Performing CyberOps Using Cisco Security Technologies (CBRCOR) — Question 133

How does Wireshark decrypt TLS network traffic?

Answer options

• A. with a key log file using per-session secrets
• B. using an RSA public key
• C. by observing DH key exchange
• D. by defining a user-specified decode-as

Correct answer: A

Explanation

The correct answer is A because Wireshark can utilize a key log file that contains per-session secrets to decrypt TLS traffic effectively. Options B and C are incorrect as they refer to methods that do not apply to session-specific decryption in this context, and option D does not relate to the standard decryption process for TLS.