The exhibit displays the output of a real-time debug of the URL filtering process on a FortiGate
device. The debug output includes various details about a web request being processed.
SNI (Server Name Indication): This is part of the SSL/TLS handshake where the client specifies the
hostname it is trying to connect to. FortiGate can use this information to apply appropriate web
filtering rules based on the server name.
CN (Common Name): This is a field in the server's SSL certificate that typically contains the server's
hostname. FortiGate can extract this information to verify the identity of the server and apply
security policies accordingly.
Given that the debug output includes the hostname "training.fortinet.com," it is likely derived from
the SNI in the client's request or the CN in the server's certificate, indicating that FortiGate is using
this information to process the web request.
Reference:
Fortinet Community Documentation on Real-time Debugging
Which statement about this output is true?
Which statement about this output is true?