BlackFriday 2024! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Juniper Exam JN0-636 Topic 1 Question 22 Discussion

Actual exam question for Juniper's JN0-636 exam
Question #: 22
Topic #: 1
[All JN0-636 Questions]

you must find an infected host and where the aack came from using the Juniper ATP Cloud. Which two monitor workspaces will return the requested information? (Choose Two)

Show Suggested Answer Hide Answer
Suggested Answer: A, C

To find an infected host and where the attack came from using the Juniper ATP Cloud, you need to use the Hosts and Threat Sources monitor workspaces. The other options are incorrect because:

B) The File Scanning monitor workspace shows the files that have been scanned by the Juniper ATP Cloud and their verdicts (clean, malicious, or unknown).It does not show the infected hosts or the attack sources1.

D) The Encrypted Traffic monitor workspace shows the encrypted traffic that has been decrypted by the Juniper ATP Cloud and the certificates that have been used.It does not show the infected hosts or the attack sources2.

Therefore, the correct answer is A and C. You need to use the Hosts and Threat Sources monitor workspaces to find an infected host and where the attack came from using the Juniper ATP Cloud. To do so, you need to perform the following steps:

For Hosts, you need to access the Hosts monitor workspace in the Juniper ATP Cloud WebUI by selecting Monitor > Hosts. You can see the list of hosts that have been detected by the Juniper ATP Cloud and their risk scores, infection levels, and threat categories. You can filter the hosts by various criteria, such as IP address, hostname, domain, or threat category. You can also drill down into each host to see the details of the files, applications, and incidents associated with the host.You can identify the infected host by looking for the host with the highest risk score, infection level, or threat category3.

For Threat Sources, you need to access the Threat Sources monitor workspace in the Juniper ATP Cloud WebUI by selecting Monitor > Threat Sources. You can see the list of threat sources that have been detected by the Juniper ATP Cloud and their risk scores, threat categories, and geolocations. You can filter the threat sources by various criteria, such as IP address, domain, or threat category. You can also drill down into each threat source to see the details of the files, applications, and incidents associated with the threat source. You can identify the attack source by looking for the threat source with the highest risk score, threat category, or geolocation that matches the infected host.


File Scanning

Encrypted Traffic

Hosts

[Threat Sources]

by Wynell at Dec 13, 2023, 07:47 PM

Limited Time Offer

25%

Off

Get Premium JN0-636 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Currently there are no comments in this discussion, be the first to comment!


Save Cancel