Examice

Exam nse4_fgt-72 All QuestionsBrowse all questions from this exam

Go to Exam

Question 6

Refer to the exhibits.

The exhibits show the SSL and authentication policy (Exhibit A) and the security policy (Exhibit B) for Facebook.

Users are given access to the Facebook web application. They can play video content hosted on

Facebook, but they are unable to leave reactions on videos or other types of posts.

Which part of the policy configuration must you change to resolve the issue?

Force access to Facebook using the HTTP service.

Make the SSL inspection a deep content inspection.

Add Facebook in the URL category in the security policy.

Get the additional application signatures required to add to the security policy.

Correct Answer: B

The issue arises because the SSL inspection is set to certificate-inspection. To effectively inspect and manage the reactions and other interactive elements on Facebook, a deep content inspection is required. This ensures that the FortiGate can examine the encrypted traffic in detail, which is necessary for controlling actions such as leaving reactions on posts. Therefore, making the SSL inspection a deep content inspection would resolve the issue.

Discussion

santi1509Option: B

Necesita realizar una inspección profunda de las acciones que se están haciendo en la página de Facebook para poder denegar las reacciones.

raydel92Option: B

B. Make the SSL inspection a deep content inspection. Reference and download study guide: https://ebin.pub/fortinet-fortigate-security-study-guide-for-fortios-72.html

lakis789

Hey raydel92, Have you given the exam ?

zeebo340Option: B

Answer is B - They can play video (tick) content hosted on Facebook, but they are unable to leave reactions on videos or other types of posts. This indicate that the rule are partially working as they can watch video but cant react, i.e. liking the content. So must be an issue with the SSL inspection rather then adding an app rule.

YgrecOption: B

B FortiGate needs to perform full SSL inspection. Without full SSL inspection, FortiGate cannot inspect encrypted traffic.

Slash_JMOption: B

FortiGate Security 7.2 Study Guide p.233 FortiGate needs to perform full SSL inspection. Without full SSL inspection, FortiGate cannot inspect encrypted traffic.

AhmedZkryOption: B

Correct is B

mohdroos1Option: B

needs ssl full inspection

ADR7Option: B

Remember that HTTPS ('S' = security) so that's why it is needed to enable full inspection)

learner2024Option: B

how do u know it it is encrypted ? is there a sign that shows reaction is encrypted here that requires deep inspection?

NickTeaming

All facebook content is encrypted by default (HTTPS)

GeniusAOption: B

B is the correct answer

PaulGoOption: B

Correct: B

MiicoOption: B

B is correct

[Removed]Option: B

B is correct Because the SSL Inspection is set to Certificate-Inspection, it must be set to Deep-inspection