ExamTopics Logo
Mail Us[email protected]
Menu
Palo-Alto-Networks Discussions
exam questions

Exam PCNSE All Questions

View all questions & answers for the PCNSE exam
Go to Exam

Exam PCNSE topic 1 question 388 discussion

Actual exam question from Palo Alto Networks's PCNSE
Question #: 388
Topic #: 1
[All PCNSE Questions]

Your company wants greater visibility into their traffic and has asked you to start planning an SSL Decryption project. The company does not have a PKI infrastructure, and multiple certificates would be needed for this project. Which type of certificate can you use to generate other certificates?

  • A. self-signed root CA
  • B. external CA certificate
  • C. server certificate
  • D. device certificate
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️
by Passam at Dec. 28, 2022, 11:35 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Marshpillowz
11 months, 3 weeks ago
Selected Answer: A
A is correct
upvoted 1 times
...
Knowledge33
1 year, 7 months ago
Selected Answer: A
It's A
upvoted 1 times
...
DenskyDen
1 year, 12 months ago
A. Alternatively, generate a self-signed Root CA certificate on the firewall and create a subordinate Forward Trust CA certificate on that firewall to install on network devices. Self-signed certificates are best for small companies that don’t have an Enterprise Root CA and for proof-of-concept (POC) trials. See Passam link.
upvoted 4 times
...
Passam
2 years ago
https://docs.paloaltonetworks.com/best-practices/9-1/decryption-best-practices/decryption-best-practices/plan-ssl-decryption-best-practice-deployment
upvoted 3 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel