Home / Juniper / JN0-636

Question list

List of questions

Question 1

(0)

Exhibit You are using trace options to verity NAT session information on your SRX Series device Referring to the exhibit, which two statements are correct? (Choose two.)

Question 2

(0)

Exhibit You are asked to establish an IBGP peering between the SRX Series device and the router, but the session is not being established. In the security flow trace on the SRX device, packet dro

Question 3

(0)

SRX Series device enrollment with Policy Enforcer fails To debug further, the user issues the following command show configuration services security—intelligence url https : //cloudfeeds . argon .

Question 4

(0)

Exhibit Referring to the exhibit, which three statements are true? (Choose three.)

Question 5

(0)

Exhibit You configure a traceoptions file called radius on your returns the output shown in the exhibit What is the source of the problem?

Question 6

(0)

Exhibit You have configured the SRX Series device to switch packets for multiple directly connected hosts that are within the same broadcast domain However, the traffic between two hosts in the s

Question 7

(0)

You are asked to deploy filter-based forwarding on your SRX Series device for incoming traffic sourced from the 10.10 100 0/24 network in this scenario, which three statements are correct? (Choose

Question 8

(0)

You are connecting two remote sites to your corporate headquarters site. You must ensure that all traffic is secured and sent directly between sites In this scenario, which VPN should be used?

Question 9

(0)

You are asked to detect domain generation algorithms Which two steps will accomplish this goal on an SRX Series firewall? (Choose two.)

Question 10

(0)

In Juniper ATP Cloud, what are two different actions available in a threat prevention policy to deal with an infected host? (Choose two.)

Question 101 - JN0-636 discussion

you must find an infected host and where the a ack came from using the Juniper ATP Cloud. Which two monitor workspaces will return the requested information? (Choose Two)

Hosts

File Scanning

Threat Sources

Encrypted Traffic

Suggested answer: A, C

Explanation:

To find an infected host and where the attack came from using the Juniper ATP Cloud, you need to use the Hosts and Threat Sources monitor workspaces. The other options are incorrect because:

B) The File Scanning monitor workspace shows the files that have been scanned by the Juniper ATP Cloud and their verdicts (clean, malicious, or unknown). It does not show the infected hosts or the attack sources1.

D) The Encrypted Traffic monitor workspace shows the encrypted traffic that has been decrypted by the Juniper ATP Cloud and the certificates that have been used. It does not show the infected hosts or the attack sources2.

Therefore, the correct answer is A and C. You need to use the Hosts and Threat Sources monitor workspaces to find an infected host and where the attack came from using the Juniper ATP Cloud. To do so, you need to perform the following steps:

For Hosts, you need to access the Hosts monitor workspace in the Juniper ATP Cloud WebUI by selecting Monitor > Hosts. You can see the list of hosts that have been detected by the Juniper ATP Cloud and their risk scores, infection levels, and threat categories. You can filter the hosts by various criteria, such as IP address, hostname, domain, or threat category. You can also drill down into each host to see the details of the files, applications, and incidents associated with the host. You can identify the infected host by looking for the host with the highest risk score, infection level, or threat category3.

For Threat Sources, you need to access the Threat Sources monitor workspace in the Juniper ATP Cloud WebUI by selecting Monitor > Threat Sources. You can see the list of threat sources that have been detected by the Juniper ATP Cloud and their risk scores, threat categories, and geolocations.

You can filter the threat sources by various criteria, such as IP address, domain, or threat category. You can also drill down into each threat source to see the details of the files, applications, and incidents associated with the threat source. You can identify the attack source by looking for the threat source with the highest risk score, threat category, or geolocation that matches the infected host.

Reference:

File Scanning

Encrypted Traffic

Hosts

[Threat Sources]

Show Answer

asked 18/09/2024

Kiswendsida ZONGO

35 questions

Your answer: A B C D

0 comments

Sorted by