Welcome to ExamTopics
ExamTopics Logo
- Expert Verified, Online, Free.

Unlimited Access

Get Unlimited Contributor Access to the all ExamTopics Exams!
Take advantage of PDF Files for 1000+ Exams along with community discussions and pass IT Certification Exams Easily.

Exam NSE4_FGT-6.2 topic 1 question 68 discussion

Actual exam question from Fortinet's NSE4_FGT-6.2
Question #: 68
Topic #: 1
[All NSE4_FGT-6.2 Questions]

Refer to the exhibit.


The exhibit shows the IPS sensor configuration and forward traffic logs.
An administrator has configured the WINDOWS_SERVERS IPS sensor in an attempt to determine whether the influx of HTTPS traffic is an attack attempt, or not.
After applying the IPS sensor, FortiGate is still not generating any IPS logs for the HTTPS traffic.
What is a possible reason for this?

  • A. The HTTPS signatures have not been added to the sensor.
  • B. The IPS filter is missing the Protocol:HTTPS option.
  • C. The firewall policy is not using a full SSL inspection profile.
  • D. A DoS policy should be used, instead of an IPS sensor.
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️

Comments

Chosen Answer:
This is a voting comment (?) , you can switch to a simple comment.
Switch to a voting comment New
akkarin
Highly Voted 2 years, 11 months ago
Security manual page 555 suggests that deep packet inspection is required to reliably detect attacks in encrypted traffic. Answer C makes sense once dealing with SSL traffic, FortiGate expects you to enable full SSL inspection.
upvoted 5 times
Gallego
2 years, 3 months ago
Agreed. As you apply filters to "servers" and "windows", a lot of signatures are put in place to block it. As said in the statement, no logs were generated, so no full SSL inspection is enable.
upvoted 1 times
...
...
Vir
Most Recent 2 years, 11 months ago
The Security Manual talk a lot about signatures, so that the reason I belive is answer A
upvoted 1 times
...
rhylos
3 years ago
what page is this in the security manual? Why not A?
upvoted 1 times
...
Murilodsant
3 years ago
C is correct
upvoted 3 times
...
pollyy
3 years, 1 month ago
B is correct
upvoted 4 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
Loading ...