When a RED is deployed in Standard/Unified mode, how do the computers on the remote network get their IP adresss?
From a DHCP server running on the XG
... [Show More] firewall
You are preparing a hardware XG Firewall for installation on a remote site. The order for the license has not yet been processed. Which registration option do you select in the Initial Setup wizard?
I do not want to register now
You have created a repot that displays data that you wish to check on a daily basis. how can you make this data easily available in the WebAdmin interface??
Create a bookmark for the report
Which of the following best describes greylisting?
The first attempt to deliver a message is temporarily denied.
One computer has a red health status. ON which 2 of the networks can the endpoints be protected from the computer with a a red health status?
A. C
Sophos XG hardware devices come pre-loaded with software.
True
Which 2 features are required if you want to make use of lateral movement protection?
Server or endpoint protection. Intercept X
Which XG firewall feature is able to block access to command and control servers?
Advanced Threat Protection
Which 2 methods are supported for logoff detection when using STAS
PING, Workstation Polling
Type the name of the only zone that cannot have a physical port or interface assigned to it
vpn
DHCP can be used to override the magic IP if the XG Firewall is not the default gateway.
False
Which web filtering method can offload traffic to the FastPath?
DPI
Which interface type is a virtual LAN created on an existing XG interface
VLAN
Which of the following statements about zero-touch deployment are TRUE
Zero-touch configuration rules can only be created for unregistered hardware serial numbers
What is the clientless Access portal used for?
To provide access to internal resources without the need for a VPN client to be installed
Which firewall icon represents a disabled user Rule?
C
Which page list all current applications that are connecting through the XG Firewall?
Live connections
How many days of data is available in Sophos Central?
7 days
What do you need to do in order to use NTLM and Kerberos for web authentication?
Enable AD SSO per zone on the Device Access page
The XG firewall's life implementation of Cloud Access security Broker blocks all cloud applications by default
False
Below Below is an image of the XG Firewall Control Center. From here, what would you click to access the Policy Test Simulator
Log Viewer
Which 4 of the following are supported external authentication servers on Sophos XG firewall 18.0?
eDirectory. Radius, Active directory. LDAP
The option to create loopback and reflexive Nat rules is only when adding NEW NAT rule, not when editing an existing NAT rule.
True
Which 3 options should be configured to ensure the most secure scanning settings are in place to protect users as they browse the web?
Malware scan mode: Batch, Engine Selection, Dual engine. Content : Block
Which deployment mode can protect web servers from common attacks?
Web Application Firewall
What 2 of the following are methods that can be used to allow access to a wireless hotspot on the XG Firewall
Voucher, Password of the Day
In Email Protection, where do you enable SPX Reply Portal
SPX Template
Which metric can be used to identify risky users who are responding to speak phishing attempts?
User Threat Quotient
You have configured one-time passwords. John Smith is trying to login to the User Portal; his password is 'xgfirewall' Below you can see the login screen and his token
xgfirewall396145
Whre can an end user download the SSL VPN client from to install on their workstation?
User Portal
Which of the following DoS and spoof protection modes will drop packets if the source MAC address is not configured as a trusted MAC?
Mac filter
Which 2 of the following statements correctly describe how firewall rules are applied?
Packets that don't math a firewall rule are dropped and logged Packets are tested against firewall rules in order and the first match is used
The Sophos Chromebook User ID app is deployed to Chromebook from the XG firewall
False
Which is the control port in RED connections?
TCP:3400
you are working with sensitive corporate data and want to ensure that traffic from remote locations is monitored and blocked from leaving the corporate LAN. What would be the most appropriate security mode to deploy the RED devices in
Standard/Unified
NAT rules require firewall rules to allow traffic
True
When creating a NAT rule which option allows you to select
Override source translation
When creating a NAT rule which option allows you to select different source NATs based on the outbound interface within a single rule?
Override source translation
Which 2 methods can be used to generate one-time passwords for authenticating with the XG Firewall
Bridge, transparent [Show Less]