FCP – FortiGate Administrator 7.4 — Question 39

A network administrator has enabled full SSL inspection and web filtering on FortiGate. When visiting any HTTPS websites, the browser reports certificate warning errors. When visiting HTTP websites, the browser does not report errors.

What is the reason for the certificate warning errors?

Answer options

• A. The option invalid SSL certificates is set to allow on the SSL/SSH inspection profile
• B. The browser does not trust the certificate used by FortiGate for SSL inspection
• C. The certificate used by FortiGate for SSL inspection does not contain the required certificate extensions.
• D. The matching firewall policy is set to proxy inspection mode

Correct answer: B

Explanation

The correct answer is B because the browser raises certificate warnings when it does not trust the certificate presented by FortiGate during SSL inspection. Options A and C are incorrect because they refer to settings and characteristics that do not directly relate to the browser's trust in the certificate. Option D is unrelated as it pertains to inspection mode rather than certificate trust issues.