NSE 4 – FortiGate 6.0 — Question 127

An administrator needs to strengthen the security for SSL VPN access. Which of the following statements are best practices to do so? (Choose three.)

Answer options

• A. Configure split tunneling for content inspection.
• B. Configure host restrictions by IP or MAC address.
• C. Configure two-factor authentication using security certificates.
• D. Configure SSL offloading to a content processor (FortiASIC).
• E. Configure a client integrity check (host-check).

Correct answer: C, D, E

Explanation

The correct answers C, D, and E are best practices because they provide additional layers of security through two-factor authentication, efficient processing with SSL offloading, and ensuring the integrity of the client device. Options A and B, while they have their uses, do not directly enhance the security of SSL VPN access in the same effective manner as the selected options.