NGFW-ENGINEER · Question #123
NGFW-ENGINEER Question #123: Real Exam Question with Answer & Explanation
Sign in or unlock NGFW-ENGINEER to reveal the answer and full explanation for question #123. The question stem and answer options stay visible for context.
Question
After a recent security audit, a company is required to enforce more strict validation for all certificate-based authentication, including for GlobalProtect clients. An engineer observes the firewall accepting certificates from a recently compromised intermediate certificate authority (CA). The engineer needs to update the firewall configuration to use an Online Certificate Status Protocol (OCSP) responder to check for revoked certificates in real time. In which configuration object would the engineer enable OCSP verification for the CAs used in the authentication process?
Options
- AAuthentication sequence
- BDecryption profile
- CSSL/TLS service profile
- DCertificate profile
Unlock NGFW-ENGINEER to see the answer
You've previewed enough free NGFW-ENGINEER questions. Unlock NGFW-ENGINEER for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.