Exam NSE4_FGT-7.2 topic 1 question 99 discussion

B. The subject alternative name (SAN) field in the server certificate C. The subject field in the server certificate D. The server name indication (SNI) extension in the client hello message FortiGate Security 7.2 Study Guide (p.230): "FortiGate parses server name indication (SNI) from client Hello, which is an extension of the TLS protocol. The SNI tells FortiGate the hostname of the SSL server, which is validated against the DNS name before receipt of the server certificate. If there is no SNI exchanged, then FortiGate identifies the server by the value in the Subject field or SAN (subject alternative name) field in the server certificate." Reference and download study guide: https://ebin.pub/fortinet-fortigate-security-study-guide-for-fortios-72.html

B. The subject alternative name (SAN) field in the server certificate C. The subject field in the server certificate D. The server name indication (SNI) extension in the client hello message

To determine hostname when looking at SSL certificate inspection Fortigate uses the SNI (server name indication) If there is no SNI then the FG will look at the Subject field and SAN (Subject alternative name) B,C,D - Halmonte is correct

Answer are B,C, D FortiGate Security 7.2 Study Guide page 230 During the exchange of hello messages at the beginning of an SSL handshake, FortiGate parses server name indication (SNI) from client Hello, which is an extension of the TLS protocol. The SNI tells FortiGate the hostname of the SSL server, which is validated against the DNS name before receipt of the server certificate. If there is no SNI exchanged, then FortiGate identifies the server by the value in the Subject field or SAN (subject alternative name) field in the server certificate.

The answer are B,C and D