Exam v19.5 Sophos

1. Overview and Deployment v19.
5
1. What type of encryption does Sophos Firewall make use of for one way message encryption?
2. Which is the most common deployment scenario for Sophos Firewall and also the default
mode?
3. Which 4 of the following are tested and supported virtualization platforms for Sophos Firewall?
4. Which deployment mode can be used for evaluating the capabilities of Sophos Firewall without
making any network changes?
2. Getting Started v19.5

1. What are the two routing strategies that can be used in SD-WAN profiles?
This answer can be found in the Introduction to Routing and SD-WAN on Sophos Firewall chapter.
2. Look at the image below.
What type of object is this?
3. When configuring SD-WAN profiles for load balancing, what two methods can be used?
This answer can be found in the Introduction to Routing and SD-WAN on Sophos Firewall chapter.
3. Base Firewall and Network Protection v19.5

1. What 2 things do you need to do to use IPS policies?
2. When creating a NAT rule which option allows you to select different source NATs based on the
outbound interface within a single rule?
3. How do healthy endpoints identify endpoints with a RED health status for lateral movement
protection?
4. TRUE or FALSE. NAT rules require firewall rules to allow traffic.

4. Firewall Icons v19.5
1. Which firewall icon shown represents a user rule that allows traffic?
5. Site-to-Site Connections v19.5

1. Where do you select the remote networks for site-to-site SSL VPNs?
2. Which RED mode matches this description? Sophos Firewall gets its IP address from a DHCP
server on the remote network.
3. TRUE or FALSE. All site-to-site or remote access VPN connections are automatically added to
the VPN zone.
4. Which 2 ports do Remote Ethernet Devices use?
6. Authentication v19.5
1. Which 2 of the following are requirements for the secret when creating a multi-factor
authentication token manually?
2. What do you need to do in order to use NTLM and Kerberos for web authentication?
3. Which 3 of the following forms of access can be secured using one-time passwords?
4. Which 2 methods can be used to generate one-time passwords for authenticating with the
Sophos Firewall?
5. Which directory service is supported by STAS when used with a Sophos Firewall?
7. Web Protection v19.5

1. What are the 2 ways web filtering can be deployed on Sophos Firewall?
2. Which method controls the amount of time users and groups spend on the Internet and applies
to all Internet traffic?
3. Which 3 options should be configured to ensure the most secure scanning settings are in place
to protect users as they browse the web?
This answer can be found in the Configuring Web Protection on Sophos Firewall chapter.
4. TRUE or FALSE. Web protection exceptions apply to all web protection policies no matter when
they are applied in the Sophos Firewall.
8. Web Quota v19.5

1. You have been asked to create a surfing quota for guests that allows access to the Internet for
20 hours in a week and then terminates the connection with no recurrence.
Which image shows the best way to configure the surfing quota?
9. Application Control v19.5

1. If a new application is added that matches an existing application control filter rule, which of the
following statements is TRUE?
This answer can be found in the Getting Started with Application Control on Sophos Firewall chapter.
2. TRUE or FALSE. Applications which have been discovered via synchronized application control
can be added as a traffic selector under SD WAN routing.
3. TRUE or FALSE. The Sophos Firewall's lite implementation of Cloud Access Security Broker
blocks all cloud applications by default.
4. Which 3 of the following features are provided by application control?
10. Remote Access v19.5

1. When you download the IPsec remote access configuration you have two configuration files.
Which file type includes the advanced configuration?
2. Which 2 operating systems is the Sophos Connect IPsec VPN client available for?
3. What is the Clientless Access Portal used for?
4. Which 2 protocols does the Sophos Connect IPsec VPN client support?
11. Wireless v19.5

1. Which of the following best describes the Bridge to VLAN security mode for wireless networks?
This answer can be found in the Deploying Wireless Protection on Sophos Firewall chapter.
2. What 2 of the following are methods that can be used to allow access to a wireless hotspot on
the Sophos Firewall?
12. Logging and Reporting v19.5

1. You are checking the application risk meter which is reporting a risk score of 4.2. Which of the
following statements are true in this circumstance?
2. You have created a report that displays data that you wish to check on a daily basis. How can
you make this data easily available in the WebAdmin interface?
13. Central Management and Reporting v19.5

1. When using Central Firewall Management, which of the following statements is TRUE?
2. How many backups can you store on Sophos Central? Enter the answer in digits.

Exam v19.5 Sophos

Uploaded by

Copyright:

Available Formats

Exam v19.5 Sophos

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Exam v19.5 Sophos

Uploaded by

Copyright:

Available Formats

1. Overview and Deployment v19.

2. Getting Started v19.5

2. Look at the image below.

What type of object is this?

3. Base Firewall and Network Protection v19.5

4. TRUE or FALSE. NAT rules require firewall rules to allow traffic.

5. Site-to-Site Connections v19.5

4. Which 2 ports do Remote Ethernet Devices use?

7. Web Protection v19.5

8. Web Quota v19.5

9. Application Control v19.5

4. Which 3 of the following features are provided by application control?

10. Remote Access v19.5

3. What is the Clientless Access Portal used for?

11. Wireless v19.5

12. Logging and Reporting v19.5

13. Central Management and Reporting v19.5

You might also like