Scribd Logo
Upload

Welcome to Scribd!

  • 980 views

    Sophos Certificacao

    Uploaded by

    marcojfbrandao
    Sophos Firewall can be deployed on several virtualization platforms including Hyper-V, VMware, XenServer, and KVM. It supports static DNS configuration for up to 3 servers and traffic shaping must be configured before use. Service objects can represent TCP/UDP ports, IP protocols, and ICMP types and codes.

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content

    You might also like

    Sophos Certificacao

    Uploaded by

    marcojfbrandao
    980 views3 pages
    Sophos Firewall can be deployed on several virtualization platforms including Hyper-V, VMware, XenServer, and KVM. It supports static DNS configuration for up to 3 servers and traffic shaping must be configured before use. Service objects can represent TCP/UDP ports, IP protocols, and ICMP types and codes.

    Original Description:

    Original Title

    sophos certificacao

    Copyright

    © © All Rights Reserved

    Available Formats

    DOCX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    Sophos Firewall can be deployed on several virtualization platforms including Hyper-V, VMware, XenServer, and KVM. It supports static DNS configuration for up to 3 servers and traffic shaping must be configured before use. Service objects can represent TCP/UDP ports, IP protocols, and ICMP types and codes.

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as docx, pdf, or txt
    980 views3 pages

    Sophos Certificacao

    Uploaded by

    marcojfbrandao
    Sophos Firewall can be deployed on several virtualization platforms including Hyper-V, VMware, XenServer, and KVM. It supports static DNS configuration for up to 3 servers and traffic shaping must be configured before use. Service objects can represent TCP/UDP ports, IP protocols, and ICMP types and codes.

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as docx, pdf, or txt
    of 3

    1.

     Overview and Deployment v19.0


    1. Which 4 of the following are tested and supported virtualization platforms for Sophos Firewall?
    This answer can be found in the Sophos Firewall Deployment Options and Common Scenarios chapter.
    resposta correta: hyperv, vmware, xenserver, kvm

     2. TRUE or FALSE. Sophos Firewall hardware devices come pre-loaded with software.
    Acertei, respondi TRUE
     3. Which Sophos Firewall feature is able to block access to command and control servers?
    acertei, DHCP

    2. Getting Started v19.0


     1. How many servers does Sophos Firewall support for static DNS?
    acertei 3

     2. What do you need to configure before you can start using traffic shaping?
    This answer can be found in the Getting started with Traffic Shaping on Sophos Firewall chapter.
    errei, correto é: Total WAN bandwidht
     3. Service objects can be created for which of the following?
    This answer can be found in the Navigating and Managing Sophos Firewall chapter.
    All of these (TCP/UDP ports, IP protocol number, icmp type and code)

    3. Interfaces and Zones v19.0


     1. Which interface type allows standard routing to be used to send traffic over the VPN?

    4. Firewall v19.0
     1. You have created a DNAT rule for server access and are now creating a firewall rule to allow the traffic. What
    destination host or network do you use in the firewall rule?

     2. Where would you exclude a website from TLS inspection?


    This answer can be found in the Configuring TLS Decryption on Sophos Firewall chapter.
    Add the website to the Local TLS exclusion list object found within Web > URL groups

     3. TRUE or FALSE. All firewall rules are evaluated, and the best match is used.
    resposta certa: FALSE

     4. When creating a NAT rule which option allows you to select different source NATs based on the outbound
    interface within a single rule?
    This answer can be found in the Getting Started with Firewall and NAT Rules on Sophos Firewall chapter.
    errei, resposta correta: override souce translation

    5. Firewall Icons v19.0


     1. Which firewall icon shown represents a network rule that allows traffic?

    6. Network Protection v19.0


     1. How do healthy endpoints identify endpoints with a RED health status for lateral movement protection?
    MAC address (confirmar)
     2. What 2 ways can you register Sophos Firewall with Sophos Central?
    OTP e login e senha
     3. Which of the following DoS and spoof protection modes will drop packets if the source MAC address is not
    configured as a trusted MAC?
    This answer can be found in the Getting Started with Intrusion Prevention on Sophos Firewall chapter.
    Resposta correta: MAC filter

    7. Site-to-Site Connections v19.0


     1. Which is the control port used in RED connections?
    porta 3400

     2. Which 3 types of authentication can be used for IPsec site-to-site VPNs?


    This answer can be found in the Getting Started with IPsec Site-to-Site VPNs on Sophos Firewall chapter.

