Sophos Cloud

Question 1

What is Sophos Cloud?

Answer 1

Cloud-based management console, can manage devices located anywhere, offers protection, multiplatform, policies and reporting

Question 2

What does HIPS offer. Host Intrusion Protection System and web control for which platforms?

Answer 2

Windows (Computer, Server), Mac and Mobile (iOS and Android)

Question 3

Describe the management console

Answer 3

It is browser based showing a dashboard and users and devices, servers, reports, global settings and downloads. It can be accessed from anywhere. run reports

Question 4

What does HIPS do?

Answer 4

It protects against malicious behaviour

Question 5

What does WEB control do

Answer 5

protects users who are browsing on the internet

Question 6

How are users protected against malicious websites even if they are not connect to your network>?

Answer 6

The Web Control policy is managed via the cloud but enforced on the device, so it will always be applied.

Question 7

What are the steps for deployment?

Answer 7

Registration, Activation, Deployment.

Question 8

Where do you register?

Answer 8

Sign up for a trial at www.sophos.com/cloud

Question 9

How many days is the trial limited to?

Answer 9

30 days - Account >> Administration

Question 10

what 2 ways can you protect devices?

Answer 10

email (computers and mobiles) or install manually

Question 11

how to do a bulk deployment?

Answer 11

AD scripts, SCCM. check KBA 120611

Question 12

how do you enable deployment for iOS?

Answer 12

You need to upload a APNS Certificate to your sophos account. Which allows trusted communication between iOS and Sophos Cloud. Click enable iOS button on users

Question 13

Describe the process of enabling iOS in Sophos Cloud

Answer 13

1. download certificate signing request from sophos account 2. login to the apple push certificate portal with an apple ID and creat a nano certificate. It is recommended that you create a new apple id for your sophos apple account. 3. make a note of the apple login details as required for future certificate updates 4. Upload the newly created cert into your cloud account 5. Confirm your cert uploaded successfully, it will be valid for one year

Question 14

System requirements for pc’s and servers

Answer 14

Windows : XP, Vista, 7,8,8.1 Server 2003/R2, 2008/R2, 2012/R2 1GB RAM, 1GB free disk Mac OS X 10.7, 10.8, 10.9, 10.10 1GB RAM, 1GB free disk

Question 15

System requirements for iOS and Android

Answer 15

iOS 7 and higher (iPhone and iPad) Android 4.0 and higher

Question 16

which browsers are supported?

Answer 16

IE 10 & 11, Mozilla Firefox, Safari and Google Chrome, you will be redirected to a page if browser not supported.

Question 17

What inf does the QR code in the mobile devices e-mail contain?

Answer 17

A link to Android and iOS apps,and the config info to link them to your sophos cloud account.

Question 18

what is covered in module 3

Answer 18

Dashboard, Users, Devices, Policies, Servers, Tamper Protection

Question 19

what is the first thing you see when you login to sophos cloud?

Answer 19

The dashboard

Question 20

what is the dashboard made out of?

Answer 20

The action center, the account summary and the event summary. Users&Devices, Servers, Reports,Global Settings and Downloads

Question 21

What does the Action center entail?

Answer 21

Alert levels: High Medium and Informational

Question 22

What is in Dashboard accounts?

Answer 22

Computer Summary, User Summary, Server Summary and Mobile Summary. Split by Active, Inactive 2+ weeks, Inactive 2+ months and not protected fo Computers/Servers. Mobile split into Managed and Unmanaged. Each has a go to report button

Question 23

Dashboard Events

Answer 23

Global activity, you can change data by moving slider. Estimation of threat level. overall malware detection worldwide Resolved Malware Detections and Web statistics

Question 24

what other ways can you add users?

Answer 24

synchronise with AD. Download the Active Directory Sync Service, use an AD account for synchronisation. Recommended to run daily. open ldap and e-directory not supported

Question 25

where can you see list of computers registered to your account?

Answer 25

In the devices page, listing its name, when it was last active, management status, device model, Operating System, user and enrollment date. You can wipe, unlock, force check in and lock. you can chnge the display name. for computers it updat now or scan now

Question 26

what happens if you delete the device?

