nerdexam
F5

101 · Question #659

In an administrator's environment, the administrator wants to inspect a high volume of SSL traffic. What should be used for this task?

The correct answer is C. Big-IP Local Traffic Manager appliance. BIG-IP Local Traffic Manager (LTM) appliance is the correct solution for high-volume SSL traffic inspection due to its hardware-accelerated SSL offloading and decryption capabilities.

Section 2: F5 Solutions and Technology

Question

In an administrator's environment, the administrator wants to inspect a high volume of SSL traffic. What should be used for this task?

Options

  • ABig-IP Global Traffic Manager appliance
  • BBig-lP standard virtual edition
  • CBig-IP Local Traffic Manager appliance
  • DBig-IP virtual edition with FIPS

How the community answered

(22 responses)
  • A
    9% (2)
  • C
    86% (19)
  • D
    5% (1)

Why each option

BIG-IP Local Traffic Manager (LTM) appliance is the correct solution for high-volume SSL traffic inspection due to its hardware-accelerated SSL offloading and decryption capabilities.

ABig-IP Global Traffic Manager appliance

BIG-IP Global Traffic Manager (GTM) is designed for DNS-based global server load balancing and intelligent traffic steering, not for SSL decryption or deep packet inspection.

BBig-lP standard virtual edition

A BIG-IP standard virtual edition runs entirely in software without dedicated hardware SSL acceleration, making it unsuitable for high-volume SSL inspection compared to a physical appliance.

CBig-IP Local Traffic Manager applianceCorrect

BIG-IP LTM is specifically engineered for application delivery and traffic management, including SSL/TLS termination using dedicated hardware SSL acceleration chips (ASICs). These ASICs allow LTM to decrypt, inspect, and re-encrypt large volumes of SSL traffic at line rate without saturating the CPU. A physical LTM appliance provides the throughput and processing capacity required for high-volume SSL inspection workloads.

DBig-IP virtual edition with FIPS

BIG-IP virtual edition with FIPS is configured for Federal Information Processing Standards cryptographic compliance, not for high-throughput SSL traffic inspection workloads.

Concept tested: BIG-IP LTM hardware SSL offloading for high-volume inspection

Source: https://techdocs.f5.com/en-us/bigip-16-1-0/big-ip-ssl-administration.html

Topics

#SSL inspection#LTM#BIG-IP#traffic inspection

Community Discussion

No community discussion yet for this question.

Full 101 Practice