ExamTopics Logo
Mail Us[email protected]
Menu
F5 Discussions
exam questions

Exam 301b All Questions

View all questions & answers for the 301b exam
Go to Exam

Exam 301b topic 1 question 34 discussion

Actual exam question from F5's 301b
Question #: 34
Topic #: 1
[All 301b Questions]

An LTM Specialist has just captured trace /var/tmp/trace.cap for site www.example.com while listening on virtual address 10.0.0.1:443 configured on partition
ApplicationA. The data payload being captured is SSL encrypted.
Which command should the LTM Specialist execute to decrypt the data payload?

  • A. ssldump -Aed -nr /var/tmp/trace.cap -k /config/filestore/files_d/Common_d/certificate_d/:Common:www.example.com.crt_1
  • B. ssldump -Aed -nr /var/tmp/trace.cap -k /config/filestore/files_d/Common_d/certificate_key_d/:Common:www.example.com.key_1
  • C. ssldump -Aed -nr /var/tmp/trace.cap -k /config/filestore/files_d/ApplicationA_d/certificate_d/:ApplicationA:www.example.com.crt_1
  • D. ssldump -Aed -nr /var/tmp/trace.cap -k /config/filestore/files_d/ApplicationA_d/certificate_key_d/:ApplicationA:www.example.com.key_1
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️
by TC at Sept. 9, 2019, 7:30 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
TC
Highly Voted 4 years, 10 months ago
The correct answer should be D?
upvoted 6 times
lbys
3 years, 11 months ago
no ,The correct answer should be B
upvoted 1 times
...
...
GVKD
Most Recent 5 months ago
D - Correct BIG-IP 11.x - 16.x: /config/filestore/files_d/<partition_name>_d/certificate_key_d/ https://support.f5.com/csp/article/K10209
upvoted 1 times
...
Turd
2 years, 10 months ago
Technically, the key can be stored in Common or ApplicationA partition, so B or D would work. But I think they are implying that the key exists in ApplicationA partition or why else mention that the VS is in that partition? Bad question.
upvoted 2 times
...
enzo28
3 years, 1 month ago
Note: Beginning in BIG-IP 11.x, the SSL profile keys are stored in the /config/filestore/files_d/<partition_name>_d/certificate_key_d/ directory.
upvoted 1 times
...
Renan_Custodio
3 years, 2 months ago
D is correct, see my lab: I created a partiton teste_partition and after into the partiiton a certificate, so when I try create a client ssl profile on teste_partition I don't see Common's certicate, em virse versa.
upvoted 2 times
...
nvidesen
3 years, 10 months ago
In my opinion, it could be B or D. You can store key and certificate in /Common or /ApplicationA and use it from /ApplicationA
upvoted 1 times
...
techbot
3 years, 10 months ago
Answer should be D. Partition name must be a part of the path to the key. https://support.f5.com/csp/article/K10209
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago