Fortinet Exam NSE6_FAC-6.4 Topic 1 Question 28 Discussion

Actual exam question for Fortinet's NSE6_FAC-6.4 exam

Question #: 28
Topic #: 1

[All NSE6_FAC-6.4 Questions]

What happens when a certificate is revoked? (Choose two)

ARevoked certificates cannot be reinstated for any reason

BAll certificates signed by a revoked CA certificate are automatically revoked

CRevoked certificates are automatically added to the CRL

DExternal CAs will priodically query Fortiauthenticator and automatically download revoked certificates

Show Suggested Answer

Suggested Answer: A

Online activation of the tokens through the FortiGuard network is the most secure way of delivering FortiToken data once the token has been seeded because it eliminates the risk of seed files being compromised during transit or storage. The other methods involve physical or manual delivery of seed files which can be intercepted, lost, or stolen. Reference: https://docs.fortinet.com/document/fortiauthenticator/6.4/administration-guide/372403/fortitoken

by Jesus at Jul 15, 2024, 07:21 AM

Limited Time Offer

25%

Off

Get Premium NSE6_FAC-6.4 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Abel

1 months ago

I'll have to double-check, but I'm pretty sure option D is just a typo. No way there's an 'external CA' that can magically download revoked certs from Fortiauthenticator!

upvoted 0 times

Herminia

2 days ago

No, that doesn't make sense. Revoked certificates are automatically added to the CRL, not downloaded by external CAs.

upvoted 0 times

...

Stephen

5 days ago

I think option D is correct, external CAs can query and download revoked certificates.

upvoted 0 times

...

Francene

1 months ago

I'm going with B and C as well. It just makes sense that a revoked certificate would impact all the ones signed by that CA, and that they'd be added to the CRL.

upvoted 0 times

Rosalyn

4 days ago

It's important to keep the CRL updated with revoked certificates.

upvoted 0 times

...

Sang

12 days ago

Revoked certificates definitely have a ripple effect on others.

upvoted 0 times

...

Paulene

1 months ago

I agree, B and C seem like the most logical choices.

upvoted 0 times

...

Jacquelyne

2 months ago

A is definitely not correct. Revoked certificates should be able to be reinstated in certain circumstances, like if it was revoked by mistake.

upvoted 0 times

Charlene

3 days ago

I agree, A is not correct. Revoked certificates can be reinstated in certain cases.

upvoted 0 times

...

Lilli

7 days ago

C) Revoked certificates are automatically added to the CRL

upvoted 0 times

...

Helaine

9 days ago

B) All certificates signed by a revoked CA certificate are automatically revoked

upvoted 0 times

...

Vanna

1 months ago

D) External CAs will periodically query Fortiauthenticator and automatically download revoked certificates

upvoted 0 times

...

Bok

1 months ago

C) Revoked certificates are automatically added to the CRL

upvoted 0 times

...

Latosha

2 months ago

Haha, D is a bit of a wild card! Fortiauthenticator automatically downloading revoked certs? That sounds like something straight out of a sci-fi movie.

upvoted 0 times

...

Nancey

2 months ago

I'm not sure about the other options, but I think revoked certificates are automatically added to the CRL.

upvoted 0 times

...

Kayleigh

2 months ago

I think B and C are the correct answers. Revoked certificates should be automatically added to the CRL, and all certificates signed by a revoked CA should be revoked as well.

upvoted 0 times