JNCIS-ENT: Juniper Networks Certified Specialist – Enterprise Routing and Switching — Question 8
You must block the lateral spread of Remote Administration Tools (RATs) that use SMB to propagate within the network, using the JATP solution.
Which action would accomplish this task?
Answer options
- A. Configure a new anti-virus configuration rule.
- B. Configure whitelist rules
- C. Configure YARA rules.
- D. Configure the SAML settings.
Correct answer: C
Explanation
Configuring YARA rules is the correct action because YARA is specifically designed to identify and classify malware patterns, including RATs that spread through SMB. The other options, such as configuring anti-virus rules or whitelist rules, may not specifically target the behavior of RATs, and adjusting SAML settings is unrelated to preventing lateral spread of malware.