1. Which of the following policies can be configured with Device Control? (select all that apply)
Block Bluetooth
Block wireless bridging
Allow hardware encrypted devices that are supported by Sophos
Block Optical Drives
Block all encrypted files
2. What is the default Bootstrap location for the Endpoint Protection client software?
\\Management server\SUMInstallSet
\\Management server\SophosUpdate\CIDs\SAVSCFXP
\\Management server\SophosUpdate\CIDs\S000\SAVSCFXP
\\Management server\SophosUpdate\Warehouse
3. Which of the following are the main criteria used by SophosLabs to determine the patch rating? (select all that apply)
Vulnerability severity
Threat prevalence
Patch date
Software popularity
4. How would you convert a trial into a full product?
Upload a new license file in the Sophos Enterprise Console
Reinstall the full version
Change the username and password in SUM
5. Which of the following deployment mechanisms can ONLY be used for Windows endpoint clients ? (select all that apply)
Sophos Enterprise Console's Protect Computers Wizard
Manual installation
Sophos Enterprise Console's Synchronization with Active Directory
Sophos Deployment Packager
6. Which of the following are settings applied to the user that is automatcally created on WORKSTATION? (select all that apply)
User cannot change password
Member of the Users group
Password never expires
Member of the SophosUsers group
7. What are the default Live Protection settings for Enable Live Protection and Automatically send sample files to Sophos?
Enabled / Enabled
Enabled / Disabled
Disabled / Enabled
Disabled / Disabled
8. Data Control will scan files in which of the following scenarios? (select all that apply)
Files opened during scheduled scans
Files saved to a monitored device from Microsoft Word
Files sent using an email client
Files uploaded using a web browser
Files copied onto monitored devices using Windows Explorer
Files copied onto monitored devices using the command prompt
9. A Sophos administrator has discovered computers on the network and created / modified policies? What are the minimum additional steps required to protect computers? (select all that apply)
Place computers in groups
Deploy Sophos Enduser Protection to the computers
Apply the policies to the Unassigned group
Create groups
10. What are the default Behavior monitoring settings for Detect malicious behavior and Detect suspicious behavior? (Lab 4, Task 2)
Disabled / Disabled
Enabled / Disabled
Disabled / Enabled
Enabled / Enabled
11. Which of the following actions are performed by Patch Assessment? (select all that apply)
Identification of patches for multiple vendors including Adobe and Google
Reporting of computers missing patches
Automated deployment of patches to managed endpoints
Comparison of patches installed on endpoints with the SophosLabs list for the operating system and installed applications
Rating of patches for criticality
12. Which of the following statements are true regarding support for full disk encryption? (select all that apply)
It is no longer possible to manage full disk encryption from Sophos Enterprise Console.
The endpoint full disk encryption component has been replaced by Sophos Safeguard Enterprise Encryption
The version of full disk encryption that is managed from Enterprise Console now integrates with Microsoft’s BitLocker and Apple’s FileVault encryption technologies
Customers who have the licenses for full disk encryption can continue to use this component
13. Which of the following are benefits of deploying a Web CID? (select all that apply)
It uses less network bandwidth and is more scalable
It is required when more than one Update Manager is deployed
HTTP is a convenient way to update Sophos Antivirus on Macintosh, Linux and UNIX
It does not require Windows authentication
It is required to support local client updates for a branch office
14. Which of the following IIS virtual directory settings did you view or configure in preparation for creating a Web CID? (select all that apply)
MIME types
Permissions
Directory browsing
Logging
Authentication
15. Which of the following commands was used to create a backup?
DataBackuprestore.exe -Backup
DataBackuprestore.exe –action=Backup
DataBackuprestore.exe /action=Backup
DataBackup.exe /action=Backup
16. In the Sophos Update Manager's configuration what are the default logging settings?
Keep total log size under 500 MB, Remove log files older than 365 days
Keep total log size under 700 MB, Remove log files older than 7 days
Keep total log size under 500 MB, Remove log files older than 20 days
Keep total log size under 1000 MB, Remove log files older than 30 days
17. In the Active Directory, which groups is the SophosDBUser user a member of? (select all that apply)
Sophos DB Admins
Domain Administrators
Sophos Console Service Users
Domain users
18. Which of the following anti-virus and HIPS settings are grayed out when Tamper Protection is enabled?
On-demand extensions and exclusions
Web Protection
Sophos Live Protection
Right-click scanning
Behavior monitoring
On access scanning
Authorization
19. What changes did you make to the Browser HTTP connection rule? (select all that apply)
Remove HTTP-83
Add HTTPS 443 Secure connection
Add HTTP 80 Hypertext Transfer Protocol
Turn off Stateful TCP
Change Direction to Inbound and Outbound
20. If the default settings are used which of the following file types will be included in on-access scanning? (select all that apply)
Adware and PUAs
Suspicious files
Executable and other vulnerable files
Files with no extension
21. Which of the following are features of web protection? (select all that apply)
Blocking access to sites that are known to host malware
Content scanning
Blocking access to sites that contain adult content
Live URL filtering
22. Which of the following users and groups are default members of the SophosAdministrator group located on the WORKSTATION, which is a member of the SOPHOS domain?
