ExamTopics Logo
Mail Us[email protected]
Menu
Juniper Discussions
exam questions

Exam JN0-634 All Questions

View all questions & answers for the JN0-634 exam
Go to Exam

Exam JN0-634 topic 1 question 60 discussion

Actual exam question from Juniper's JN0-634
Question #: 60
Topic #: 1
[All JN0-634 Questions]

Click the Exhibit button.

Referring to the exhibit, the host has been automatically blocked from communicating on the network because a malicious file was downloaded. You cleaned the infected host and changed the investigation status to Resolved Fixed.
What does Sky ATP do if the host then attempts to download a malicious file that would result in a threat score of 10?

  • A. Sky ATP does not log the connection attempt and an SRX Series device does not allow the host to communicate on the network.
  • B. Sky ATP logs the connection attempt and an SRX Series device does not allow the host to communicate on the network.
  • C. Sky ATP logs the connection attempt and an SRX Series device allows the host to communicate on the network.
  • D. Sky ATP does not log the connection attempt and an SRX Series device allows the host to communicate on the network.
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️
by jaruch8412 at April 19, 2019, 9:38 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
MuadDib
5 years, 7 months ago
https://www.juniper.net/documentation/en_US/release-independent/sky-atp/topics/reference/general/sky-atp-filescan-overview.html In the second screen you can see clearly that the file is logged and blocked at different timestamps for the same machine, so that should lead you to think the answer would be B.
upvoted 1 times
...
MuadDib
5 years, 7 months ago
The Juniper SRX web documentation isn't clear on this, but it does say that the host level will go back to 0, because of the Resolve fixed status. Therefore it should allow it through. The only other feasible option is the one put forward by jaruch. But that answer can also not be confirmed so far.
upvoted 1 times
...
Chucky
5 years, 7 months ago
I cannot find a good source to confirm this answer. There's no such information on Juniper web documentation.
upvoted 1 times
...
MuadDib
5 years, 7 months ago
I would go with the current answer, C, since after you resolve it, the level goes back to 0 and the next one will be allowed through.
upvoted 1 times
...
jaruch8412
5 years, 7 months ago
In my opinion the correct answer is B https://www.juniper.net/documentation/en_US/junos-space18.3/policy-enforcer/topics/concept/junos-space-policy-enforcer-sky-atp-host-detail.html
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago