Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Fortinet Exam NSE7_EFW-7.2 Topic 4 Question 31 Discussion

Actual exam question for Fortinet's NSE7_EFW-7.2 exam
Question #: 31
Topic #: 4
[All NSE7_EFW-7.2 Questions]

Refer to the exhibit, which shows an SSL certification inspection configuration.

Which action does FortiGate take if the server name indication (SNI) does not match either the common name (CN) or any of the subject alternative names (SAN) in the server certificate?

Show Suggested Answer Hide Answer
Suggested Answer: D

by Keneth at Jan 10, 2025, 06:25 PM

Limited Time Offer

25%

Off

Get Premium NSE7_EFW-7.2 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Joseph
2 days ago
Hmm, that makes sense too. Let's review the question again to be sure.
upvoted 0 times
...
Hayley
8 days ago
I disagree, I believe the correct answer is B) FortiGate uses the CN information from the Subject field in the server certificate.
upvoted 0 times
...
Joseph
9 days ago
I think the answer is A) FortiGate uses the first entry listed in the SAN field in the server certificate.
upvoted 0 times
...
Barney
10 days ago
C) FortiGate uses the SNI from the user's web browser. This is the logical choice to accommodate different websites on the same IP address.
upvoted 0 times
...
Kallie
11 days ago
D) FortiGate closes the connection because this represents an invalid SSL/TLS configuration. That's the right move to ensure secure communication.
upvoted 0 times
...

Save Cancel