FCP – FortiGate Administrator 7.4 — Question 13

When FortiGate performs SSL/SSH full inspection, you can decide how it should react when it detects an invalid certificate.
Which three actions are valid actions that FortiGate can perform when it detects an invalid certificate? (Choose three.)

Answer options

• A. Allow & Warning
• B. Trust & Allow
• C. Allow
• D. Block & Warning
• E. Block

Correct answer: B, C, E

Explanation

The correct options are 'Trust & Allow', 'Allow', and 'Block'. 'Trust & Allow' lets the connection continue while accepting the invalid certificate, 'Allow' permits the connection without warning, and 'Block' prevents the connection entirely. The other options involve warnings or combinations that are not valid for handling invalid certificates in this context.