Fortinet Exam FCP_FGT_AD-7.4 Topic 2 Question 14 Discussion

Actual exam question for Fortinet's FCP_FGT_AD-7.4 exam

Question #: 14
Topic #: 2

A network administrator has enabled full SSL inspection and web filtering on FortiGate. When visiting any HTTPS websites, the browser reports certificate warning errors. When visiting HTTP websites, the browser does not report errors.

What is the reason for the certificate warning errors?

AThe option invalid SSL certificates is set to allow on the SSL/SSH inspection profile

BThe browser does not trust the certificate used by FortiGate for SSL inspection

CThe certificate used by FortiGate for SSL inspection does not contain the required certificate extensions.

DThe matching firewall policy is set to proxy inspection mode

Show Suggested Answer

Suggested Answer: B

When full SSL inspection is enabled, FortiGate intercepts HTTPS traffic, decrypts it for inspection, and re-encrypts it using its own SSL certificate before forwarding it to the browser. If the browser does not trust the SSL certificate being used by FortiGate for re-encryption, it will display certificate warning errors. To resolve this, the certificate used by FortiGate for SSL inspection must be installed and trusted in the browser's certificate store.

by Margret at Apr 30, 2025, 01:53 PM

Limited Time Offer

25%

Off

Get Premium FCP_FGT_AD-7.4 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Currently there are no comments in this discussion, be the first to comment!