NSE 6 – FortiWeb 6.1 — Question 18

Which three statements about HTTPS on FortiWeb are true? (Choose three.)

Answer options

• A. In true transparent mode, the TLS session terminator is a protected web server.
• B. After enabling HSTS, redirects to HTTPS are never needed.
• C. For SNI, you select the certificate that FortiWeb presents in the server pool, not in the server policy.
• D. Enabling RC4 protects against the BEAST attack, but is not recommended if you configure FortiWeb to offer only TLS 1.2.
• E. In transparent inspection mode, you select the certificate that FortiWeb presents in the server pool, not in the server policy.

Correct answer: A, D, E

Explanation

The correct answers A, D, and E accurately describe FortiWeb's behavior with HTTPS, where A correctly identifies the TLS terminator in true transparent mode, D notes the limitations of using RC4 with TLS 1.2, and E clarifies how certificates are selected in transparent inspection mode. Option B is incorrect because HSTS does not eliminate the need for HTTPS redirects in all cases, and option C is misleading as SNI certificate selection is typically based on the server policy.