When a RED is deployed in Standard/Unified mode, how do the computers on the remote network

get their IP adress?

 From a DHCP server running on the XG Firewall

You are preparing a hardware XG Firewall for installation on a remote site. The order for the license
has not yet been processed. Which device registration option do you select in the Initial Setup
wizard?
 I do not want to register now

You have created a report that displays data that you wish th check on a daily basis. How can you
make this data easily available in the WebAdmin interface?
 Create a bookmark fort he report

Which oft he following best describes greylisting?

 The first attempt to deliver a message is temporarily denied

Look at the network diagram below

One computer has a red health status. On which 2 of the networks can the endpoints be protected
from the computer with a red health status?
 A
 C

TRUE or FALSE: Sophos XG hardware devices come pre-loaded with software.

 TRUE

Which of 2 features are required if you want to make usw of lateral movement protection?
 Server or endpoint protection
 Intercept X

Which XG Firewall feature is able to block access to command and control servers?
 Advanced Threat Protection (ATP)

Which 2 methods are supported for logoff detection when using STAS?
 PING
  Workstation Polling

Type the name of the only zone that cannot have a physical port or interface assigned to it.
 Vpn

TRUE or FALSE: DHCP can be used to override the magic IP if the XG Firewall is not the default
gateway.
 TRUE

Which web filtering method can offload traffic tot he FastPath?

 DPI

Which interface type is a virtual LAN interface created on an existing XG interface?

 VLAN

Which of the following statements about zero-touch deployment are TRUE?

 Zero-touch configuration rules can only be created for unregistered hardware serial numbers

What ist he Clientless Access Portal used for?

 To provide access to internal resources without the need for a VPN client to be installed

Which firewall icon shown respresendts a disabled user rule?

 C

Which page lists all current applications that are connecting through the XG Firewall?
 Lice connections

How many days of data is available in Sophos Central?

 7 days

What do you need to do in order to use NTLM and Kerberos for web authentication?
 Enable AD SSO per zone on the Device Access page

TRUE or FALSE: The XG Firewall’s lite implementation of Cloud Access Security Broker blocks all cloud
applications by default.
 FALSE

Below is an image oft he XG Firewall Control Center. From here, what would you click to access the
Policy Test simulator?
  Log viewer

Which 4 of the following are supportted external authentication servers on Sophos XG Firewall 18.0?
 eDirectory
 RADIUS
 Active Directory
 LDAP

TRUE or FALSE: The option to create loopback and reflexive NAT rules is only available when adding a
NEW NAT rule, not when editing an existing NAT rule.
 TRUE

Which 3 options should be configured to ensure the most secure scanning settings are in place to
protect users as they browse the web?
 Malware scan mode: Batch
 Engine selection: Dual engine
 Unscannable content: Block

Which deployment mode can protect web servers from common attacks?
 Web Application Firewall (WAF)

What 2 of the following are methods that can be used to allow access to a wireless hotspot on the XG
Firewall?
 Voucher
 Password of the Day

In Email Protection, where do you enable the SPX Reply Portal?

 SPX Template

Which metric can be used to identify risky users who are responding to speak phishing attemts?
 User Threat Quotient (UTQ)

You have configured one-time passwords. John Smith is trying to login to the User Portal; his
password ‚xgfirewall‘. Below you can see the login screen and his token.
  Xgfirewall396145

Where can an end user download the SSL VPN client from to install on their workstation?
 User Portal

Which oft he following Do Sand spoof protection modes will drop packets if the source MAC address
is not configured as a trusted MAC?
 MAC Filter

Which 2 of the following statements correctly describe how firewall rules are applied?
 Packets that don’t match a firewall rule are dropped and logged
 Packets are tested against firewall rules in order and the first match is used

TRUE or FALSE: The Sophos Chromebook User ID app is deployed to Chromebooks from the XG
Firewall.
 FALSE

Which ist he control port used in RED connections?

 TCP: 3400

You are working with sensitive corporate data and want to ensure that traffic from remote locations
is monitored and blocked from leaving the corporate LAN. What would be the most appropriate
security mode to deploy the RED devices in?
 Transparent/Split

NAT rules require firewall rules to allow traffic.

 TRUE

When creating a NAT rule which option allows you to select different source NATs based on the
outbound interface within a single rule?
 Override source translation (SNAT)
Which 2 methods can be used to generate one-time passwords for authenticating with the XG
Firewall?
 Hardware Token
 Software Token

Web filtering on XG Firewall can be deployed in which 2 ways?

 Bridge
 Transparent