Palo Alto Networks Certified Network Security Engineer (PCNSE) — Question 349
A network administrator wants to deploy SSL Forward Proxy decryption. What two attributes should a forward trust certificate have? (Choose two.)
Answer options
- A. A certificate authority (CA) certificate
- B. A private key
- C. A server certificate
- D. A subject alternative name
Correct answer: A, B
Explanation
The correct attributes for a forward trust certificate are a certificate authority (CA) certificate and a private key, as these are essential for establishing a trusted connection and enabling decryption. The server certificate and subject alternative name, while important in other contexts, do not apply to the requirements for a forward trust certificate.