The transfer of encrypted files or the use of encrypted protocols between users and servers on the Internet can frustrate the efforts of administrators attempting to monitor traffic passing through the FortiGate unit and ensuring user compliance to corporate rules. Which of the following items will allow the administrator to control the transfer of encrypted data through the FortiGate unit? (Select all that apply.)
A. Encrypted protocols can be scanned through the use of the SSL proxy.
B. DLP rules can be used to block the transmission of encrypted files.
C. Firewall authentication can be enabled in the firewall policy, preventing the use of encrypted communications channels.
D. Application control can be used to monitor the use of encrypted protocols attempted.
Answer: A, B, D
When the SSL Proxy (man-in-the-middle) is used to decrypt SSL-encrypted traffic. After decryption, where is the content buffered in preparation for content inspection?
A. The file is buffered by the application proxy.
B. The file is buffered by the SSL proxy.
C. In the upload direction, the file is buffered by the SSL proxy. In the download direction, the file is buffered by the application proxy.
D. No file buffering is needed in proxy inspection mode.
Answer: A
No comments:
Post a Comment
Note: only a member of this blog may post a comment.