Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Fortinet Exam NSE7_LED-7.0 Topic 1 Question 16 Discussion

Actual exam question for Fortinet's NSE7_LED-7.0 exam
Question #: 16
Topic #: 1
[All NSE7_LED-7.0 Questions]

Which two statements about the use of digital certificates are true? (Choose two.)

Show Suggested Answer Hide Answer
Suggested Answer: A, B

According to the exhibit, the wireless guest users are getting a certificate error while loading the captive portal login page. This means that the browser cannot verify the identity of the server that is hosting the login page. Therefore, option A is true because the external server FQDN is incorrect, which means that it does not match the common name or subject alternative name of the server certificate. Option B is also true because the wireless user's browser is missing a CA certificate, which means that it does not have the root or intermediate certificate that issued the server certificate. Option C is false because the FortiGate authentication interface address is using HTTPS, which is a secure protocol that encrypts the communication between the browser and the server. Option D is false because the user address is not in DDNS form, which is not related to the certificate error.


by Frederica at Apr 12, 2024, 07:15 PM

Limited Time Offer

25%

Off

Get Premium NSE7_LED-7.0 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Billi
22 days ago
Wait, so these are digital certificates, not the kind you get for completing a pottery class, right? I was hoping to get some sweet ceramic awards out of this exam.
upvoted 0 times
...
Reyes
1 months ago
C is definitely wrong. You absolutely need to know the CA that issued the certificate in order to validate the signature. Otherwise, how would you trust the certificate?
upvoted 0 times
Man
4 days ago
A) A chain of trust may include one or more intermediate CAs.
upvoted 0 times
...
...
Therese
1 months ago
I'm going to go with A and D as well. The whole point of a chain of trust is to have multiple CAs involved, right? And an intermediate CA has to be able to sign other certs, otherwise the chain would be broken.
upvoted 0 times
...
Vivan
1 months ago
I'm pretty sure B is wrong. The root CA is the top-level certificate authority, so it's not signed by another certificate.
upvoted 0 times
...
Antonette
1 months ago
A and D seem like the correct choices here. A chain of trust allows for intermediate CAs to be part of the certificate validation process, and an intermediate CA can definitely sign other certificates.
upvoted 0 times
...
Tennie
2 months ago
I'm not sure about C, but I think B is also true. The root CA is usually signed by another certificate to establish trust.
upvoted 0 times
...
Jettie
2 months ago
I agree with you, Larae. A chain of trust can include intermediate CAs and they can sign other certificates.
upvoted 0 times
...
Larae
2 months ago
I think A and D are true.
upvoted 0 times
...

Save Cancel