Question: 1
SSL Forward Proxy decryption is configured but the firewall uses Untrusted-CA to sign the website https //www important-website com certificate End-users are receiving me 'security certificate is not trusted is warning Without SSL decryption the web browser shows that the website certificate is trusted and signed by a well-known certificate chain Well-Known-lntermediate and Well-Known-Root-
CA.
The network security administrator who represents the customer requires the following two behaviors when SSL Forward Proxy is enabled:
2 End-users should get the warning for any other untrusted website
Which approach meets the two customer requirements?
Question: 2
While troubleshooting an SSL Forward Proxy decryption issue which PAN-OS CLI command would you use to check the details of the end-entity certificate that is signed by the Forward Trust Certificate or Forward Untrust Certificate?
Question: 3
An engines must configure the Decryption Broker feature To which router must the engineer assign the decryption forwarding interfaces that are used m the Decryption Broker security Chain?
Question: 4
What are three reasons why an installed session can be identified with the application incomplete' tag? (Choose three.)
Question: 5
A remote administrator needs firewall access on an untrusted interface Which two components are required on the firewall to configure certificate-based administrator authentication to the web Ul? (Choose two)