1. v20.

0 Overview and Deployment

1. Which Sophos Firewall Feature is able to identify and block infected clients from being able to
communicate with a command-and-control server?

2. Which Sophos Firewall Feature can harden forms, sign cookies, and prevent SQL Injection?

3. Which 3 of the following cloud platforms is Sophos Firewall supported on?

4. Which 4 of the following are tested and supported virtualization platforms for Sophos Firewall?

2. v20.0 Getting Started

1. How many servers does Sophos Firewall support for static DNS? (enter a numerical value)

2. What are the 4 different types of traffic shaping policy you can create?

3. You want a certificate to be signed by a third-party company. Which option should you choose?

This answer can be found in the Managing Device Access and Certificates chapter.

3. v20.0 Base Firewall and Network Protection

1. What 2 ways can you register Sophos Firewall with Sophos Central?

2. Where would you configure which cipher algorithms to block?

 3. Which of the following DoS and spoof protection modes will drop packets if the source MAC address
is not configured as a trusted MAC?

4. TRUE or FALSE. NAT rules require firewall rules to allow traffic.

4. v20.0 Firewall Icons

1. Which firewall icon shown represents a disabled user rule?

This answer can be found in the Getting Started with Firewall and NAT Rules on Sophos Firewall chapter.

5. v20.0 Site-to-Site Connections

1. You are in the process of deploying multiple RED devices. Due to bandwidth issues at the head office,
which 2 modes of deployment could be used so that only necessary traffic is routed back to the head
office?

This answer can be found in the Getting Started with Remote Ethernet Devices on Sophos Firewall
chapter.

2. Which RED mode matches this description? All traffic generated on the remote network is sent
through the RED to Sophos Firewall.

3. When a RED is deployed in Standard/Unified mode, how do the computers on the remote network
get their IP address?

4. When creating a site-to-site VPN between a Sophos Firewall and another vendor’s firewall, what is
the best protocol to use?

This answer can be found in the Getting Started with IPsec Site-to-Site VPNs on Sophos Firewall chapter.
6. v20.0 Authentication

1. Which 2 of the following are methods of Sophos Firewall authentication?

2. Which 2 of the following are requirements for the secret when creating a multi-factor authentication
token manually?

3. What do you need to do in order to use NTLM and Kerberos for web authentication?

4. You have been asked to install STAS on your servers. Which 3 of the following are required for the
installation to be successful?

5. TRUE or FALSE. The Sophos Chromebook User ID app is deployed to Chromebooks from the Sophos
Firewall.

7. v20.0 Web Protection

1. Which of these options IS supported when using the DPI Engine for Web Protection?

2. Which 3 options should be configured to ensure the most secure scanning settings are in place to
protect users as they browse the web?

This answer can be found in the Configuring Web Protection on Sophos Firewall chapter.

3. TRUE or FALSE. Web protection exceptions apply to all web protection policies no matter when they
are applied in the Sophos Firewall.
 4. Which method controls the amount of time users and groups spend on the Internet and applies to all
Internet traffic?

This answer can be found in the Sophos Firewall Web Protection Quotas and Traffic Shaping chapter.

8. v20.0 Web Quota

1. You have been asked to create a surfing quota for guests that allows access to the Internet for 20
hours in a week and then terminates the connection with no recurrence.

Which image shows the best way to configure the surfing quota?

This answer can be found in the Sophos Firewall Web Protection Quotas and Traffic Shaping chapter.

9. v20.0 Application Control

1. Which 3 of the following features are provided by Cloud Applications on the Sophos Firewall?

2. Which 4 of the following can traffic shaping policies be associated with?

3. Which Sophos Firewall feature can be used to limit the amount of bandwidth an application can use?

4. Which page lists all current applications that are connecting through the Sophos Firewall?

10. v20.0 Remote Access

1. Where can an end user download the Sophos Connect VPN client from to install on their
workstation?
 2. When using Sophos Firewall as a ZTNA gateway, how much bandwidth is allowed per user per month
in gigabytes? (Enter the number in digits)

3. Where can an end user download the Sophos Connect VPN client from to install on their
workstation?

4. Which 2 operating systems is the Sophos Connect IPsec VPN client available for?

11. v20.0 Wireless

1. TRUE or FALSE. You can configure a wireless hotspot on any interface.

This answer can be found in the Creating Hotspots on Sophos Firewall chapter.

2. TRUE or FALSE. You can only create hotspots on a wireless interface.

This answer can be found in the Creating Hotspots on Sophos Firewall chapter.

12. v20.0 Logging and Reporting

1. Where would you view information on files that have been referred to Sophos' zero-day protection?

2. You are checking the application risk meter which is reporting a risk score of 4.2. Which of the
following statements are true in this circumstance?

