NSE 4 – FortiGate 6.2 — Question 51

Which condition must be met in order for a web browser to trust a web server certificate signed by a third-party CA?

Answer options

• A. The private key of the CA certificate that is signed the browser certificate must be installed on the browser.
• B. The CA certificate that signed the web server certificate must be installed on the browser.
• C. The public key of the web server certificate must be installed on the web browser.
• D. The web-server certificate must be installed on the browser.

Correct answer: B

Explanation

For a web browser to trust a web server certificate, the CA certificate that signed it must be installed in the browser's trusted store. Option A is incorrect because the private key is not needed for validation, while options C and D misinterpret the trust relationship and the requirements for certificate validation.