Copy and Edit

Certificate Operations

Description

NSE4 6.0 NSE4 6.0 Quiz on Certificate Operations, created by Marcos Avila on 16/08/2018.
Marcos Avila
Quiz by Marcos Avila, updated more than 1 year ago
Marcos Avila
Created by Marcos Avila about 7 years ago
225
1
0

Resource summary

Question 1

Question
FortiGate uses the ______ certificate standard.
Answer
  • X.509v3
  • X.509v4
  • X.509v5

Question 2

Question
What attribute or extension is used to identify the owner of a certificate?
Answer
  • a. The subject name in the certificate
  • b. The unique serial number in the certificate

Question 3

Question
How does FortiGate check to see if a certificate has been revoked?
Answer
  • a. It checks the CRL that resides on FortiGate.
  • b. It retrieves the CRL from a directory server.

Question 4

Question
Which one of the following is a certificate extension and value that is required in the FortiGate CA certificate in order to enable full SSL inspection?
Answer
  • a. CRL DP=ca_arl.arl
  • b. cA=True

Question 5

Question
For full SSL inspection, which configuration requires FortiGate to act as a CA?
Answer
  • a. Multiple clients connecting to multiple servers
  • b. Protecting the SSL server

Question 6

Question
Deleting a CSR that is a pending state does not impact your ability to install the certificate.
Answer
  • a. True
  • b. False

Question 7

Question
What is one reason why a CA would trust and accept a CSR from a FortiGate?
Answer
  • a. The CSR is signed by the FortiGate’s private key.
  • b. The CA inherently trusts all FortiGates.

Question 8

Question
To be compliant with the Internet Engineering Task Force (IETF) RFC 5280, the CA certificate requires these two extensions to issue certificates:
Answer
  • cA=True keyUsage=keyCertSign
  • cA=True RFC=5280

Question 9

Question
Untrusted SSL Certificates options: (select 3)
Answer
  • Allow
  • Block
  • Ignore
  • Log only
  • Default
  • Quarantine

Question 10

Question
ignore untrusted certificates is only available if Multiple Clients Connecting to Multiple _ Servers is selected
Answer
  • True
  • False

Question 11

Question
CSR
Answer
  • Certificate signing request
  • Certificate security request

Question 12

Question
Deleting a CSR that is a pending state does not impact your ability to install the certificate.
Answer
  • A. True
  • B. False

Question 13

Question
What is one reason why a CA would trust and accept a CSR from a FortiGate?
Answer
  • A. The CSR is signed by the FortiGate’s private key.
  • B. The CA inherently trusts all FortiGates.
Show full summary Hide full summary

Want to create your own Quizzes for free with GoConqr? Learn more.

Similar

Browse Library