Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

F5 Networks 301b Exam - Topic 3 Question 68 Discussion

Given this as the first packet displayed of an ssldump:2 2 1296947622.6313 (0.0001) S>CV3.1(74) HandshakeServerHellorandom[32]=19 21 d7 55 c1 14 65 63 54 23 62 b7 c4 30 a2 f0b8 c4 20 06 86 ed 9c 1f 9e 46 0f 42 79 45 8a 29session_id[32]=c4 44 ea 86 e2 ba f5 40 4b 44 b4 c2 3a d8 b4 ad4c dc 13 0d 6c 48 f2 70 19 c3 05 f4 06 e5 ab a9cipherSuite TLS_RSA_WITH_RC4_128_SHAcompressionMethod NULLIn reviewing the rest of the ssldump, the application data is NOT being decrypted.Why is ssldump failing to decrypt the application data?
D) The BigDB Key Log.Tcpdump.Level needs to be adjusted.
A) The application data is encrypted with SSLv3.
B) The application data is encrypted with TLSv1.
C) The data is contained within a resumed TLS session.

F5 Networks 301b Exam - Topic 3 Question 68 Discussion

Actual exam question for F5 Networks's 301b exam
Question #: 68
Topic #: 3
[All 301b Questions]

Given this as the first packet displayed of an ssldump:

2 2 1296947622.6313 (0.0001) S>CV3.1(74) Handshake

ServerHello

random[32]=

19 21 d7 55 c1 14 65 63 54 23 62 b7 c4 30 a2 f0

b8 c4 20 06 86 ed 9c 1f 9e 46 0f 42 79 45 8a 29

session_id[32]=

c4 44 ea 86 e2 ba f5 40 4b 44 b4 c2 3a d8 b4 ad

4c dc 13 0d 6c 48 f2 70 19 c3 05 f4 06 e5 ab a9

cipherSuite TLS_RSA_WITH_RC4_128_SHA

compressionMethod NULL

In reviewing the rest of the ssldump, the application data is NOT being decrypted.

Why is ssldump failing to decrypt the application data?

Show Suggested Answer Hide Answer
Suggested Answer: D

by Chau at Mar 30, 2023, 04:35 PM

Limited Time Offer

25%

Off

Get Premium 301b Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Rodolfo
7 months ago
I disagree, it’s more likely a TLS version mismatch.
upvoted 0 times
...
Paris
7 months ago
Nah, it’s probably just a key log issue.
upvoted 0 times
...
Sanda
7 months ago
Wait, is SSLv3 still in use? That seems outdated!
upvoted 0 times
...
Bobbie
8 months ago
I think it's definitely related to the session resumption.
upvoted 0 times
...
Stephanie
8 months ago
The cipher suite is SSLv3, so that could be an issue.
upvoted 0 times
...
Lucy
8 months ago
I think the application data not being decrypted might be due to the session being resumed, but I need to double-check that.
upvoted 0 times
...
Rene
8 months ago
I feel like the key log adjustment could be a factor, but I can't recall the specifics.
upvoted 0 times
...
Zona
8 months ago
This kind of question seems familiar; I think it might be related to session resumption issues.
upvoted 0 times
...
Rikki
8 months ago
I remember something about SSLv3 and TLSv1, but I'm not sure which one is relevant here.
upvoted 0 times
...
Nickie
8 months ago
This looks like a straightforward present value calculation, so I think I can handle it. I'll need to use the formula and plug in the given values.
upvoted 0 times
...
Dana
8 months ago
I was leaning toward the hybrid approach since it seems flexible, but I can't recall the specifics of when to apply it effectively.
upvoted 0 times
...
Janey
8 months ago
This question seems a bit confusing. I'll need to read it carefully and think through the key points.
upvoted 0 times
...
Ranee
1 year ago
Wait, doesn't the ServerHello indicate that the session is not resumed? I'm leaning towards option B being the correct answer.
upvoted 0 times
Loren
12 months ago
User 3: Makes sense. TLSv1 encryption would explain the decryption issue.
upvoted 0 times
...
Cyril
12 months ago
User 2: Yeah, I agree. That points to option B, TLSv1 encryption.
upvoted 0 times
...
Gary
1 year ago
User 1: I think the ServerHello shows it's not a resumed session.
upvoted 0 times
...
...
Rasheeda
1 year ago
Haha, the 'BigDB Key Log.Tcpdump.Level' made me chuckle. I bet the developers had a hard time coming up with that one.
upvoted 0 times
...
Dyan
1 year ago
I'm not sure about the resumed TLS session part, but the cipherSuite indicates it's using RC4, so maybe that's the issue?
upvoted 0 times
Cecil
12 months ago
C) The data is contained within a resumed TLS session.
upvoted 0 times
...
Stacey
1 year ago
B) The application data is encrypted with TLSv1.
upvoted 0 times
...
Lucille
1 year ago
A) The application data is encrypted with SSLv3.
upvoted 0 times
...
...
Coral
1 year ago
Hmm, I think the key log needs to be adjusted, so option D might be the right answer here.
upvoted 0 times
Raymon
1 year ago
Maybe the application data is encrypted with SSLv3.
upvoted 0 times
...
Jamika
1 year ago
I think it's because the data is contained within a resumed TLS session.
upvoted 0 times
...
Katlyn
1 year ago
I agree, the key log might need to be adjusted.
upvoted 0 times
...
...
Fletcher
1 year ago
The application data is encrypted with TLSv1, not SSLv3, so option A is incorrect.
upvoted 0 times
...
Jamal
1 year ago
But could it also be because the data is contained within a resumed TLS session?
upvoted 0 times
...
Pamella
1 year ago
I agree with Han, it makes sense given the ssldump.
upvoted 0 times
...
Han
1 year ago
I think the application data is encrypted with SSLv3.
upvoted 0 times
...

Save Cancel