Palo Alto Networks Certified Network Security Engineer (PCNSE) — Question 214

In SSL Forward Proxy decryption, which two certificates can be used for certificate signing? (Choose two.)

Answer options

• A. self-signed CA certificate
• B. server certificate
• C. wildcard server certificate
• D. client certificate
• E. enterprise CA certificate

Correct answer: A, E

Explanation

The correct answers are A and E because both the self-signed CA certificate and the enterprise CA certificate are capable of signing other certificates for use in SSL Forward Proxy decryption. Options B, C, and D are not used for signing certificates in this context.