1
Decryption and Monitoring
hard
Refer to the exhibit. An administrator configures decryption for HTTPS traffic from internal users. However, traffic using TLS 1.3 is not being decrypted. Which change should be made to decrypt TLS 1.3 traffic?
Exhibit
{
"decryption-policy": {
"rules": [
{
"name": "Decrypt-HTTPs-Corp",
"source-zones": ["internal"],
"dest-zones": ["external"],
"source-users": ["corp-users"],
"destination-addresses": ["any"],
"service": ["service-https"],
"action": "decrypt",
"decryption-profile": "Standard-Decrypt"
}
]
},
"decryption-profile": {
"name": "Standard-Decrypt",
"ssl-decrypt-settings": {
"forward-trust-cert": "PA-Forward-Trust",
"forward-untrust-cert": "PA-Forward-Untrust",
"decrypt-unknown-protocol": false,
"ssl-protocol-settings": {
"min-version": "tls1-0",
"max-version": "tls1-2"
}
}
}
}