An organization wishes to roll out decryption but gets some resistance from engineering leadership regarding the guest network. What is a common obstacle for decrypting traffic from guest devices?
A.
Guest devices may not trust the CA certificate used for the forward trust certificate
B.
Guests may use operating systems that can't be decrypted
C.
The organization has no legal authority to decrypt their traffic
D.
Guest devices may not trust the CA certificate used for the forward untrust certificate
Going with (A) since the questions says pushback from "engineering leadership". If the question stated something like "HR, Operations / Legal & compliance leadership" then I would go with answer C.
Anytime you're being a creep and Snooping on anything be careful,.. Anytime you violate someone's basic civil rights or reasonable right to privacy you should probably talk to a lawyer,.. Anytime you do anything sketchy consult a lawyer
C:
Prepare updated legal and HR computer usage policies to distribute to all employees, contractors, partners, guests, and any other network users so that when you roll out decryption, users understand their data can be decrypted and scanned for threats.
I would say answer is A,
Guests will be accepting the Policy/Guidelines of using yr Internet, so not really an obsticle
Similarly to BYOD devices, enterprises don’t control guest devices. If you allow guest devices on your network, decrypt their traffic and subject it to the same Security policy that you apply to other network traffic. To do this, redirect guest users through an Authentication Portal, instruct them how to download and install the CA certificate, and clearly notify users that their traffic will be decrypted. Include the process in your company’s privacy and computer usage policy.
Not really clear here, it seems it could be A or C
https://docs.paloaltonetworks.com/best-practices/10-2/decryption-best-practices/decryption-best-practices/plan-ssl-decryption-best-practice-deployment
upvoted 1 times
...
This section is not available anymore. Please use the main Exam Page.PCNSE Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
m70855712
3 days agoNullNull88
2 months, 1 week ago123XYZT
10 months, 2 weeks ago123XYZT
10 months, 2 weeks agoTAKUM1y
2 years, 5 months agoTAKUM1y
2 years, 5 months agohpbdcb
2 years, 6 months agoJared28
1 year, 2 months agodatz
2 years, 6 months agobimyo
2 years, 7 months ago