PCNSE · Question #841
PCNSE Question #841: Real Exam Question with Answer & Explanation
Sign in or unlock PCNSE to reveal the answer and full explanation for question #841. The question stem and answer options stay visible for context.
Question
SSL Forward Proxy decryption is configured, but the firewall uses Untrusted-CA to sign the certificate is not trusted" warning. Without SSL decryption, the web browser shows that the website certificate is trusted and signed by a well-known certificate chain Well-Known- Intermediate and Well-Known-Root-CA. The network security administrator who represents the customer requires the following two behaviors when SSL Forward Proxy is enabled: important-website.com/website - End-users should get the warning for any other untrusted website Which approach meets the two customer requirements?
Options
- AInstall the Well-Known-Intermediate-CA and Well-Known-Root-CA certificates on all end-user
- BClear the Forward Untrust Certificate check box on the Untrusted-CA certificate and commit the
- CNavigate to Device > Certificate Management > Certificates > Default Trusted Certificate
- DNavigate to Device > Certificate Management > Certificates > Device Certificates, import Well-
Unlock PCNSE to see the answer
You've previewed enough free PCNSE questions. Unlock PCNSE for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.