SOPHOS\Domain Admins
SOPHOS\Domain Users
Administrators
Users
PowerUsers
Administrator
23. A user that has the HelpDesk role also needs to be able to configure reports. Which of the following solutions is the best to enable them to do this?
Assign them the Report Configuration sub-estate
Add Report Configuration to their Assigned Rights
Assign them the Administrator role
Ask them to login as a different user, that has the Administrator role, when they want to configure reports
24. What settings are initially contained in the Firewall rule for Browser HTTP connection?
Where the direction is Outbound and the remote port is HTTP-83 Allow it
Where the protocol is Stateful TCP and the direction is Outbound and the remote port is HTTP Allow it
Where the protocol is Stateful TCP and the direction is Outbound and the remote port is HTTP-83 Allow it
Where the direction is Outbound and the remote port is HTTP Allow it
25. Which of the following ICMP firewall settings are applied by default ? (select all that apply)
Echo Reply IN : Allow
Echo Request OUT : Allow
Echo Reply OUT : Allow
Echo Request IN : Allow
26. Which Sophos Knowledge Base article lists the Secure Removable Devices that are supported? (Lab 5, Task 3)
61921
114299
63556
63102
27. You have selected a group in Enterprise Console but are unable to see all the computers that it should contain. What is the most likely reason for this?
You are logged in to the wrong sub-estate
Some of the computers are offline
The View is not set to All Computers
Firewall configuration is blocking communication with the computers
28. Which of the following statements about Sophos Tamper Protection are true? (select all that apply)
It prevents unauthorized users from uninstalling the software
It prevents unauthorized users from uninstalling the software in Windows safe mode
It records tamper attempts in the Sophos Enterprise Console
It prevents unauthorized users from disabling security features
29. Which of the following platforms are supported by the Sophos Client Firewall? (select all that apply)
Windows 2008
Windows 8 and 8.1
Windows 2000
Windows 7
Windows Vista 32 bit
Linux
Mac OS
30. Sophos Enterprise Console requires entry of usernames and passwords when configuring which of the following ? (select all that apply)
Protect Computers Wizard
Database access
Component Communication
Sophos Update Manager Credentials
31. Which of the following platforms support anti-virus policies managed by Sophos Enterprise Console? (select all that apply)
UNIX
Linux
Windows 7
Mac OS
Windows 8
32. What setting was used in Device Control to ensure that files could not be copied to a removable device?
Enable device control scanning / Removable storage: Read only
Enable device control scanning / Detect but do not block devices
Detect but do not block devices / Removable storage: Read only
Detect but do not block devices / Removable storage: Blocked
33. Which of the following methods can be used to create firewall rules based on enduser activity? (select all that apply)
Allow all traffic and use Firewall Event Viewer to monitor activity and create the required rules
Monitor traffic and use Firewall Event Viewer to create the required rules
Block traffic and user Firewall Event Viewer to create the required rules
Use the Create Rule button in Sophos Client Firewall Log Viewer
34. Which protocol is used by the Patch Agent to communicate with the Patch Server?
HTTP
HTTPS
RADIUS
Sophos RMS
35. What View/Filter is automatically applied when you click Computers with alerts in the Dashboard? (live)
Computer with potential problems
Managed computers with outstanding Sophos product errors
Managed computers with outstanding virus/malware alerts
Managed computers with outstanding alerts
36. Which of the following statements about role-based administration are true? (select all that apply)
Sub-estates define the list of Sophos groups that users can manage
System administrators have more rights than administrators
Enterprise Console users will only be able to see the Active Sub-estate
When a user has rights to multiple sub-estates, computers from all of these will be shown automatically when they open Enterprise Console
37. Which folder path is used by the default SUMInstallSet share?
ProgramData\Sophos\Update Manager\Update Manager
Program Files\Sophos\Update Manager\SUMInstaller
Program Files (x86)\Sophos\Enterprise Console\SUMInstaller
ProgramData\Sophos\Enterprise Console\SUMInstaller
38. What command was used to test connectivity from WORKSTATION to the Message Router on the SERVER?
telnet server 8192
telnet workstation 8192
39. In the Sophos Update Manager's configuration where can you change the Username used to connect to Sophos for updates?
Logging
Schedule
Sources
Advanced
Subscriptions
Distribution