Answer 26

it will stop sychronising, but the client software will still be installed.

Question 27

Policies

Answer 27

Remote workers, office workers, Base policy. The base policy is the best practice setting. You can create additional policies with different settings and apply to specific user and groups. You can clone an existing policy

Question 28

can base policy be disabled?

Answer 28

no.

Question 29

how are policies applied?

Answer 29

from top to bottom. more specific policies at the top of list and more general policies further down, base policy is applied last of all.

Question 30

Policies - General Settings

Answer 30

Scanning exclusions, to exempt file or website from scanning. Policies split into 3 sections, Choose a name, protection from malware, risky files and sites, control access to removable media and other peripherals,manage web control settings, control policy for mobile devices.

Question 31

more policy general settings

Answer 31

no users or groups selected, malware scan performed real time, policy configured to monitor peripherals, define mobile device preferences, define web control preferences, policy is active and does not expire.

Question 32

what does Policies Malware section do?

Answer 32

Up to date protection, enable or disable real time scanning. Enable scheduled scans and scan inside archive files. virus and pua's. you can exclude certain apps/tools.

Question 33

what peripherals can you block or allow?

Answer 33

Bluetooth, secure removable storage, floppy drive,infrared, modem,optical drive, removable storage and wireless network adapter. Wireless device can be block from being used in bridged mode. check the events column for any changes in peripherals,

Question 34

mobile device policy

Answer 34

password policy, which features are available. login attempts, max pw age and max auto lock. if you use number of login attempts, if it is exceeded device will be wiped.

Question 35

more mobile device policy

Answer 35

you can disable certain features on the phone such as: app store , camera, taking screenshots, backup to cloud etc sharing docs

Question 36

email and wifi policy

Answer 36

exchange server settings can be configured in the policy, wi-fi can also be configured

Question 37

compliance

Answer 37

compliance rules can be set. eg jail broken or rooted, ios/android version, if the ios app did not sync. you can trigger all wifi settings to be removed from device

Question 38

policies web control

Answer 38

more sec and filter options, risky files and adverts, active x and pdf, which website can be visited. block risky downloads, advertisments , uncategorised, risky file download, block by file type. active x controls. keep it clean, gentle guidance and confirm bandwidth, ALLOW, BLOCK and WARN. Block data sharing and data loss. logging and timed access.

Question 39

servers

Answer 39

last active, ip address, malware policy, events and exclusions. UPDATE NOW, SCAN NOW DELETE. automatic exclusions

Question 40

Tamper protection

Answer 40

users kept from tampering, enable or disable tamper protection

Question 41

Which types of devices can web control policies be applied to?

Answer 41

Windows and Mac Computers

Question 42

What determines policy priority in Sophos Cloud,and how are the individual settings within policies prioritized.

Answer 42

the order of the policies in the list, those at the top are processed first, if a setting is not defined in the first policy, then the next one down is examined, right through to the base policy.

Question 43

What is the main difference between policies for computers and servers in Sophos Cloud?

Answer 43

policies for computers are user based, wheras policies for servers are machine based.

Question 44

reports

Answer 44

run reports, perform administration tasks, access the cloud accounts of your customers. via partner portal.

Question 45

types of reports

Answer 45

summary,events,users and devices and web usage

Question 46

reports -events

Answer 46

time range slider to view events, see the type and count of event, see a bar chart over time period

Question 47

can you export?

Answer 47

yes, to pdf and csv as well as print.

Question 48

account management

Answer 48

license status, login details and administrator accounts, review licencese and current usage, change user logon e-mail address, change password, add and modify administrator accounts. change sophos support settings. enable remote assistance, enable partner assistance.

Question 49

Partner portal access

Answer 49

enable in sophos cloud account, manager customers accounts, single sign on. login manage cloud from partner portal. you can create trials for customers.

Question 50

Which report would yo use to see all resolved malware detections on your devices?

Answer 50

The Events report, filtered to show cleaned up malware.

Question 51

what needs to be done before you can manage your customers cloud accounts?

Answer 51

Enable Partner Assistance has to be turned on in their Sophos Cloud account.