101 · Question #623
BIG-IP Administrator performs the capture as shown in the image! On which protocol is the application responding?
The correct answer is D. HTTP. In a packet capture, HTTP traffic is identifiable by plaintext headers, TCP port 80 usage, and readable HTTP status lines, distinguishing it from encrypted or non-HTTP protocols.
Question
BIG-IP Administrator performs the capture as shown in the image! On which protocol is the application responding?
Exhibit
Options
- ARDP
- BHTTPS
- CDNS
- DHTTP
How the community answered
(17 responses)- A6% (1)
- C18% (3)
- D76% (13)
Why each option
In a packet capture, HTTP traffic is identifiable by plaintext headers, TCP port 80 usage, and readable HTTP status lines, distinguishing it from encrypted or non-HTTP protocols.
RDP traffic uses TCP port 3389 and presents a binary protocol handshake in captures, not HTTP-style headers or status codes.
HTTPS traffic runs over TCP port 443 and appears as opaque TLS-encrypted records with no readable HTTP content visible in a capture.
DNS traffic uses UDP or TCP port 53 and shows structured query and response records for domain name resolution, not HTTP methods or response codes.
HTTP traffic appears in a packet capture as unencrypted, human-readable data over TCP port 80, showing request methods such as GET or POST and response status lines such as HTTP/1.1 200 OK. These characteristics make it distinctly identifiable compared to encrypted or binary protocols.
Concept tested: Protocol identification using packet capture analysis
Source: https://www.rfc-editor.org/rfc/rfc9110
Topics
Community Discussion
No community discussion yet for this question.