     3. What is required when creating an IPsec VPN policy?

     4. Which RED mode matches this description? Sophos Firewall gets its IP address from a DHCP server on the
    remote network.
    This answer can be found in the Getting Started with Remote Ethernet Devices on Sophos Firewall chapter.

    8. Authentication v19.0
     1. What port number is used by Captive portal?

     2. Which 4 of the following are supported external authentication servers on Sophos Firewall 19.0?

     3. You need to create a user account to authenticate a VoIP system that needs access to the Internet. The
    system does not have the ability to authenticate with your directory service. What type of user would you create to
    accomplish this?
    This answer can be found in the Getting Started with Sophos Firewall Authentication chapter.
    não é clientless

     4. Which 2 methods can be used to generate one-time passwords for authenticating with the Sophos Firewall?
    This answer can be found in the Enabling Multifactor Authentication on Sophos Firewall chapter.

    9. Web Protection v19.0


     1. Web policy rules apply to which 2 of the following?

     2. When testing a new web policy, you are still able to access pages that should be blocked. What is the most
    likely reason for this?

     3. If you are using the Sophos Firewall as an explicit proxy, which web filtering option will be used?

    10. Web Quotas and Shaping v19.0


     1. Which method controls the amount of time users and groups spend on the Internet and applies to all Internet
    traffic?
    This answer can be found in the Sophos Firewall Web Protection Quotas and Traffic Shaping chapter.

    11. Web Quota Configuration v19.0


     1. You have been asked to create a surfing quota for guests that allows access to the Internet for 20 hours in a
    week and then terminates the connection with no recurrence.
    Which image shows the best way to configure the surfing quota?

    12. Application Control v19.0


     1. TRUE or FALSE. The Sophos Firewall's lite implementation of Cloud Access Security Broker blocks all cloud
    applications by default.

     2. Which 3 of the following features are provided by Cloud Applications on the Sophos Firewall?

    13. Remote Access v19.0


     1. Sophos Firewall hosts the SSL VPN on which port by default?

     2. TRUE or FALSE: The SSL VPN and User Portal can share the same port?
    This answer can be found in the Getting Started with Remote Access VPNs on Sophos Firewall chapter.
    coloquei FALSE

     3. Which 2 protocols does the Sophos Connect IPsec VPN client support?

    14. Wireless Security Modes v19.0


     1. Which client traffic mode creates a VXLAN between the access point and a wireless interface on the Sophos
    Firewall?
    This answer can be found in Introduction to Wireless Protection on Sophos Firewall chapter.

    15. Wireless v19.0
     1. TRUE or FALSE. You can only create hotspots on a wireless interface.
    This answer can be found in the Creating Hotspots on Sophos Firewall chapter.
    coloquei TRUE

     2. What IP address do wireless access points send discovery packets to?

    16. Logging and Reporting v19.0


     1. Sophos Firewall can send notifications using which 2 of the following protocols?

     2. Which reporting metric can be used to identify risky users who are responding to spear phishing attempts?
    This answer can be found in the Running and Customizing Reports on Sophos Firewall chapter.

    17. Central Management and Reporting v19.0


     1. Which of the following statements about zero-touch deployment in Sophos Central are TRUE?
    This answer can be found in the Managing Sophos Firewall in Sophos Central chapter.

     2. Which of the following statements is TRUE about Firewall Management in Sophos Central?

    You might also like