Which of the following statements are true about the SSL Proxy certificate that must be used for SSL Content Inspection?

– by 2

Which of the following statements are true about the SSL Proxy certificate that must be used for SSL Content Inspection? (Choose two.)
A. It cannot be signed by a private CA
B. It must have either the field "CA=True" or the filed "Key Usage=KeyCertSign"
C. It must be installed in the FortiGate device
D. The subject filed must contain either the FQDN, or the IP address of the FortiGate device

Download Printable PDF. VALID exam to help you PASS.

2 thoughts on “Which of the following statements are true about the SSL Proxy certificate that must be used for SSL Content Inspection?

  1. Not sure about what certicate is related the question. If its talking about the Fortigate CA certificate or the certicate generated by Fortigate(and signed by the Fortigate CA certificate) that is send to the web browser…
    In case that it is related to the CA certificate…
    It couldn´t be B, because It must have the field “CA=True” AND the filed “Key Usage=KeyCertSign”
    And I think that it cant be A also, as it is a self signed certificate, therefore a private CA.
    So I guess the correct ones are C and D.

    Reply

Leave a Reply

Your email address will not be published. Required fields are marked *


The reCAPTCHA verification period has expired. Please reload the page.