Cisco
300-730 · Question #109
300-730 Question #109: Real Exam Question with Answer & Explanation
The correct answer is D: Java plug-ins. The http-only-cookie command marks ASA session cookies with the HttpOnly attribute to prevent JavaScript from reading them; Java plug-ins use a browser-level HTTP mechanism that does not depend on JavaScript cookie access and continue to function.
Remote Access VPN
Question
Which clientless SSLVPN supported feature works when the http-only-cookie command is enabled?
Options
- ACitrix load balancer
- Bport-reflector
- CJava rewriter
- DJava plug-ins
- Escript browser
Explanation
The http-only-cookie command marks ASA session cookies with the HttpOnly attribute to prevent JavaScript from reading them; Java plug-ins use a browser-level HTTP mechanism that does not depend on JavaScript cookie access and continue to function.
Common mistakes.
- A. Citrix load balancer integration depends on cookie inspection and manipulation techniques that are blocked when cookies carry the HttpOnly flag, preventing JavaScript from reading or modifying session state.
- B. Port-reflector functionality requires JavaScript access to session cookies to manage port-forwarding state, which is broken when http-only-cookie is enabled.
- C. The Java rewriter dynamically rewrites Java applet references in web pages using JavaScript-based session tracking that cannot function when session cookies are marked HttpOnly.
- E. The script browser relies on JavaScript to handle session cookies for navigation and state management, which is incompatible with HttpOnly-flagged cookies.
Concept tested. Clientless SSLVPN http-only-cookie command compatibility with Java plug-ins
Topics
#clientless SSL VPN#http-only-cookie#Java plugins#ASA feature
Community Discussion
No community discussion yet for this question.