FCP – FortiGate Administrator 7.6 — Question 45

When FortiGate performs SSL/SSH full inspection, you can decide how it should react when it detects an invalid certificate.

Which three actions are valid actions that FortiGate can perform when it detects an invalid certificate? (Choose three.)

Answer options

• A. Allow
• B. Trust & Allow
• C. Allow & Warning
• D. Block
• E. Block & Warning

Correct answer: A, B, D

Explanation

The correct options are A, B, and D. 'Allow' means the connection continues despite the invalid certificate, 'Trust & Allow' permits the connection while marking it as trusted, and 'Block' denies the connection altogether. Options C and E include warnings, which are not valid actions for handling invalid certificates in this scenario.