Valid CNX-001 Dumps shared by EduDump.com for Helping Passing CNX-001 Exam! EduDump.com now offer the newest CNX-001 exam dumps, the EduDump.com CNX-001 exam questions have been updated and answers have been corrected get the newest EduDump.com CNX-001 dumps with Test Engine here:
End users are getting certificate errors and are unable to connect to an application deployed in a cloud. The application requires HTTPS connection. A network solution architect finds that a firewall is deployed between end users and the application in the cloud. Which of the following is the root cause of the issue?
Correct Answer: D
Comprehensive and Detailed Explanation From Exact Extract: When SSL/HTTPS inspection is enabled on a firewall, it intercepts and decrypts HTTPS traffic. This requires the firewall to present its own trusted certificate to the client device. If that certificate is expired, the client browser will display a certificate error and block access to the application. This is a common misconfiguration that breaks HTTPS communication. Relevant Extract from CompTIA CloudNetX CNX-001 Study Guide - under "TLS/SSL Inspection and Certificate Management": "SSL inspection appliances must have valid certificates installed. Expired or untrusted certificates will result in browsers rejecting the HTTPS session and displaying errors to users." Other options: * A. Would prevent connection, but not result in certificate errors. * B. Blocked port 443 would prevent any connection, not cause cert errors. * C. Client-side certificates are not required unless mutual TLS is configured, which is not stated here.
