It's a very tricky or wrong question
Partially agree with you, but the correct answer actually should be "B", because the wireshark identify and recognise automatically the TLS as a protocol (Make sure in the next #112 question - TLSv1.2) and also HTTP.
On the one hand in this captured packet there isn't TLS header/layer. Although the port is TCP443, but it doesn't mean that is a HTTPS traffic! It's only a traffic that use TCP443: for extreme idiot example this traffic would be a telnet traffic with modified port number.
On the other hand the HTTP also wrong answer: firstly the wireshark recognise the HTTP also, secondly in this case the bulk data/body is showed in the captured packet as "Hyperttext Transfer Protocol" not as simple "Data [205 byte]"
I know there is a "www" data in the body, but it isn't mean that is a real HTTP packet. And I know the TCP isn't an application protocol, so may be the question also wrong.
But I think the key here is the port/TCP not an upper layer protocol.
A. SSH - port 22
B. TCP - not application protocol (it is a transport protocol)
*C. TLS - port 443
D. HTTP - port 80
The aim of the question is to evaluate if you know the TCP ports and ISO/OSI layers.
D- HTTP is the correct answer.
When using HTTP over TLS (HTTPS) on port 443, the application protocol is still HTTP. However, it is secured using Transport Layer Security (TLS) to encrypt the communication between the client and the server. The combination of HTTP and TLS results in HTTPS, which is the secure version of HTTP. The application layer protocol remains HTTP, but it operates over a secure TLS-encrypted connection, providing confidentiality and integrity for the data exchanged between the client and server.
The destination port number 443 indicates that the application protocol in this PCAP file is HTTPS (HTTP over TLS/SSL). Port 443 is the well-known port for secure HTTP communication, commonly known as HTTPS. In the PCAP file, you can see the TCP SYN and SYN-ACK packets exchanged between the source and destination, followed by TLS handshake packets (PSH, ACK) indicating the establishment of a secure connection. The data in the PCAP file shows the encrypted TLS/SSL payload. Therefore, the application protocol in this PCAP file is HTTPS.
Answer C: The captured frame contains TLS (Transport Layer Security) protocol.
The frame in the PCAP capture shows that the packet is using Transmission Control Protocol (TCP) as the transport layer protocol. However, the data payload in the packet is encrypted and cannot be determined without further analysis.
The presence of port 443 as the destination port in the TCP header suggests that this is a secure web session using HTTPS. HTTPS uses Transport Layer Security (TLS) to provide encryption for the communication. Therefore, the correct answer is C - TLS.
HTTP is not the correct answer because HTTP does not provide encryption for the communication. It is possible that the encrypted data in the packet is related to HTTP traffic, but this cannot be determined from the given information.
SSH is not the correct answer because SSH uses a different port number (usually port 22) and a different protocol for secure shell access.
TLS (Transport Layer Security) is a protocol that is usually implemented at the transport layer of the OSI model. While it is not strictly an application-layer protocol like HTTP or SMTP, it is often used to secure application-layer protocols such as HTTP, SMTP, and FTP. So, depending on the context in which the term "application protocol" is used, TLS may be considered an application protocol or a lower-level protocol. In the context of the given question, where the options were SSH, TCP, TLS, and HTTP, TLS is the most appropriate answer.
Whoever wrote this question has confused everyone by asking which "application layer" protocol is in use, and there is only one application layer protocol in this list (HTTP). The actual protocol being displayed by Wireshark is SSL/TLS but that is a presentation layer protocol. So the question is a mess and needs clearing up.
Correct answer should be D-> HTTP. Show the capure in the PCAP inticate : "www.linuxnint.....http1/1...". Besides that is inside Data ( 205 bytes) . Image why is the complete captute showing all secren?
A TLS session operates over a TCP connection. TLS is responsible for the encryption and the authentication of the SDUs exchanged by the application layer protocol while TCP provides the reliable delivery of this encrypted and authenticated bytestream. TLS is used by many different application layer protocols. The most frequent ones are HTTP (HTTP over TLS is called HTTPS 443).
TCP is layer 4 protocol not layer 7.
SSH = port 22 (standard port number)
TCP = a transport protocol (They ask for a application protocol) so this one is ruled out.
TLS = depending what its used for can be other ports, but in this case i assume they talk about port 443
HTTP = 80 (standard port number)
Now in the packet capture frame 24 the Dst Port shows 443.
I believe TLS is the correct answer here.
This is an ambiguous question since the answer depends on which model you're referencing. Under the OSI model, TLS is a presentation layer protocol, under the TCP/IP model it's an applicatiion protocol. So under the former, the correct answer is HTTP, while under the latter it can be both HTTP and TLS . But since Question 112 explicitly mentions "application protocol", the safe bet here is probably to go with TLS.
This section is not available anymore. Please use the main Exam Page.200-201 Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
skysoft
Highly Voted 3 years, 10 months agotsabee
3 years agomaxson69
2 years, 10 months agomaxson69
2 years, 10 months agomaxson69
2 years, 10 months agobren_
3 years, 10 months agoanonymous1966
Highly Voted 2 years, 3 months agoSecurityGuy
1 year, 2 months agostickerbombmaster
7 months, 2 weeks agoRoBery
Most Recent 9 months, 3 weeks agoStevens0103
1 year, 5 months agoalhamry
1 year, 6 months agoalhamry
1 year, 6 months agoBrickit
1 year, 8 months agoEng_ahmedyoussef
2 years, 1 month agoEntivo
2 years, 3 months agoHeil_Hitlerr
2 years, 3 months agoaplicacion101
2 years, 3 months agosurforlife
2 years, 4 months agoomita
2 years, 9 months agoomita
2 years, 9 months agoanonymous1966
3 years, 1 month agoHarryPotter69
3 years, 1 month agoWorlak
3 years, 2 months agoDPRamone
3 years, 2 months agoVegasBF
3 years, 3 months ago