Cyber Monday 2024! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions

Fortinet Exam NSE7_LED-7.0 Topic 1 Question 16 Discussion

Actual exam question for Fortinet's NSE7_LED-7.0 exam
Question #: 16
Topic #: 1
[All NSE7_LED-7.0 Questions]

Refer to the exhibit.

Wireless guest users are unable to authenticate because they are getting a certificate error while loading the captive portal login page. This URL string is the HTTPS POST URL guest wireless users see when attempting to access the network using the web browser

Which two settings are the likely causes of the issue? (Choose two.)

Show Suggested Answer Hide Answer
Suggested Answer: A, B

According to the exhibit, the wireless guest users are getting a certificate error while loading the captive portal login page. This means that the browser cannot verify the identity of the server that is hosting the login page. Therefore, option A is true because the external server FQDN is incorrect, which means that it does not match the common name or subject alternative name of the server certificate. Option B is also true because the wireless user's browser is missing a CA certificate, which means that it does not have the root or intermediate certificate that issued the server certificate. Option C is false because the FortiGate authentication interface address is using HTTPS, which is a secure protocol that encrypts the communication between the browser and the server. Option D is false because the user address is not in DDNS form, which is not related to the certificate error.


Contribute your Thoughts:

Noah
6 months ago
I believe option B might also be a valid cause. If the user's browser is missing a CA certificate, they might get a certificate error.
upvoted 0 times
...
Louvenia
6 months ago
I agree with you. The external server FQDN being incorrect could cause a certificate error.
upvoted 0 times
...
Dorcas
6 months ago
I think the likely causes of the issue are option A and option B.
upvoted 0 times
...
Glory
6 months ago
I believe option C) could also be a potential cause. If the FortiGate authentication interface address is using HTTPS, it might be causing conflicts with the captive portal login page.
upvoted 0 times
...
Asha
6 months ago
I agree with The incorrect external server FQDN and missing CA certificate in the browser can definitely cause certificate errors.
upvoted 0 times
...
Edgar
7 months ago
I think the likely causes of the issue are A) The external server FQDN is incorrect and B) The wireless user's browser is missing a CA certificate.
upvoted 0 times
...
Denny
8 months ago
I don't think the user address being in DDNS form has anything to do with this. That seems irrelevant to the certificate error problem. Let's focus on the SSL/TLS configuration and the CA certificate.
upvoted 0 times
...
Deonna
8 months ago
I agree with the other candidates. The certificate error is a clear indicator of an SSL/TLS configuration problem. I'm curious to know if the admin tried to use a self-signed certificate or if there's an issue with the way the certificate was deployed. Either way, B and C seem like the most likely answers here.
upvoted 0 times
...
Rory
8 months ago
Haha, imagine if the issue was because the admin set the FQDN to 'www.notavirus.com' - that would be a real head-scratcher! But seriously, I think Floyd and Cassi are on the right track. The certificate issue is the most likely culprit here. We need to double-check the SSL/TLS settings and make sure the users have the required CA certificates installed.
upvoted 0 times
...
Jacqueline
8 months ago
You know, that's a good point. If the wireless users' browsers don't have the right CA certificate installed, that would definitely cause the issue we're seeing. I bet that's one of the two settings we're looking for.
upvoted 0 times
...
Cassi
8 months ago
I agree with Floyd. The certificate error suggests an issue with the SSL/TLS configuration. The external server FQDN and DDNS form don't seem to be the problem here. We need to ensure the captive portal is properly configured with a valid SSL/TLS certificate that the client browsers can trust.
upvoted 0 times
...
Floyd
8 months ago
Hmm, this is an interesting question. I think the likely causes are B) The wireless user's browser is missing a CA certificate, and C) The FortiGate authentication interface address is using HTTPS. If the captive portal is using HTTPS, then the user's browser needs to trust the certificate, otherwise they'll get the certificate error.
upvoted 0 times
...
Earnestine
8 months ago
Hmm, I'm not so sure about that. What if the wireless user's browser is missing the CA certificate? That could also cause a certificate error, couldn't it?
upvoted 0 times
...
Lashawn
8 months ago
I agree, the SSL/TLS configuration is probably the culprit here. My money is on the external server FQDN being incorrect and the FortiGate authentication interface address using HTTPS. That would explain the certificate error.
upvoted 0 times
...
Vincenza
8 months ago
Okay, let's think this through step-by-step. The issue is that the wireless guest users are getting a certificate error when trying to access the captive portal login page. That sounds like it could be a problem with the SSL/TLS configuration.
upvoted 0 times
Janae
7 months ago
User2
upvoted 0 times
...
Fannie
7 months ago
User1
upvoted 0 times
...
Aracelis
8 months ago
C) The FortiGate authentication interface address is using HTTPS
upvoted 0 times
...
Lanie
8 months ago
B) The wireless user's browser is missing a CA certificate
upvoted 0 times
...
Adela
8 months ago
A) The external server FQDN is incorrect
upvoted 0 times
...
...
Glory
8 months ago
Ugh, this question is so tricky. I've seen issues like this before, and it can be a real pain to troubleshoot. I'm not sure which two settings are the likely causes, but I'm going to give it my best shot.
upvoted 0 times
...

Save Cancel
az-700  pass4success  az-104  200-301  200-201  cissp  350-401  350-201  350-501  350-601  350-801  350-901  az-720  az-305  pl-300  

Warning: Cannot modify header information - headers already sent by (output started at /pass.php:70) in /pass.php on line 77