Scribd
Upload
6K views

Sophos ET80 Questions + Answers

Uploaded by

5t9m4h5kpj
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
6K views

Sophos ET80 Questions + Answers

Uploaded by

5t9m4h5kpj
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 7

1. v20.

0 Overview and Deployment

1. Which is the most common deployment scenario for Sophos Firewall


and also the default mode? – Gateway Mode

2. Which Sophos Firewall Feature can harden forms, sign cookies, and
prevent SQL Injection? - Web Server Protection

3. TRUE or FALSE. Sophos Firewall hardware devices come pre-loaded


with software. – True

4. Lateral movement protection is made possible by which of the


following? Lateral movement protection is made possible by which of the
following? – Server or endpoint protection

2. v20.0 Getting Started

1. When configuring SD-WAN profiles for load balancing, what two


methods can be used? – Session persistence, Round Robin
This answer can be found in the Introduction to Routing and SD-WAN on
Sophos Firewall chapter.

2. Which interface type is a virtual LAN interface created on an existing


interface? - VLAN

3. Look at the image below.

What type of object is this? – IPv4


This answer can be found in the Navigating and Managing Sophos Firewall
chapter.

3. v20.0 Base Firewall and Network Protection


1. How do healthy endpoints identify endpoints with a RED health
status for lateral movement protection? – Central ID
This answer can be found in the Getting Started with Security
Heartbeat on Sophos Firewall chapter.

2. Which of the following protects against exploits and malformed


traffic? – IPS Policies

3. Which 2 of the following statements correctly describe how


firewall rules are applied? - Firewall rules are applied
sequentially from the top of the rule list to the bottom.
Firewall rules are only applied to incoming traffic.

4. Users complain that when working long hours, they often lose
access to Internet resources. – scheduled hours are only applied
to work hours
Looking at the configuration of the rule above, what is causing this?

4. v20.0 Firewall Icons

1. Which firewall icon shown represents a user rule that will reject or drop
traffic? - G

5. v20.0 Site-to-Site Connections

1. When a RED is deployed in Standard/Unified mode, how do the


computers on the remote network get their IP address? – From a DHCP
server running on the XG Firewall

2. When creating a site-to-site VPN between a Sophos Firewall and


another vendor’s firewall, what is the best protocol to use? – Ipsec

3. Which RED mode matches this description? Sophos Firewall is the


DHCP server and default gateway for the remote network. Only defined
traffic is sent through the RED. - Standard/Split
This answer can be found in the Getting Started with Remote Ethernet
Devices on Sophos Firewall chapter.

4. Which 3 types of authentication can be used for IPsec site-to-site


VPNs? – pre-shared keys, digital certificates and RSA signatures

6. v20.0 Authentication

1. TRUE or FALSE. The Sophos Chromebook User ID app is deployed to


Chromebooks from the Sophos Firewall. – True

2. When configuring Azure AD SSO; in the Sophos Firewall web console,


where can you find the redirect URL that needs to be added to the app
registration in Azure AD? – Authentication Servers
The answer can be found in the Configuring Azure AD SSO on Sophos
Firewall chapter.

3. Which directory service is supported by STAS when used with a Sophos


Firewall? – Microsoft Active Directory

4. What port number is used by Captive portal? – 8090 (443)


This answer can be found in the Getting Started with Sophos Firewall
Authentication chapter.

5. TRUE or FALSE. If an authentication server is added to Sophos Firewall


this will become the default authentication method. – False
This answer can be found in the Configuring Authentication Servers and
Services on Sophos Firewall chapter.

7. v20.0 Web Protection

1. Which 3 options should be configured to ensure the most secure


scanning settings are in place to protect users as they browse the web? –
Malware scan mode: Batch, Engine Selection, Dual Engine. Content:
Block
This answer can be found in the Configuring Web Protection on Sophos
Firewall chapter.

2. TRUE or FALSE. Web protection exceptions apply to all web protection


policies no matter when they are applied in the Sophos Firewall. - True

3. What are the 2 ways web filtering can be deployed on Sophos Firewall?
– Transparent, Explicit

4. TRUE or FALSE. Keyword libraries can be uploaded to Sophos Firewall


and applied to any web filtering policy as an added criteria with actions to
log and monitor, or block search results or websites containing the keywords
of interest. – True

8. v20.0 Web Quota

1. You have been asked to create a surfing quota for guests that allows
access to the Internet for 20 hours in a week and then terminates the
connection with no recurrence.
Which image shows the best way to configure the surfing quota? - B
This answer can be found in the Sophos Firewall Web Protection Quotas and
Traffic Shaping chapter.

9. v20.0 Application Control

1. Which 3 of the following features are provided by application control? –


Protection against risky applications, Block or Limit unproductive
applications, Guarantee bandwidth for business applications

2. Which 4 of the following can traffic shaping policies be associated


with? – Users, Applications + other 2 – not IPS Rules or VLANS

3. Which 3 of the following features are provided by Cloud Applications


on the Sophos Firewall? – identification of risk behaviour, filtering
cloud application data, and alerting the administrator (or classify
cloud applications, identify cloud applications being used,
identification of risky behaviour)
This answer can be found in the Getting Started with Application Control on
Sophos Firewall chapter.

4. TRUE or FALSE. It is possible to apply a default application traffic


shaping policy to all traffic. – True

10. v20.0 Remote Access

1. TRUE or FALSE: The SSL VPN and User Portal can share the same port?
– False

2. What is the Clientless Access Portal used for? – Provide access to


internal resources without the need for a VPN client to be installed
3. Sophos Firewall hosts the SSL VPN on which port by default? – SSL
VPN 8443
This answer can be found in the Getting Started with Remote Access VPNs
on Sophos Firewall chapter.

4. Where can an end user download the Sophos Connect VPN client from
to install on their workstation? – User Portal

11. v20.0 Wireless

1. Which wireless security mode must be used to support Fast BSS? –


WPA2-Enterprise

2. What are the 3 different types of hotspot you can create on Sophos
Firewall? – SSO, Username and Password and Voucher

12. v20.0 Logging and Reporting

1. Which reporting metric can be used to identify risky users who are
responding to spear phishing attempts? – UTQ User Threat Quotient

2. You have created a report that displays data that you wish to check on
a daily basis. How can you make this data easily available in the WebAdmin
interface? – Create a bookmark for the report
This answer can be found in the Running and Customizing Reports on
Sophos Firewall chapter.

13. v20.0 Central Firewall Management

1. Which option must be enabled before you can start managing your
Sophos Firewall in Sophos Central? – Use Sophos Central management

2. Which 4 of the following statements are TRUE about SD-WAN


connection groups in Sophos Central? – Requires 2 or more firewalls,
Can limit access to authenticated users, can include security
heartbeat configurations, can automatically create firewall rules
This answer can be found in the Managing Sophos Firewall in Sophos Central
chapter.

You might also like