NETSEC-GENERALIST Question #45: Real Exam Question with Answer & Explanation

The correct answer is B: It acts as a Certificate Authority and decrypts client-side SSL traffic. Interception & Decryption The firewall terminates the client's SSL/TLS connection and inspects the traffic. It generates a dynamic certificate (acting like a CA) to re-encrypt traffic to the client, enabling Security Inspection Decrypted content is scanned for threats (malware, d

Traffic Inspection and Decryption

Question

In SSL Forward Proxy, what role does the firewall play in handling encrypted traffic?

Options

AIt allows encrypted traffic to pass without inspection
BIt acts as a Certificate Authority and decrypts client-side SSL traffic
CIt forces the client to bypass decryption
DIt uses SSH tunneling to analyze SSL

Explanation

Interception & Decryption The firewall terminates the client's SSL/TLS connection and inspects the traffic. It generates a dynamic certificate (acting like a CA) to re-encrypt traffic to the client, enabling Security Inspection Decrypted content is scanned for threats (malware, data leaks) before being re-encrypted and Client Trust Requirement The firewall’s CA certificate must be trusted by client devices; otherwise, warnings appear.

Topics

#SSL Forward Proxy#SSL Decryption#Certificate Authority#Firewall Security

Community Discussion

No community discussion yet for this question.

Full NETSEC-GENERALIST Practice Browse All NETSEC-GENERALIST Questions