One XGS appliance in a financial company was running firmware version 5.2 for 2 years. The System Administrator upgraded the firmware to 5.3.2.3 because version 5.2 is no longer supported and enabled Any-Any-Any-Inspect rule in Outbound SSL Inspection Policy according to new company audit policy. After that, several users complain that their workstations cannot get Windows Update any more.What should the System Administrator do to resolve this issue?
The System Administrator has configured Outbound SSL Inspection Policy for five SSL-enabled web sites.How can the SSL decryption errors for each web site be detected?
The System Administrator of an oil and gas company has an XGS appliance deployed in the network below:The appliance was working in Inline simulation mode and suddenly there was a power failure on the switch which causes link 1.2 on XGS to go down, However, port 1.1 on XGS remains up and hence the firewall keeps on sending the traffic to XGS appliance without realizing failure in the path.Which setting should be corrected in the Protection Interface policy to avoid this behavior?
A System Administrator is planning to implement SSL Inspection for both outbound user traffic and inbound traffic to a company web server.The requirements are as follows:✑ SSL Inspection should protect users from connections to fraudulent servers✑ Outbound SSL Inspection should be limited to select web site categories✑ Avoid having to deploy files, configurations, or certificates to user workstationsThe steps to implement this plan are as follows:✑ Obtain an Inspection license for the XGS✑ Obtain a certificate from a public CA and upload it to the XGS via Outbound SSL Certificates✑ Obtain the certificate and private key of the internal web server and upload it to the XGS via Inbound SSL Certificates✑ Add internal CA certificates for the company intranet to the trusted Certificate Authorities tab in Outbound SSL Inspection Settings✑ Configure Outbound SSL Inspection Settings to block connections if the server certificate is self-signed or invalid✑ Create Outbound SSL Inspection rules that inspect only specific Domain Certificate Categories✑ Create Inbound SSL Inspection rules that only decrypt traffic destined for the internal web server II addressWhat will happen if an internal user attempts to access the company intranet?
A System Administrator wants to install the XGS license files during the first time configuration of the appliance.How should the first time configuration wizard on the appliance be accessed?
A System Administrator has been seeing a lot of SSLv2-Weak_Cipher attacks reported on the network and wants to increase the severity of the events.How can this be accomplished?
