SOPHOS CERTIFIED ENGINEER EXAM QUESTIONS WITH CORRECT ANSWERS

SOPHOS CERTIFIED ENGINEER EXAM QUESTIONS WITH

CORRECT ANSWERS

Which TCP port is used to communicate policies to endpoints? Correct Answer 8190

Which Sophos Central manage product protects the data on a lost or stolen laptop?

Correct Answer Encryption

The option to stop the Auto Update service is greyed out in Windows Services. What is

the most likely reason for this? Correct Answer Tamper Protection is enabled

Complete the sentence: Signature-based file scanning relies on... Correct Answer

previously detected malware characteristics

TRUE or FALSE: Tamper protection is enabled by default. Correct Answer TRUE

You are unable to edit policies in Sophos Central. What do you check in Sophos

Central? Correct Answer That you have the correct role assigned

Which URL address do you use to login to Sophos Central Partner Dashboard? Correct

Answer partnerportal.sophos.com

You are detecting low-reputation files and want to change the reputation level from

recommended to strict. Which policy do you edit to make this change? Correct Answer

Threat Protection

What is the FIRST step you must take when deploying virtual environments? Correct

Answer Check the system requirements

You want to prevent users from copying database files to USB drives without blocking

the use of all USB devices. Which policy do you need to configure? Correct Answer

Data Loss Prevention

TRUE or FALSE: You can search for a malicious item across your network using EDR

Correct Answer TRUE

Which log provides a record of all activities? Correct Answer Audit log

What is the function of anti-exploit technology? Correct Answer To detect and stop

compromised vulnerable applications

Complete the sentence: The SAV32CLI clean-up tool is a... Correct Answer Command

line tool included in Sophos Central installation

When registering for a Sophos Central Trial, which of the following statements are

TRUE? Correct Answer You must use an email address that has not been used with

Sophos Central before

Which tab on the device details page displays the tamper protection information?

Correct Answer SUMMARY

What is the function of Live Protection? Correct Answer Connects to a cloud server to

check for the latest information about a file

How long are activities stored for in the Enterprise Dashboard? Correct Answer 90 days

What is the function of an Update Cache? Correct Answer To download updates from

Sophos Central and store them on a dedicated server on your network

What is the function of on-access scanning? Correct Answer Monitors running

processes' behavior

Which of the following alerts is categorized as a high alert? Correct Answer Failed to

protect an endpoint

Which dashboard allows you to manage and apply global settings to multiple Sophos

Central accounts? Correct Answer The Partner Dashboard

Which detection feature can prevent attacks on the master boot record? Correct Answer

Wipe Guard

What is the function of a Message Relay? Correct Answer To enable all devices to

communicate all policy and reporting data using a dedicated server on your network

True or False: Marking an alert as acknowledge will resolve the threat on the endpoint.

Correct Answer FALSE

Which TCP port is used to communicate Updates on endpoints? Correct Answer 8191

TRUE or FALSE: The security VM installer is linked to your Sophos Central account.

Correct Answer FALSE

TRUE or FALSE: You can deploy an update cache without a Message Relay. Correct

Answer TRUE

You want to change an action for 'confidential' content. Where in Sophos Central do you

make this change? Correct Answer In the Data Loss Prevention Rule

What does HIPS do on a protected endpoint? Correct Answer Scans for potentially

malicious behavior