Scribd Logo
Upload

Welcome to Scribd!

  • 18 5 PDF

    Uploaded by

    gatmedina2
    18 views6 pages

    Original Title

    18.5.pdf

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pdf or txt
    18 views6 pages

    18 5 PDF

    Uploaded by

    gatmedina2

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pdf or txt
    of 6

    1. Overview v18.

    5
    1. Which feature of the Sophos Firewall identifies unknown applications?

    2. TRUE or FALSE: You can install Sophos Firewall on existing Intel compatible hardware.
    The answer can be found in Module 1: Sophos Firewall Overview in the Deployment Options section.

    2. Getting Started with Sophos Firewall v18.5


    1. In which 3 ways can you add a certificate that can be used in place of the default ApplianceCertificate?

    2. You are preparing a hardware Sophos Firewall for installation on a remote site. The order for the license has
    not yet been processed. Which device registration option do you select in the Initial Setup wizard?

    3. Deployment Scenarios v18.5


    1. Which deployment mode can protect web servers from common attacks?

    4. Interfaces v18.5
    1. Which interface type allows standard routing to be used to send traffic over the VPN?

    5. Network Protection v18.5


    1. TRUE or FALSE: The firewall rule ID is the same as the rule position.

    2. During troubleshooting you do not see as much information in the log files as you were expecting. What setting
    needs to be changed to see all the traffic passing through a firewall rule?
    The answer can be found in Module 3: Network Protection in the Firewall Rules and NAT section.

    3. Which feature can harden forms, sign cookies and scan for malware?

    4. Which Sophos Firewall feature sends decrypted packets to IPS, application control, web filtering and antivirus
    for checking?

    5. Which of the following rules allows traffic to traverse the NAT in the opposite direction?

    6. Firewall Icons v18.5


    1. Which firewall icon shown represents a network rule that will drop or reject traffic?

    The answer can be found in Module 3: Network Protection in the Firewall Rules and NAT section.

    7. Spoof Protection v18.5


    1. Which of the following DoS and spoof protection modes will drop packets if the source MAC address is not
    configured as a trusted MAC?

    8. Site-to-Site Connections v18.5


    1. Which is the control port used in RED connections?

    This study source was downloaded by 100000859442953 from CourseHero.com on 04-08-2024 03:48:48 GMT -05:00

    https://www.coursehero.com/file/148887769/185pdf/
    2. TRUE or FALSE: All site-to-site or remote access VPN connections are automatically added to the VPN zone.

    3. You are working with sensitive corporate data and want to ensure that traffic from remote locations is
    monitored and blocked from leaving the corporate LAN. What would be the most appropriate security mode to deploy
    the RED devices in?

    9. Authentication v18.5
    1. Which 2 of the following are methods of Sophos Firewall authentication?

    2. Which 2 of the following statements about Firewall authentication servers are TRUE?
    The answer can be found in Module 5: Authentication in the Authentication Overview section.

    3. Which form of single sign-on (SSO) informs the Sophos Firewall when a user authenticates with a domain
    controller?

    4. TRUE or FALSE: The Sophos Chromebook User ID app is deployed to Chromebooks from the Sophos
    Firewall.
    The answer can be found in Module 5: Authentication in the Authentication Methods section.

    5. Which directory service is supported by STAS when used with a Sophos Firewall?

    10. Web Protection v18.5


    1. When testing a new web policy, you are still able to access pages that should be blocked. What is the most
    likely reason for this?

    2. Web filtering on Sophos Firewall can be deployed in which 2 ways?

    3. TRUE or FALSE: Keyword libraries can be uploaded to Sophos Firewall and applied to any web filtering policy
    as an added criteria with actions to log and monitor, or block search results or websites containing the keywords of
    interest.

    11. Application Control v18.5


    1. Which page lists all current applications that are connecting through the Sophos Firewall?

    2. TRUE or FALSE: The Sophos Firewall's lite implementation of Cloud Access Security Broker blocks all cloud
    applications by default.

    12. Email Protection v18.5


    1.

    2. Where in the Sophos Firewall can you enable SMTP relay for the zones you want to accept email from?
    The answer can be found in Module 8: Email protection in the Email Protection Configuration section.

    13. Remote Access v18.5


    1. Which VPN protocols are supported by the Sophos Connect client?
    The answer can be found in Module 9: Remote Access in the IPsec VPN section.

    2. Sophos Firewall hosts the SSL VPN on which port by default?

    14. Wireless Protection v18.5


    1. Which of the following best describes the Bridge to AP LAN security mode for wireless networks?
    The answer can be found in Module 10: Wireless Protection in the Wireless Networks section.

    2. What 2 of the following are methods that can be used to allow access to a wireless hotspot on the Sophos
    Firewall?
    The answer can be found in Module 10: Wireless Protection in the Hotspots section.

    This study source was downloaded by 100000859442953 from CourseHero.com on 04-08-2024 03:48:48 GMT -05:00

    https://www.coursehero.com/file/148887769/185pdf/
    15. Logging and Reporting v18.5
    1. Where would you view information on files that have been referred to Sophos' zero-day protection?

    2. Which metric can be used to identify risky users who are responding to spear phishing attempts?

    16. Central Management v18.5


    1. TRUE or FALSE: You must have an additional Sophos Central license to use Central Firewall Management.

    2. How many days of data is available in Sophos Central?

    17. Simulations v18.5


    1. How do you enable and disable IPsec VPNs?
    The answer can be found in simulation task 4.2.

    18. Image Questions v18.5


    1. You have configured destination-based Security Heartbeat in the firewall rule shown here.

    This study source was downloaded by 100000859442953 from CourseHero.com on 04-08-2024 03:48:48 GMT -05:00

    https://www.coursehero.com/file/148887769/185pdf/
    Which zone does not support the Security Heartbeat?

    2. Below is an image from the Initial Setup wizard.

    This study source was downloaded by 100000859442953 from CourseHero.com on 04-08-2024 03:48:48 GMT -05:00

    https://www.coursehero.com/file/148887769/185pdf/
    With the above options selected, which 2 of the following will be enabled in the default outbound firewall rule once the Initial Setup wizard is com
    The answer can be found in Module 2: Getting Started with Sophos Firewall in the Deployment and Setup section.

    3. The diagram below shows a company with two sites, one in London and in New York. Each site has an Internet connection and is also c
    over MPLS.

    This study source was downloaded by 100000859442953 from CourseHero.com on 04-08-2024 03:48:48 GMT -05:00

    https://www.coursehero.com/file/148887769/185pdf/
    What IP address would need to go into the Gateway field to complete the static route shown above?

    This study source was downloaded by 100000859442953 from CourseHero.com on 04-08-2024 03:48:48 GMT -05:00

    https://www.coursehero.com/file/148887769/185pdf/
    Powered by TCPDF (www.tcpdf.org)

    You might also like