考题篇(6.4) 01 ❀ 企业防火墙 ❀ Fortinet 网络安全架构师 NSE７

Posted 2021-06-29 meigang2012

 When using the SSL certificate inspection method to inspect HTTPS traffic, how does FortiGate filter web requests when the client browser does notprovide the server name indication (SNI) extension? 〖当使用SSL证书检查方法检查HTTPS流量时，当客户端浏览器没有提供服务器名称指示(SNI)扩展时，FortiGate如何过滤web请求?〗

　　A. FortiGate uses the requested URL from the user\'s web browser.  〖FortiGate使用来自用户web浏览器的请求URL。〗

　　B. FortiGate uses the CN information from the Subject field in the server certificate.  〖FortiGate使用来自服务器证书中的Subject字段的CN信息。〗

　　C. FortiGate blocks the request without any furtherinspection.  〖FortiGate会在没有任何进一步检查的情况下阻止请求。〗

　　D. FortiGate switches to the full SSL inspection method to decrypt the data.  〖FortiGate切换到完整的SSL检查方法来解密数据。〗

　　【分析】