Sophos Exam with Complete Solutions
Sophos Select Partner Correct Ans-exceed our highest billing attainment and invest heavily in
skills development and sales enablement
SMB SKUs Correct Ans-SMB SKUs provide a healthy incentive for business below a defined
threshold. This business is primarily run-rate and requires low touch from Sophos sales
MME SKUs Correct Ans-Mid-Market & Enterprise SKUs are eligible for deal registration and
incumbency offerings. This provides a significant discount based on partner level for larger,
more competitive deals.
new business Correct Ans-new customer to sophos that purchases a core product
an existing customer purchasing a new core product
eligible upgrades Correct Ans-an existing customer upgrading to a new core product
Living off the land Correct Ans-these are techniques that attackers use to evade detection:
using system tools such as PowerShell, PSexec and Windows Management Instrumentation
Automated Active Attacks Correct Ans-uses automated means to gain an initial foothold,
then employs human ingenuity to evade detection
,Countermeasure Neutralization Correct Ans-refers to attackers that covertly modify security
controls to evade detection
Supply Chain Correct Ans-occurs when someone infiltrates a system through an outside
partner or provider that has access to systems and data
Step 1 Correct Ans-Nothing was detected so no response actions can be taken
step 2 Correct Ans-analyst conducting a threat hunt discovers a brand new indicator of
compromise (IoC)
step 3 Correct Ans-analyst conducts investigation to confirm if the new IoC is malicious or
benign
step 4 Correct Ans-analyst determines what response actions to take and executes that plan
step 5 Correct Ans-analyst-led remediation actions are turned into playbooks for future
automation
Notify Correct Ans-We notify you about the detection and provide detail to help you in
prioritization and response
, Collaborate Correct Ans-We work with your internal team or external point(s) of contact to
respond to the detection
Authorize Correct Ans-We handle containment and neutralization actions and will inform
you of the action(s) taken
MTR Service - Standard Correct Ans-Threat response actions
24/7 lead-driven threat hunting
adversarial detections
security health check
activity reporting
MTR Service - Advanced Correct Ans-Leadless threat hunting
dedicated incident response lead
direct call in support
scheduled ops reviews
proactive posture improvement
asset discovery
MTR connectors
Rapid Response Process Correct Ans-Kick-off call
Triage and analysis
Sophos Select Partner Correct Ans-exceed our highest billing attainment and invest heavily in
skills development and sales enablement
SMB SKUs Correct Ans-SMB SKUs provide a healthy incentive for business below a defined
threshold. This business is primarily run-rate and requires low touch from Sophos sales
MME SKUs Correct Ans-Mid-Market & Enterprise SKUs are eligible for deal registration and
incumbency offerings. This provides a significant discount based on partner level for larger,
more competitive deals.
new business Correct Ans-new customer to sophos that purchases a core product
an existing customer purchasing a new core product
eligible upgrades Correct Ans-an existing customer upgrading to a new core product
Living off the land Correct Ans-these are techniques that attackers use to evade detection:
using system tools such as PowerShell, PSexec and Windows Management Instrumentation
Automated Active Attacks Correct Ans-uses automated means to gain an initial foothold,
then employs human ingenuity to evade detection
,Countermeasure Neutralization Correct Ans-refers to attackers that covertly modify security
controls to evade detection
Supply Chain Correct Ans-occurs when someone infiltrates a system through an outside
partner or provider that has access to systems and data
Step 1 Correct Ans-Nothing was detected so no response actions can be taken
step 2 Correct Ans-analyst conducting a threat hunt discovers a brand new indicator of
compromise (IoC)
step 3 Correct Ans-analyst conducts investigation to confirm if the new IoC is malicious or
benign
step 4 Correct Ans-analyst determines what response actions to take and executes that plan
step 5 Correct Ans-analyst-led remediation actions are turned into playbooks for future
automation
Notify Correct Ans-We notify you about the detection and provide detail to help you in
prioritization and response
, Collaborate Correct Ans-We work with your internal team or external point(s) of contact to
respond to the detection
Authorize Correct Ans-We handle containment and neutralization actions and will inform
you of the action(s) taken
MTR Service - Standard Correct Ans-Threat response actions
24/7 lead-driven threat hunting
adversarial detections
security health check
activity reporting
MTR Service - Advanced Correct Ans-Leadless threat hunting
dedicated incident response lead
direct call in support
scheduled ops reviews
proactive posture improvement
asset discovery
MTR connectors
Rapid Response Process Correct Ans-Kick-off call
Triage and analysis
