F5 Networks Exam 301b Topic 3 Question 68 Discussion

Actual exam question for F5 Networks's 301b exam

Question #: 68
Topic #: 3

[All 301b Questions]

Given this as the first packet displayed of an ssldump:

2 2 1296947622.6313 (0.0001) S>CV3.1(74) Handshake

ServerHello

random[32]=

19 21 d7 55 c1 14 65 63 54 23 62 b7 c4 30 a2 f0

b8 c4 20 06 86 ed 9c 1f 9e 46 0f 42 79 45 8a 29

session_id[32]=

c4 44 ea 86 e2 ba f5 40 4b 44 b4 c2 3a d8 b4 ad

4c dc 13 0d 6c 48 f2 70 19 c3 05 f4 06 e5 ab a9

cipherSuite TLS_RSA_WITH_RC4_128_SHA

compressionMethod NULL

In reviewing the rest of the ssldump, the application data is NOT being decrypted.

Why is ssldump failing to decrypt the application data?

AThe application data is encrypted with SSLv3.

BThe application data is encrypted with TLSv1.

CThe data is contained within a resumed TLS session.

DThe BigDB Key Log.Tcpdump.Level needs to be adjusted.

Show Suggested Answer

Suggested Answer: D

by Chau at Mar 30, 2023, 04:35 PM

Limited Time Offer

25%

Off

Contribute your Thoughts:

Submit Cancel

9 days ago

But could it also be because the data is contained within a resumed TLS session?

upvoted 0 times

...

12 days ago

I agree with Han, it makes sense given the ssldump.

upvoted 0 times

...

17 days ago

I think the application data is encrypted with SSLv3.

upvoted 0 times

...