Docsity
Log inSign up
Docsity
Prepare for your exams
Prepare for your exams

Study with the several resources on Docsity

Earn points to download
Earn points to download

Earn points by helping other students or get them with a premium plan

Guidelines and tips
Guidelines and tips
Sell on Docsity
Sell on Docsity
Log inSign up

Prepare for your exams

Study with the several resources on Docsity

Find documents

Prepare for your exams with the study notes shared by other students like you on Docsity

Search Store documents

The best documents sold by students who completed their studies

Search through all study resources
Docsity AINEW

Summarize your documents, ask them questions, convert them into quizzes and concept maps

Explore questions

Clear up your doubts by reading the answers to questions asked by your fellow students

Earn points to download

Earn points by helping other students or get them with a premium plan

Share documents
download point icon20 Points

For each uploaded document

Answer questions
download point icon5 Points

For each given answer (max 1 per day)

All the ways to get free points
Get points immediately

Choose a premium plan with all the points you need

Study Opportunities

Choose your next study program

Get in touch with the best universities in the world. Search through thousands of universities and official partners

Community

Ask the community

Ask the community for help and clear up your study doubts

University Rankings

Discover the best universities in your country according to Docsity users

Free resources

Our save-the-student-ebooks!

Download our free guides on studying techniques, anxiety management strategies, and thesis advice from Docsity tutors

From our blog

Exams and Study
Go to the blog

Sophos Firewall Overview: A Guide to Security Features and Concepts, Exams of Cybercrime, Cybersecurity and Data Privacy

Southern Polytechnic College of Engineering and Engineering TechnologyCybercrime, Cybersecurity and Data Privacy

A comprehensive overview of sophos firewall, covering key security features and concepts. It explores the zero trust framework, the attack kill chain, and various security mechanisms like web protection, email encryption, and advanced threat protection. The document also includes explanations of sophos's unique technologies, such as zero-day protection and deep learning, and how they contribute to a robust security posture. This resource is valuable for individuals seeking to understand the fundamentals of sophos firewall and its role in safeguarding networks.

Typology: Exams

2024/2025

Available from 03/21/2025

BESTOFLUCK
BESTOFLUCK 🇺🇸

4.2

(5)

2.1K documents

1 / 4

Toggle sidebar

This page cannot be seen from the preview

Don't miss anything!

bg1
Sophos Engineer ET80 - Sophos Firewall Overview
WITH 100% CORRECT ANSWERS
What is Zero Trust? -answer It is the mindset of don't trust anything verify everything
What is ZTNA? -answer Sophos's Zero Trust Network Access
What is Sophos Lateral Protection? -answer It is a micro segmentation solution. If device
becomes infected it will be isolated to stop the attack or regardless of the Network
Topology
What are the three key features of Sophos Firewall? -answer It is a comprehensive security
device, with a zone-based firewall and Identity-based policies at its core.
It can expose hidden risk, stop unknown threats and isolate infected systems
It supports ZTNA by providing network segmentation and lateral movement protection
What are the phases of the Attack Kill Chain? -answer 1. Reconnaissance
2. Weaponization
3. Delivery
4. Exploitation
5. Installation
6. Command and control
7. Behaviour
What happens in the Reconnaissance and Weaponization phases of the Attack Kill Chain?
-answer The attacker will passively harvest email addresses and company information,
before actively scanning the target environment using tools like port Scanners
pf3
pf4

Partial preview of the text

Download Sophos Firewall Overview: A Guide to Security Features and Concepts and more Exams Cybercrime, Cybersecurity and Data Privacy in PDF only on Docsity!

Sophos Engineer ET80 - Sophos Firewall Overview

WITH 100% CORRECT ANSWERS

What is Zero Trust? - answer It is the mindset of don't trust anything verify everything What is ZTNA? - answer Sophos's Zero Trust Network Access What is Sophos Lateral Protection? - answer It is a micro segmentation solution. If device becomes infected it will be isolated to stop the attack or regardless of the Network Topology What are the three key features of Sophos Firewall? - answer It is a comprehensive security device, with a zone-based firewall and Identity-based policies at its core. It can expose hidden risk, stop unknown threats and isolate infected systems It supports ZTNA by providing network segmentation and lateral movement protection What are the phases of the Attack Kill Chain? - answer 1. Reconnaissance

  1. Weaponization
  2. Delivery
  3. Exploitation
  4. Installation
  5. Command and control
  6. Behaviour What happens in the Reconnaissance and Weaponization phases of the Attack Kill Chain?
  • answer The attacker will passively harvest email addresses and company information, before actively scanning the target environment using tools like port Scanners

What happens in the Delivery phase of the Attack Kill Chain? - answer The attacker will access the estate to deliver the malicious payload via methods such as Email or social engineering to direct the victim to a malicious site What does Sophos Web Protection do? - answer By scanning http/https traffic for unwanted content and malware. What does Web Filtering do? - answer Web filtering can allow or block sites based on content filters What is Email Encryption and Control? - answer Sophos Firewall can scan incoming email for malicious content. IP reputation is enabled that allows you to accept/drop/block emails from known Spam IP's. File type detection can scan and block specific file types e.g any macro enabled files will be blocked. Email protection allows you to encrypt emails so you can send data securely out of the network using SPX What is SPX? - answer Sophos Secure PDF Exchange Encryption What is Sophos Zero-Day Protection? - answer Sophos Zero Day protection uses Hash files created when a Sophos Firewall scans an attachment with an executable. The hash file is then sent to the cloud database for review, and Firewall will then either block or allow it depending if it is deemed save or malicious. Zero-Day protection will also send in depth reports on all attack events as configured. What happens when Sophos Zero-Day Protection reviews a hash file it hasn't seen before?

  • answer The a copy of the suspicious file is sent to Sophos where it is opened in a sandbox environment and monitored. Once analysed, the threat intelligence is sent to the firewall where it is either blocked or allowed depending. A report is then created for the threat incident. How does Sophos Deep Learning work? - answer Millions of samples of both good and bad files are fed to the model, and each feature of the file is defined then labelled, such as Size, Vendor and Printable settings. This model is then used to review the suspicious file to recognise and predict if it is malicious or legitimate

What does ATP stand for? - answer Advanced Threat Protection What happens in the Behaviour phase of the Attack Kill Chain? - answer Depending on the malware installed, the behaviour of the infected machine will vary but can include encrypting files for Ransom, or Spyware that steals and downloads information such as passwords or payment information How does Sophos Automatic Device Isolation work? - answer Server Protection and Intercept X are used to assign each device a health status. If a device is compromised, the device can be automatically isolated from other areas of the network via the firewall and communicating with other devices. This limits infection of other devices on the network What does Email protection Control do? - answer Stops information being leaked outside of the organisation by email. You can create control lists to drop personal identifiable information and financial data types depending on the action configured in the policy