Question 1

You need to create a user account to authenticate a VoIP system that needs access
to the Internet. The system does not have the ability to authenticate with your
directory service. What type of user would you create to accomplish this? ->
Clientless User

Question 3
Which 3 of the following forms of access can be secured using one-time passwords?

Question 4
Which interface type allows standard routing to be used to send traffic over the
VPN? -> Tunnel

Question 5
TRUE or FALSE: Sophos Firewall is supported on any public cloud. -> FALSE

Question 6
Which Sophos Firewall feature allows you to route email via an alternate set of
servers rather than directly to a recipient's server? -> Smarthosts

Question 9
Which deployment mode can protect web servers from common attacks? => Web
Application Firewall (WAF)

Question 10
TRUE or FALSE: Web protection exceptions apply to all web protection policies no
matter when they are applied in the Sophos Firewall. => True

Question 11
Which feature of the Sophos Firewall identifies unknown applications? =>
Synchronized App Control

Question 12
TRUE or FALSE: The firewall rule ID is the same as the rule position. => FALSE

Question 13
Which of the following DoS and spoof protection modes will drop packets if the IP
and MAC do not match with any entry in the IP-MAC trusted list? => IP-MAC

Question 15
You have created an SSL VPN Remote Access policy for your Active Directory users,
but you are unable to authenticate successfully to establish a VPN connection. What
do you need to do to resolve the issue? => Select the Active Directory server as an
authentication source in SSL VPN Authentication Methods

Question 16
Web policy rules apply to which 2 of the following? Users, Groups

Question 17
TRUE or FALSE: The Sophos Firewall's lite implementation of Cloud Access Security
Broker blocks all cloud applications by default. => FALSE

Question 18
What is the Clientless Access Portal used for? => To provide access to internal
resources without the need for a VPN client to be installed

This study source was downloaded by 100000841328257 from CourseHero.com on 06-10-2022 21:36:26 GMT -05:00

https://www.coursehero.com/file/108042710/Sophostxt/
 Question 19
Which form of single sign-on (SSO) informs the Sophos Firewall when a user
authenticates with a domain controller? = STAS

Question 21
Which wireless security mode must be used to support Fast BSS? => WPA2

Question 22
Which 2 of the following can users allow and block in the User Portal?

Question 23
Which is the control port used in RED connections? => 3400

Question 24
Which of the following statements about zero-touch deployment are TRUE? => Zero-
touch configuration rules can only be created for unregistered hardware serial
numbers

Question 25
During troubleshooting you do not see as much information in the log files as you
were expecting. What setting needs to be changed to see all the traffic passing
through a firewall rule? => Log firewall traffic

Question 26
If you are using the Sophos Firewall as an explicit proxy, which web filtering
option will be used? => Legacy Web Proxy

Question 27
You have created a report that displays data that you wish to check on a daily
basis. How can you make this data easily available in the WebAdmin interface? =>
Create a bookmark for the report

Question 29
When creating a site-to-site VPN between a Sophos Firewall and another vendor’s
firewall, what is the best protocol to use? => IPsec

Question 30
Which VPN protocols are supported by the Sophos Connect client? => IPsec, SSL

Question 31
Which page lists all current applications that are connecting through the Sophos
Firewall? => Live connections

Question 32
Which 2 of the following are methods of Sophos Firewall authentication? => Captive
Portal, Authentication Agent

Question 33
Type the name of the only zone that cannot have a physical port or interface
assigned to it.=> VPN

Question 34
What type of user can be created to allow temporary access to resources with the
least amount of effort? => Guest User

This study source was downloaded by 100000841328257 from CourseHero.com on 06-10-2022 21:36:26 GMT -05:00

https://www.coursehero.com/file/108042710/Sophostxt/
 Question 35
You have received a new hardware Sophos Firewall and are preparing to connect to it
for the first time. What is the default IP address and port that is used to access
the device? HTTPS://172.16.16.16:4444

Question 36
Which firewall icon shown represents a network rule that will drop or reject
traffic? G

Question 37
How much storage is included with each Central Firewall Reporting Advanced license
in GB? Enter the answer as numerical digits only. => 100

Question 38
You are checking the application risk meter which is reporting a risk score of 4.2.
Which of the following statements are true in this circumstance? => There are users
performing risky actions on the network

Question 39
You have configured destination-based Security Heartbeat in the firewall rule
shown here.
Which zone does not support the Security Heartbeat? => WAN

Question 40
Users complain that when working long hours, they often lose access to Internet
resources.
Looking at the configuration of the rule above, what is causing this? => A schedule
is applied to the rule

This study source was downloaded by 100000841328257 from CourseHero.com on 06-10-2022 21:36:26 GMT -05:00

https://www.coursehero.com/file/108042710/Sophostxt/
Powered by TCPDF (www.tcpdf.org)