nerdexam
F5

101 · Question #623

BIG-IP Administrator performs the capture as shown in the image! On which protocol is the application responding?

The correct answer is D. HTTP. In a packet capture, HTTP traffic is identifiable by plaintext headers, TCP port 80 usage, and readable HTTP status lines, distinguishing it from encrypted or non-HTTP protocols.

Section 1: OSI Model, Network, and Application Delivery Basics

Question

BIG-IP Administrator performs the capture as shown in the image! On which protocol is the application responding?

Exhibit

101 question #623 exhibit

Options

  • ARDP
  • BHTTPS
  • CDNS
  • DHTTP

How the community answered

(17 responses)
  • A
    6% (1)
  • C
    18% (3)
  • D
    76% (13)

Why each option

In a packet capture, HTTP traffic is identifiable by plaintext headers, TCP port 80 usage, and readable HTTP status lines, distinguishing it from encrypted or non-HTTP protocols.

ARDP

RDP traffic uses TCP port 3389 and presents a binary protocol handshake in captures, not HTTP-style headers or status codes.

BHTTPS

HTTPS traffic runs over TCP port 443 and appears as opaque TLS-encrypted records with no readable HTTP content visible in a capture.

CDNS

DNS traffic uses UDP or TCP port 53 and shows structured query and response records for domain name resolution, not HTTP methods or response codes.

DHTTPCorrect

HTTP traffic appears in a packet capture as unencrypted, human-readable data over TCP port 80, showing request methods such as GET or POST and response status lines such as HTTP/1.1 200 OK. These characteristics make it distinctly identifiable compared to encrypted or binary protocols.

Concept tested: Protocol identification using packet capture analysis

Source: https://www.rfc-editor.org/rfc/rfc9110

Topics

#packet capture#protocol identification#HTTP#Wireshark

Community Discussion

No community discussion yet for this question.

Full 101 Practice