Exam (elaborations)
Sophos Technician.Questions and answers are graded A+
- Course
- Institution
Exam of 6 pages for the course sophos at sophos (Sophos Technician)
[Show more]
Seller
Follow
sanlly123
Content preview
Sophos TechnicianGlobal Settings - answerWhere can the AD Sync tool be obtained from?
The connection was blocked but the root cause has NOT been cleaned up -
answerWhich of the following statements is TRUE for a C2/Generic-C detection?
Update > Update configuration - answerWhere in the Endpoint Self Help Tool will show
if an endpoint is using a proxy for updating?
DC=SOPHOS,DC=LOCAL - answerWhen configuring AD synchronization, what
location was defined by default in filters under the User Discovery Filters tab?
ping 172.16.2.20 - answerEnter the command you would use to test IP network
connectivity to the address 172.16.2.20. _____
Tamper Protection - answerWhich feature would protect the Sophos installation from
becoming disabled by malware?
389 - answerAD Sync is not working, you have successfully pinged the DC by both
name and IP address. Which port do you use with telnet to confirm the LDAP port is
accessible?
netsh winhttp reset proxy - answerEnter the command you would use to remove the
currently configured system proxy.
%ProgramData%\Sophos\CloudInstaller\Logs - answerWhere is the
'SophosCloudInstaller_<time_and_date_stamp>.log' found?
To prevent malicious behavior in software - answerWhat is the function of application
lockdown in Intercept X?
Virus Removal tool - answerWhich of these cleanup tools will scan for root kits?
Domain user - answerWhat is the minimum type of user required to connect to AD to
gather the user and group information?
True - answerTRUE or FALSE: Sophos recommends disabling HTTPS inspection for
Sophos updating traffic.
Sophos Intercept X - answerOn a Windows computer, which component logs
information to the 'Sophos.log' file?
, nslookup - answerThe Central Admin Dashboard shows that none of your endpoints are
using one of your update caches. When pinging the update cache by name it fails. What
command do you use to investigate this further?
Resolve and verify - answerWhat is the third step of the troubleshooting process?
Global settings > Controlled Updates - answerBy default, computers get the latest
Sophos product updates automatically, where can an admin change this to allow control
over updates?
SHA-256
The file paths
The certificate - answerIn which 3 ways can you allow a quarantined file to be restored?
Windows client firewall blocking traffic - answerWhen investigating an updating issue on
one of your endpoints, you used the telnet command to connect to dci.sophosupd.com
on port 443. This confirmed that there is a problem using a direct connection. What is
most likely to be causing this?
Ability to disable Tamper Protection
Administrative rights to the network and AD
Administrative rights to the endpoint - answerWhich 3 of the following are required to
perform troubleshooting on an endpoint? Choose three (3).
Read - answerWhat permissions does the user need to connect to AD to gather the
user and group information?
60 mins - answerAutoUpdate performs its first check 5 minutes after the service starts.
At what interval does AutoUpdate then check for software, threat detection data and
other available updates?
True - answerTRUE or FALSE: Only PE files can be restored from SafeStore through
the user interface.
- answerEnter the command you would use to resolve the IP address of
srv.sophos.local and test network connectivity to the server at the same time. _____
Date and time are incorrect on the Update Cache server - answerWhy would the 'Last
time updated from cache' status show as 'in a year'?
The threat was found in an archive
The threat was found in a mailbox - answerWhich 2 of the following are reasons why
manual cleanup may be required? Choose two (2).
%ProgramData%\sophos\sophos cloud AD sync\logs - answerWhere is the AD sync log
location?
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller sanlly123. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $16.49. You're not tied to anything after your purchase.
Can Stuvia be trusted?
4.6 stars on Google & Trustpilot (+1000 reviews)
75632 documents were sold in the last 30 days
Founded in 2010, the go-to place to buy study notes for 14 years now