Welcome to ExamTopics
ExamTopics Logo
- Expert Verified, Online, Free.
Mail Us [email protected]
Menu

Unlimited Access

Get Unlimited Contributor Access to the all ExamTopics Exams!
Take advantage of PDF Files for 1000+ Exams along with community discussions and pass IT Certification Exams Easily.
Juniper Discussions

Exam JN0-634 topic 1 question 60 discussion

Actual exam question from Juniper's JN0-634
Question #: 60
Topic #: 1
[All JN0-634 Questions]

Click the Exhibit button.

Referring to the exhibit, the host has been automatically blocked from communicating on the network because a malicious file was downloaded. You cleaned the infected host and changed the investigation status to Resolved Fixed.
What does Sky ATP do if the host then attempts to download a malicious file that would result in a threat score of 10?

  • A. Sky ATP does not log the connection attempt and an SRX Series device does not allow the host to communicate on the network.
  • B. Sky ATP logs the connection attempt and an SRX Series device does not allow the host to communicate on the network.
  • C. Sky ATP logs the connection attempt and an SRX Series device allows the host to communicate on the network.
  • D. Sky ATP does not log the connection attempt and an SRX Series device allows the host to communicate on the network.
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️
by jaruch8412 at April 19, 2019, 9:38 a.m.

Comments

Chosen Answer:
This is a voting comment (?) , you can switch to a simple comment.
Switch to a voting comment New
Submit Cancel
MuadDib
4 years, 11 months ago
https://www.juniper.net/documentation/en_US/release-independent/sky-atp/topics/reference/general/sky-atp-filescan-overview.html In the second screen you can see clearly that the file is logged and blocked at different timestamps for the same machine, so that should lead you to think the answer would be B.
upvoted 1 times
...
MuadDib
4 years, 11 months ago
The Juniper SRX web documentation isn't clear on this, but it does say that the host level will go back to 0, because of the Resolve fixed status. Therefore it should allow it through. The only other feasible option is the one put forward by jaruch. But that answer can also not be confirmed so far.
upvoted 1 times
...
Chucky
4 years, 11 months ago
I cannot find a good source to confirm this answer. There's no such information on Juniper web documentation.
upvoted 1 times
...
MuadDib
4 years, 11 months ago
I would go with the current answer, C, since after you resolve it, the level goes back to 0 and the next one will be allowed through.
upvoted 1 times
...
jaruch8412
5 years ago
In my opinion the correct answer is B https://www.juniper.net/documentation/en_US/junos-space18.3/policy-enforcer/topics/concept/junos-space-policy-enforcer-sky-atp-host-detail.html
upvoted 1 times
...

Get IT Certification

Unlock free, top-quality video courses on ExamTopics with a simple registration. Elevate your learning journey with our expertly curated content. Register now to access a diverse range of educational resources designed for your success. Start learning today with ExamTopics!

Start Learning for free
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel