nerdexam
Exams300-415Questions#421
Cisco

300-415 · Question #421

300-415 Question #421: Real Exam Question with Answer & Explanation

The correct answer is D: client hello packets. When TLS proxy is enabled on a Cisco SD-WAN device, the Client Hello packet (D) is intercepted and forwarded to UTD (Unified Threat Defense) for inspection. The Client Hello is the very first message in a TLS handshake, sent from the client to the server. It contains critical met

Security and Quality of Service

Question

Which type of packet is sent to UTD for action when TLS proxy is enabled on a Cisco SD-WAN device?

Options

  • Ainitial data packets
  • Bserver hello packets
  • CTCP SYN packets
  • Dclient hello packets

Explanation

When TLS proxy is enabled on a Cisco SD-WAN device, the Client Hello packet (D) is intercepted and forwarded to UTD (Unified Threat Defense) for inspection. The Client Hello is the very first message in a TLS handshake, sent from the client to the server. It contains critical metadata including the TLS version, supported cipher suites, and - most importantly - the SNI (Server Name Indication), which identifies the target hostname. UTD uses this information to make a policy decision (e.g., whether to decrypt and inspect or bypass the session) before the handshake completes. The Server Hello (B) comes after; TCP SYN (C) is a Layer 4 event before TLS begins; and initial data packets (A) are post-handshake application data.

Topics

#SD-WAN Security#TLS Proxy#UTD#TLS Handshake

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full 300-415 Practice