If an administrator wants to decrypt SMTP traffic and possesses the server's certificate, which SSL decryption mode will allow the Palo Alto Networks NGFW to inspect traffic to the server?
The answer is B, there are three types of decryption (excluding a no-decrypt' rule) that one can use on the PA:
1. SSL Forward Proxy - Inside to Outside (To the the internet)
2. SSL Inbound Proxy - Outside to Inside (usually towards a hosted webserver in your net)
3. SSH Forward Proxy - As is states, for SSH traffic. The important one to remember for this type of decryption is that no certs are required.
I guess B, but its a BS question. Possessing the certificate is only half of what you need. You need the private key as well which is left out from the question.
This section is not available anymore. Please use the main Exam Page.PCNSE Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
Biz90
Highly Voted 3 years agozadkiel
Highly Voted 4 years, 3 months agoMarshpillowz
Most Recent 9 months, 1 week agoTechn
1 year, 4 months agoKnowledge33
1 year, 5 months agoAcidscars
1 year, 7 months agoTAKUM1y
2 years, 1 month agoUFanat
2 years, 4 months agoguilherme_a
4 years, 2 months ago