13. v20.0 Central Firewall Management

1. Which option must be enabled before you can start managing your Sophos Firewall in Sophos
Central?
2. Which 4 of the following statements are TRUE about SD-WAN connection groups in Sophos Central?

pooja last exam

1. v20.0 Overview and Deployment

1. How many radios do the wireless XGS series models have? (enter a numerical value)

2. Which feature of the Sophos Firewall identifies unknown applications?

3. Lateral movement protection is made possible by which of the following?

4. Below is an image from the Initial Setup wizard.

With the above options selected, which 2 of the following will be enabled in the default outbound
firewall rule once the Initial Setup wizard is complete?

2. v20.0 Getting Started

1. What are the 4 different types of traffic shaping policy you can create?

This answer can be found in the Getting started with Traffic Shaping on Sophos Firewall chapter.

2. Which zone always require a default gateway to be configured?

RED
0

3. Which zone always require a default gateway to be configured?

This answer can be found in the Getting Started with Zones and Interfaces on Sophos Firewall chapter.

3. v20.0 Base Firewall and Network Protection

1. You have configured destination-based Security Heartbeat in the firewall rule shown here.

Which zone does not support the Security Heartbeat?

This answer can be found in the Getting Started with Security Heartbeat on Sophos Firewall chapter.

2. Which 2 actions can Active Threat Response be configured to perform when it detects traffic to a
command-and-control server?

3. Which Sophos Firewall feature sends decrypted packets to IPS, application control, web filtering and
antivirus for checking?

4. After creating various rules, you find that HTTP access is being blocked from the LAN to the Internet.

Looking at the firewall rules shown above, why is this happening?

This answer can be found in the Getting Started with Firewall and NAT Rules on Sophos Firewall chapter.

4. v20.0 Firewall Icons

1. Which firewall icon shown represents a disabled user rule?

5. v20.0 Site-to-Site Connections

1. You are in the process of deploying multiple RED devices. Due to bandwidth issues at the head office,
which 2 modes of deployment could be used so that only necessary traffic is routed back to the head
office?

This answer can be found in the Getting Started with Remote Ethernet Devices on Sophos Firewall
chapter.

2. Which 3 types of authentication can be used for IPsec site-to-site VPNs?

This answer can be found in the Getting Started with IPsec Site-to-Site VPNs on Sophos Firewall chapter.

3. Which RED mode matches this description? Sophos Firewall gets its IP address from a DHCP server on
the remote network.

4. In which type of IPsec VPN do you have to define the local and remote networks?

6. v20.0 Authentication

1. You need to create a user account to authenticate a VoIP system that needs access to the Internet.
The system does not have the ability to authenticate with your directory service. What type of user
would you create to accomplish this?

2. Which 2 methods can be used to generate one-time passwords for authenticating with the Sophos
Firewall?

3. Which 3 of the following forms of access can be secured using one-time passwords?
4. A user has lost their phone with the Authenticator App. What is the most secure way to allow
authentication?

5. Which 4 of the following are supported external authentication servers on Sophos Firewall 19.0?

7. v20.0 Web Protection

1. Which 3 options should be configured to ensure the most secure scanning settings are in place to
protect users as they browse the web?

This answer can be found in the Configuring Web Protection on Sophos Firewall chapter.

2. What are the 2 ways web filtering can be deployed on Sophos Firewall?

3. Which of these options IS supported when using the DPI Engine for Web Protection?

4. When testing a new web policy, you are still able to access pages that should be blocked. What is the
most likely reason for this?

This answer can be found in the Configuring Web Protection on Sophos Firewall chapter.

8. v20.0 Web Quota

1. You have been asked to create a surfing quota for guests that allows access to the Internet for 20
hours in a week and then terminates the connection with no recurrence.

Which image shows the best way to configure the surfing quota?

This answer can be found in the Sophos Firewall Web Protection Quotas and Traffic Shaping chapter.
9. v20.0 Application Control

1. Which 4 of the following can traffic shaping policies be associated with?

2. Which page lists all current applications that are connecting through the Sophos Firewall?

3. Which Sophos Firewall feature can be used to limit the amount of bandwidth an application can use?

4. If a new application is added that matches an existing application control filter rule, which of the
following statements is TRUE?

10. v20.0 Remote Access

1. Which 2 protocols does the Sophos Connect IPsec VPN client support?

2. Where can an end user download the Sophos Connect VPN client from to install on their
workstation?

3. Which 5 protocols does clientless SSL VPN access support?

4. When using Sophos Firewall as a ZTNA gateway, how much bandwidth is allowed per user per month
in gigabytes? (Enter the number in digits)

11. v20.0 Wireless

 1. You are configuring a secure wireless guest network that needs to have its traffic isolated. What
security mode would allow this to be done without any additional changes to the network
configuration?

2. TRUE or FALSE. You can only create hotspots on a wireless interface.

12. v20.0 Logging and Reporting

1. Which reporting metric can be used to identify risky users who are responding to spear phishing
attempts?

2. What is the maximum number of external syslog servers you can configure on Sophos Firewall?

13. v20.0 Central Firewall Management

1. TRUE or FALSE. When Central Firewall Management is in use, local rules on the Sophos Firewall are
only overwritten when a rule with the same name is created in Sophos Central.

2. How much storage is included with each Central Firewall Reporting Advanced license in GB? (enter a
numerical value)