nerdexam
Fortinet

NSE4_FGT_AD-7.6 · Question #42

NSE4_FGT_AD-7.6 Question #42: Real Exam Question with Answer & Explanation

The correct answer is C. The browser does not recognize the certificate in use as signed by a trusted CA.. See the full explanation below for the reasoning.

Question

A network administrator has configured an SSL/SSH inspection profile defined for full SSL inspection and set with a private CA certificate. The firewall policy allows the traffic uses this profile for SSL inspection and performs web filtering. When visiting any HTTPS websites, the browser reports certificate warning errors. What is the reason for the certified warning errors?

Options

  • AThe SSL cipher compliance option is not enabled on the SSL inspection profile. This setting is required when the SSL inspection profile is defined with a private CA certificate.
  • BThe certificate used by FortiGate for SSL inspection does not contain the required certificate extensions.
  • CThe browser does not recognize the certificate in use as signed by a trusted CA.
  • DWith full SSL inspection it is not possible to avoid certificate warning errors at the browser level.

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full NSE4_FGT_AD-7.6 Practice