AWS, Azure und Nutanix How many radios do the wireless XGS series models have? - ANSWER- 1 True or False: The number of ports can be expanded using additional modules. - ANSWER- True You have received a new hardware Sophos Firewall. What is the default IP addres and port that is used to access the device? - ANSWER- 172.16.16.16: You are preparing a Sophos Firewall for installation on a remote site. The order for the license hat not yet been processed. Which device registration oprion do you select in the Initial Suetup wizard? - ANSWER- I do not want to register now.
Servic objects can be created for which of the following? - ANSWER- TCP/UDP Ports, IP Protocol Number, ICMP Type and Code In which of these zones is an interface conffigured with a gateway? - ANSWER- WAN How many gateways can you include in an SD-WAN profile? - ANSWER- 8 Place the route types in the correct default order of precedence - ANSWER- 1. Static; 2. SD-WAN; 3. VPN; 4. Default How many servers does Sophos Firewall suport for static DNS? - ANSWER- 3 You have an existing DHCP server. What configuration allows Sophos firewall to forward lease requests to this? - ANSWER- Relay Which of these are defined as Admin services in Device access? - ANSWER- HTTPS and SSH
complete the sentence below: When creating a firewall rule for DNAT, you select the ________ destination zone. - ANSWER- Post NAT Where would you exclude a website from TLS inspection? - ANSWER- WEB - > URL Groups Where would you configure which chiper algorithms to block? - ANSWER- Decryption profile What 2 things do you need to do to use IPS policies - ANSWER- Select an IPS policy in a firewall rule; Enable IPS using the switch Spoof Protection - ANSWER- Drops traffic that is trying to pretend to come from a different MAC of IP address to bypass protection DoS Protection - ANSWER- Drops traffic that is maliciously trying to prevent legitimate traffic from being able to accsess services. IPS Policies - ANSWER- Protectes against exploits and malfromed traffic.
Which 2 actions can ATP be configured to perform when it detects traffic to a command-and-control server? - ANSWER- Log; Log and Drop If a new application is added that matches an existing application control filter rule, which of the following statments is True? - ANSWER- The application is automatically included in the existing rule wjhat can traffic shaping policies be addociated with? - ANSWER- Users Web Categories Applications Firewall Rules It is possible to apply a default traffic shaping policy to all traffic - ANSWER- true what is the default port fpr SSL VPNs? - ANSWER- 8443 where do you download the IPsec VPN configuration? - ANSWER- WebAdmin
You have created a report that displays date that you wish to check daily. How can you make this data easily avaible in the Webadmin interface? - ANSWER- create a bookmark for the report What is the maximum number of external syslog servers you can configure on Sophos Firewall? - ANSWER- 5 Sophos firewall can send notifications using which of the following protocols? - ANSWER- SNMP SMTP Which of the following statements are True about SD-WAN connections groups. - ANSWER- Requires 2 or more firewalls Can limit access to authenticated users Can include Security Heartbeat configuration Can automatically create firewall rules How many backups can you store on Sophos Central - ANSWER- 5
How many days of data is available in Sophos Central using the free Central Firewall Reporting? - ANSWER- 7 How much storage is included with each Central Firewall Reporting Advanced license in GB? - ANSWER- 100 Enter the URL address for Sophos support website - ANSWER- www.sophos.com/support What does the SophosLapbs page provide information on? - ANSWER- Real-Time Data threat reports Which of the following best describes the Bridge to VLAN security mode for wireless networks? - ANSWER- Allows the wireless network to extend the VLAN Which 2 types of zones can be created on the Sophos Firewall? - ANSWER- DMZ LAN
Malware scan mode: Batch Malware scan mode: Real-Time What 3 methods can be used for setting the SPX encryption password? - ANSWER- Sophos Firewall can generate password for encryption an email it to the sender The sender can specify the password in the subject line Sophos Firewall con email the recipient to create an encryption password You have enabled the option to block potentially unwanted applications in Web Protection. Where yould you exclude an application that you use on the network from being blocked? - ANSWER- Protect - > Web - > Genalsettings You are configuration a secure wireless guest network that needs to have its traffic isolated. Whst mode would allow this to be done without any additional changes to the network configuration? - ANSWER- Seperate Zones
Which Sophoes Firewall feature sinds decrypted packets to IPS, application controll, web filterin and antivirus checking? - ANSWER- SSL/TLS inspection Whjich 4 of the following are external authentication servers on Sophos Firewall - ANSWER- Radius LDAP AD eDirectory What 2 methodes are available for users to manage their quarantined items? - ANSWER- Quarantine digest email User Portal You have configured one-time passwords. John is trying to login to the Portal; his password is 'firewall' Below you can see the login screen and his token '396145'
Active direktory An account with logon as a service rights During troubleshooting you do not see as much information in the logfiles as you were expection. Whas needs to be changes to see all the traffic passing through a firewall rule? - ANSWER- Log firewall traffic Which 3 of the following features are provided by application control? - ANSWER- Protect against risky applications Guarantee bandwidth for business spplication Block or limit unproductive applications Which 2 of the following statments correctly describe how firewall rules are applied? - ANSWER- Packets are tested against firewall rules in order and the first match is used Packets that don't match a firewall rule are dropped When you download the IPsec remoote access configuration you have two configuration files. Which file type includes the advanced configuration`? - ANSWER- .scx
What type of encryption does Sophos Firewall make use of for one way massage encryption? - ANSWER- SPX Which 3 of the following are the default decryption profiles available in Sophos Firewall? - ANSWER- Block insecure Maximum compatibility Strict compliance Which page lists all current applications that are connecting through the Sophos Firewall - ANSWER- Live connection Which of the follwing is an attack useing a spoof email to persuade users to provide sensitive information or credentials - ANSWER- Phishing Which interface type is a group of interfaces that act as a single connection
- ANSWER- LAG which is the most common deployment scenario for Sophos Firewall? - ANSWER- Gateway mode
