Valid FCSS_EFW_AD-7.4 Dumps shared by ExamDiscuss.com for Helping Passing FCSS_EFW_AD-7.4 Exam! ExamDiscuss.com now offer the newest FCSS_EFW_AD-7.4 exam dumps, the ExamDiscuss.com FCSS_EFW_AD-7.4 exam questions have been updated and answers have been corrected get the newest ExamDiscuss.com FCSS_EFW_AD-7.4 dumps with Test Engine here:
A vulnerability scan report has revealed that a user has generated traffic to the website example.com (10.10.10.10) using a weak SSL/TLS version supported by the HTTPS web server. What can the firewall administrator do to block all outdated SSL/TLS versions on any HTTPS web server to prevent possible attacks on user traffic?
Correct Answer: A
The best way to block outdated SSL/TLS versions is to configure the SSL/SSH inspection profile to enforce a minimum SSL/TLS version and disable weak SSL versions. By setting the minimum allowed SSL version in the HTTPS settings of the SSL/SSH inspection profile, FortiGate will: Block any connection using outdated SSL/TLS versions (such as SSLv3, TLS 1.0, or TLS 1.1). Enforce secure communication using only strong SSL/TLS versions (such as TLS 1.2 or TLS 1.3). Protect users from man-in-the-middle (MITM) and downgrade attacks that exploit weak encryption.
