Fortinet NSE 4 (Security) - 06. Certificate Operations, Questions and answe[latest exam prediction paper 2024/25]rs, verified/

Fortinet NSE 4 (Security) - 06. Certificate Operations, Questions and answers, verified/ What is the certificate standard supported by FortiGate? - -X.509v3 (the most common standard for certificates) Which certificate store is utilized by FortiOS? - -Mozilla CA What four checks does FortiGate run prior to trusting a certificate? - -1. Check the CRLs both locally and using OCSP 2. Read the value of the Issuer filed to determine if there is a corresponding CA certificate (if there is no CA certificate, the certificate is not trusted) 3. Verifies the current date is between the Valid From and Valid To values 4. Validates the signature What is the process a CA uses to create a digital signature? - -1. CA runs the contents of certificate through a hash, which is referred to as the original hash result 2. The CA encrypts the original hash result using its private key, the result of which is the digital signature What is the process FortiGate uses to verify the digital signature? - -1. FortiGate runs the certificate through a hash function, which has been identified in the certificate 2. FortiGate decrypts the digital signature provided by the CA using the CA public key 3. FortiGate compares the values from Steps 1 & 2 above to confirm they match. Match = valid signature What is the process of establishing an SSL handshake? - -1. FortiGate connects to the web server and provides information such as the SSL version in use and cryptographic algorithms supported 2. Web server responds with chosen SSL version and cipher suite, as well as a copy of its ce