Scribd
Upload
7K views5 pages

Firewall V 18

The document contains questions about features and configurations of the Sophos XG Firewall. It does not provide answers to the questions. The questions cover a range of topics including deployment scenarios, interfaces, network protection, authentication methods, application control, email protection, remote access, wireless protection, logging and reporting, central management, site-to-site VPN connections, and web protection capabilities of the Sophos XG Firewall.

Uploaded by

mustafa ayaydin
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
7K views5 pages

Firewall V 18

The document contains questions about features and configurations of the Sophos XG Firewall. It does not provide answers to the questions. The questions cover a range of topics including deployment scenarios, interfaces, network protection, authentication methods, application control, email protection, remote access, wireless protection, logging and reporting, central management, site-to-site VPN connections, and web protection capabilities of the Sophos XG Firewall.

Uploaded by

mustafa ayaydin
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 5

1.

 Overview v18.0
 1. Which 2 features are required if you want to make use of lateral movement protection?
The answer can be found in Module 1: XG Firewall Overview on slide 45.

 2. Which of the following is an attack using a spoof email to persuade users to provide sensitive
information or credentials?

2. Getting Started v18.0


 1. The XG Firewall is configured to use your ISP for DNS. What needs to be configured on the XG
Firewall so that it can also resolve internal hostnames?

 2. Which 3 of the following can be configured as objects in XG Firewall?

3. Deployment Scenarios v18.0


 1. Which deployment mode can protect web servers from common attacks?

4. Interfaces v18.0
 1. Which interface type is a group of interfaces that act as a single connection?
The answer can be found in Module 2: Getting Started with XG Firewall slide 48.

5. Network Protection v18.0


 1. When creating a NAT rule which option allows you to select different source NATs based on the
outbound interface within a single rule?

 2. During troubleshooting you do not see as much information in the log files as you were expecting.
What setting needs to be changed to see all the traffic passing through a firewall rule?
The answer can be found in Module 3: Network Protection on slide 6.

 3. Which 3 of the following are the default decryption profiles available in XG Firewall?
The answer can be found in Module 3: Network Protection on slide 35.

 4. Which XG Firewall feature is able to block access to command and control servers?

 5. Which XG Firewall feature sends decrypted packets to IPS, application control, web filtering and
antivirus for checking?

6. Firewall Icons v18.0


 1. Which firewall icon shown represents a network rule that will drop or reject traffic?
7. Spoof Protection v18.0
 1. Which of the following DoS and spoof protection modes will drop packets if the IP and MAC do not
match with any entry in the IP-MAC trusted list?
The answer can be found in Module 3: Network Protection on slide 52.

8. Site-to-Site Connections v18.0


 1. You need to re-provision several RED devices following the replacement of your XG Firewall. Where
can you find the RED unlock codes to re-provision the REDs to a new XG Firewall?

 2. When creating a site-to-site VPN between an XG Firewall and another vendor’s firewall, what is the
best protocol to use?

 3. You are working with sensitive corporate data and want to ensure that traffic from remote locations is
monitored and blocked from leaving the corporate LAN. What would be the most appropriate security mode
to deploy the RED devices in?

9. Authentication v18.0
 1. Which 2 of the following statements about Firewall authenticaiton servers are TRUE?
The answer can be found in Module 5: Authentication on slide 8.

 2. You have been asked to install STAS on your servers. Which 3 of the following are required for the
installation to be successful?

 3. Which 2 methods can be used to generate one-time passwords for authenticating with the XG
Firewall?
The answer can be found in Module 5: Authentication on slide 48.

 4. Which 4 of the following are supported external authentication servers on Sophos XG Firewall 18.0?
The answer can be found in Module 5: Authentication on slide 7.

 5. Which 2 of the following are methods of XG abovehentication?

10. Application Control v18.0


 1. TRUE or FALSE: Application rules are applied to users and groups.

 2. Which page lists all current applications that are connecting through the XG Firewall?

11. Email Protection v18.0


 1. TRUE or FALSE: In MTA mode, if both the sender and recipient match the SMTP policy domain, the
recipient will take precedence.

 2. Where in the XG Firewall can you enable SMTP relay for the zones you want to accept email from?
The answer can be found in Module 8: Email Protection on slide 6.

12. Remote Access v18.0


 1. Which 2 operating systems is the Sophos Connect IPsec VPN client available for?

 2. What is the Clientless Access Portal used for?


The answer can be found in Module 9: Remote Access on slide 16.

13. Wireless Protection v18.0


 1. You are configuring a secure wireless guest network that needs to have its traffic isolated. What
security mode would allow this to be done without any additional changes to the network configuration?
The answer can be found in Module 10: Wireless Protection on slide 17.

 2. Which of the following best describes the Bridge to VLAN security mode for wireless networks?

14. Logging and Reporting v18.0


 1. You have created a report that displays data that you wish to check on a daily basis. How can you
make this data easily available in the WebAdmin interface?

 2. What is the maximum number of external syslog servers you can configure on XG Firewall?

15. Central Management v18.0


 1. How many days of data is available in Sophos Central?
The answer can be found in Module 12: Central Management on slide 18.

 2. TRUE or FALSE: When Central Firewall Management is in use, local rules on the XG Firewall are
only overwritten when a rule with the same name is created in Sophos Central.

16. Labs v18.0
 1. How do you enable and disable IPsec VPNs?

17. Images v18.0
 1. The diagram below shows a company with two sites, one in London and in New York. Each site has
an Internet connection and is also connected via an MPLS. You are configuring a static route on the
London gateway to route traffic destined for the New York network over MPLS.
What IP address would need to go into the Gateway field to complete the static route shown above?

 2. Below is an image from the Initial Setup wizard.

With the above options selected, which 2 of the following will be enabled in the default outbound firewall
rule once the Initial Setup wizard is complete?

 3. You have configured one-time passwords. John Smith is trying to login to the User Portal; his
password is 'xgfirewall'. Below you can see the login screen and his token.
What does John Smith need to enter as the password to login?

18. Web Protection v18.0


 1. If you are using the XG Firewall as an explicit proxy, which web filtering option will be used?

 2. Web filtering on XG Firewall can be deployed in which 2 ways?


The answer can be found in Module 6: Web Protection on slide 6.

 3. Web policy rules apply to which 2 of the following?

You might also like

pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy