An XG can be deployed in the following ways (choose all that apply)
Select one or more:
a.
As a storage appliance
b.
As a virtual appliance
c.
As a
... [Show More] software appliance
d.
As a hardware appliance
e.
As a firewall in the cloud
What are ways that a network can be protected against attacks using zero trust? (Choose all that apply.)
Select one or more:
a.
Micro-segmentation
b.
Identity-based policies
c.
Time-based policies
d.
Server-to-server authentication policies
e.
Device health policies
00:14
01:20
True or false: XG and other UTM firewalls can only help to stop attacks before a network is breached.
Select one:
True
False
Which 4 virtualization platforms can XG firewall be deployed to? (Choose all that apply.)
Select one or more:
a.
QEMU
b.
KVM
c.
XenServer
d.
VMware
e.Hyper-V
Select the correct description of Sophos Heartbeat.
Select one:
a.
Heartbeat connects cryptographically secured endpoints and Sophos XG Firewall via Sophos Central
b.
Heartbeat exchanges information, like health status, between XG Firewall and endpoints
c.
Heartbeat synchronizes the health status between XG Firewall and Sophos Central
Identify the correct order of route processing methods.
a.
Static Routes > VPN Routes > SD-WAN Policy Routes > Default Route
b.
Static Routes > SD-WAN Policy Routes > VPN Routes > Default Route
c.
SD-WAN Policy Routes > VPN Routes > Static Routes > Default Route
d.
VPN Routes > SD-WAN Policy Routes > Static Routes > Default Route
e.
SD-WAN Policy Routes > Static Routes > Default Route > VPN Route
True or false: When creating a host object, you can reference that objecti either through IP, MAC or FQDN.
Select one:
True
False
Name the possible deployment scenarios for the XG Firewall. (Choose all that apply.)
Select one or more:
a.
Offensive Mode
b.
Web Application Firewall
c.
Bridge Mode
d.
Gateway Mode
e.
Discover Mode
An is the name for an interface type that allows you to add an additional IP address to an interface. (Fill in the blank.)
ALIAS
True or false: firewall objects, like IP addresses or hostnames, need to be defined each time they are used in a firewall policy or protection profile.
Select one:
True
False
The SSL inspection engine sends decrypted packets to the following service(s) for checking (choose all that apply):
Select one or more:
a.
Web filtering
b.
Data Leak Prevention
c.
Application control
d.
IPS
e.
Antivirus
IPS policies are applied to firewall rules to protect against (choose all that apply):
Select one or more:
a.
Attempts to pretend traffic is coming from a different MAC or IP address
b.
Malformed traffic that can cause unexpected behaviour
c.
Unauthorized attempts to access the physical hardware of the firewall
d.
Traffic that is trying to prevent legitimate users from being able to access services
e.
Exploits to known vulnerabilities
00:02
01:20
True or false: For NAT rules, if there is no matching firewall rule, the traffic is dropped and logged.
Select one:
True
False [Show Less]