301b Exam — Question 43

Exam 301b All QuestionsBrowse all questions from this exam

Question 43

An LTM Specialist sees these entries in /var/log/ltm:

Oct 25 03:34:31 tmm warning tmm[7150]: 01260017:4: Connection attempt to insecure SSL server (see RFC5746) aborteD. 172.16.20.1:443

Oct 25 03:34:32 tmm warning tmm[7150]: 01260017:4: Connection attempt to insecure SSL server (see RFC5746) aborteD. 172.16.20.1:443

Oct 25 03:34:32 tmm warning tmm[7150]: 01260017:4: Connection attempt to insecure SSL server (see RFC5746) aborteD. 172.16.20.1:443

Oct 25 03:34:32 tmm warning tmm[7150]: 01260017:4: Connection attempt to insecure SSL server (see RFC5746) aborteD. 172.16.20.1:443

Oct 25 03:34:32 tmm warning tmm[7150]: 01260017:4: Connection attempt to insecure SSL server (see RFC5746) aborteD. 172.16.20.1:443

Oct 25 03:34:33 tmm warning tmm[7150]: 01260017:4: Connection attempt to insecure SSL server (see RFC5746) aborteD. 172.16.20.1:443

Assume 172.16.20.0/24 is attached to the VLAN "internal."

What should the LTM Specialist use to troubleshoot this issue?

A.

curl -d - -k https://172.16.20.1

B.

ssldump -i internal host 172.16.20.1

C.

tcpdump -i internal host 172.16.20.1 > /shared/ssl.pcap ssldump < /shared/ssl.pcap

D.

tcpdump -s 64 -i internal -w /shared/ssl.pcap host 172.16.20.1

Correct Answer: D

To troubleshoot an issue involving an insecure SSL server, the LTM Specialist should capture the traffic using a tool like tcpdump. This would allow for a detailed analysis of the SSL handshake and identify why the connection is being aborted. The command 'tcpdump -s 64 -i internal -w /shared/ssl.pcap host 172.16.20.1' will capture the packets to a file named ssl.pcap, which can later be analyzed using other tools such as Wireshark or ssldump. This way, the specialist can pinpoint the issue with the SSL server.

Discussion

GVKDOption: B

B - Correct