PCNSE · Question #379
PCNSE Question #379: Real Exam Question with Answer & Explanation
The correct answer is A: TLS protocol version. SSL/TLS decryption is computationally intensive and several factors drive resource usage on the firewall's data plane. (A) TLS protocol version matters because different versions use different cipher suites and handshake mechanisms - TLS 1.3 changes the handshake flow significant
Question
During SSL decryption which three factors affect resource consumption1? (Choose three )
Options
- ATLS protocol version
- Btransaction size
- Ckey exchange algorithm
- Dapplications that use non-standard ports
- Ecertificate issuer
Explanation
SSL/TLS decryption is computationally intensive and several factors drive resource usage on the firewall's data plane. (A) TLS protocol version matters because different versions use different cipher suites and handshake mechanisms - TLS 1.3 changes the handshake flow significantly. (B) Transaction size directly affects how much data must be decrypted, buffered, inspected, and re-encrypted. Larger payloads consume more CPU and memory. (C) The key exchange algorithm (e.g., RSA vs. ECDHE) determines the cryptographic workload during the handshake; Diffie-Hellman variants are more CPU-intensive than RSA. (D) Applications using non-standard ports do not inherently affect decryption resource consumption - the port number itself has no bearing on cryptographic overhead. (E) The certificate issuer (CA) affects trust validation but does not significantly impact ongoing decryption resource usage.
Topics
Community Discussion
No community discussion yet for this question.