Refer to the exhibit. The packet capture output of a client hello message is shown. You are updating a firewall policy that includes SSL certificate inspection. You are capturing packets from the traffic passing through this firewall policy. Which two statements about the packet capture are correct? (Choose two answers)

A. You can effectively apply a web filtering profile to this traffic.
B. The subject alternative name (SAN) is necessary to apply security profiles.
C. The client supports only TLS versions 1.2 and 1.3.
D. You can effectively apply an antivirus security profile to this traffic.

Correct Answer: A,C

Brave-Dump Clients Votes

AC 100%

Comments

Brave-Dumps Admin 2025-09-16 19:03:54

Selected Answers: A, C

EFW 7.6 page 166,167

Adam 2026-01-18 06:27:38

Selected Answers: A, C

From packet capture, we see "Extension: server_name (len=23) name=www.sharepoint.com", so we have SNI and question mentions we have SSL certificate inspection, so web filtering is possible which might be based on SNI or CN, so A is correct
B is wrong because even if we have "sni-server-cert-check" set to enable or strict, CN in server certificate should be enough for comparison to SNI
From packet capture, we see "Extension: supported_versions (len=5) TLS 1.3, TLS 1.2", so C is correct