Prepare for the Sophos Certified Engineer Test. Study with flashcards and multiple-choice questions, each with hints and explanations. Get ready for your exam!

Practice this question and more.


Which of the following alerts is categorized as a high alert?

  1. Failed to protect an endpoint

  2. Malware detected

  3. Unauthorized access attempt

  4. System performance issues

The correct answer is: Failed to protect an endpoint

The correct answer identifies a specific scenario where endpoint protection has failed, reflecting a critical security vulnerability. When an endpoint cannot be adequately protected, it leaves the system exposed to potential threats and attacks. This situation signifies a serious risk that could lead to data breaches or system compromises. Therefore, it is categorized as a high alert due to its direct implications for the overall security posture of the organization. In contrast, while malware detection, unauthorized access attempts, and system performance issues may also be serious, they do not inherently indicate that the endpoint protection has failed. Instead, malware detection indicates that the protection systems are functioning to some extent, unauthorized access attempts can be managed with monitoring and mitigation strategies, and performance issues typically do not present immediate security risks. Thus, these alerts can be significant, but they do not reach the level of urgency associated with a complete failure to protect an endpoint.