nse4_fgt-72 Exam QuestionsBrowse all questions from this exam
Go to Exam

nse4_fgt-72 Exam - Question 6

Refer to the exhibits.

The exhibits show the SSL and authentication policy (Exhibit A) and the security policy (Exhibit B) for Facebook.

Users are given access to the Facebook web application. They can play video content hosted on

Facebook, but they are unable to leave reactions on videos or other types of posts.

Which part of the policy configuration must you change to resolve the issue?

Show Answer
Correct Answer: B

The issue arises because the SSL inspection is set to certificate-inspection. To effectively inspect and manage the reactions and other interactive elements on Facebook, a deep content inspection is required. This ensures that the FortiGate can examine the encrypted traffic in detail, which is necessary for controlling actions such as leaving reactions on posts. Therefore, making the SSL inspection a deep content inspection would resolve the issue.

Discussion

13 comments
Sign in to comment
santi1509Option: B
Feb 20, 2023

Necesita realizar una inspección profunda de las acciones que se están haciendo en la página de Facebook para poder denegar las reacciones.

zeebo340Option: B
Jan 3, 2023

Answer is B - They can play video (tick) content hosted on Facebook, but they are unable to leave reactions on videos or other types of posts. This indicate that the rule are partially working as they can watch video but cant react, i.e. liking the content. So must be an issue with the SSL inspection rather then adding an app rule.

raydel92Option: B
Sep 8, 2023

B. Make the SSL inspection a deep content inspection. Reference and download study guide: https://ebin.pub/fortinet-fortigate-security-study-guide-for-fortios-72.html

lakis789
Sep 25, 2023

Hey raydel92, Have you given the exam ?

mohdroos1Option: B
Jan 1, 2023

needs ssl full inspection

AhmedZkryOption: B
Jul 19, 2023

Correct is B

Slash_JMOption: B
Aug 29, 2023

FortiGate Security 7.2 Study Guide p.233 FortiGate needs to perform full SSL inspection. Without full SSL inspection, FortiGate cannot inspect encrypted traffic.

YgrecOption: B
Feb 12, 2024

B FortiGate needs to perform full SSL inspection. Without full SSL inspection, FortiGate cannot inspect encrypted traffic.

[Removed]Option: B
Feb 14, 2023

B is correct Because the SSL Inspection is set to Certificate-Inspection, it must be set to Deep-inspection

MiicoOption: B
Mar 7, 2023

B is correct

PaulGoOption: B
Apr 10, 2023

Correct: B

GeniusAOption: B
Dec 19, 2023

B is the correct answer

learner2024Option: B
May 16, 2024

how do u know it it is encrypted ? is there a sign that shows reaction is encrypted here that requires deep inspection?

NickTeaming
Jun 23, 2024

All facebook content is encrypted by default (HTTPS)

ADR7Option: B
May 29, 2024

Remember that HTTPS ('S' = security) so that's why it is needed to enable full inspection)