ExamTopics Logo
Mail Us[email protected]
Menu
Fortinet Discussions
exam questions

Exam NSE4_FGT-6.0 All Questions

View all questions & answers for the NSE4_FGT-6.0 exam
Go to Exam

Exam NSE4_FGT-6.0 topic 1 question 55 discussion

Actual exam question from Fortinet's NSE4_FGT-6.0
Question #: 55
Topic #: 1
[All NSE4_FGT-6.0 Questions]

An administrator is attempting to allow access to https://fortinet.com through a firewall policy that is configured with a web filter and an SSL inspection profile configured for deep inspection. Which of the following are possible actions to eliminate the certificate error generated by deep inspection? (Choose two.)

  • A. Implement firewall authentication for all users that need access to fortinet.com.
  • B. Manually install the FortiGate deep inspection certificate as a trusted CA.
  • C. Configure fortinet.com access to bypass the IPS engine.
  • D. Configure an SSL-inspection exemption for fortinet.com.
Show Suggested Answer Hide Answer
Suggested Answer: BD 🗳️
by myutran at Sept. 20, 2019, 8:11 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
techcussion
4 years, 10 months ago
B. Page 344 - when doing full SSL inspection using the FortiGate self-signed CA, - omit - You can avoid this warning by doing one of the following: - Download the Fortinet_CA_SSL certificate and install it on all the workstations as trusted root authority. D. Page 339 - Law protecting privacy may be another reason to bypass SSL inspection… - omit -
upvoted 2 times
Rondo
4 years, 9 months ago
In B the action is correct but there is no such a thing as "Deep Inspection Certificate". You download the Fortinet_CA_SSL certificate and install it as a Root Cert in all the browsers. Therefore A & D are correct
upvoted 2 times
...
...
joeytrib
4 years, 11 months ago
Correct answer B&D
upvoted 3 times
...
montonearm
5 years, 1 month ago
also for Me is A & D beacuse B can it's possibile but the question call what is the possibile solution to access and not avoid certificate error message on the browser
upvoted 1 times
jlaspalas
4 years, 8 months ago
the question is about how to AVOID the error, so b it's correct.
upvoted 1 times
jlaspalas
4 years, 8 months ago
well how to eliminate, same in other words
upvoted 1 times
...
...
...
onururas
5 years, 5 months ago
Why not B & D?
upvoted 2 times
...
myutran
5 years, 7 months ago
Correct answer : A & D
upvoted 3 times
orangesqueeze
5 years, 5 months ago
B & D is correct. Based on experience, you need to install the certificate as trusted CA to avoid getting certificate errors
upvoted 8 times
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago