-- Exhibit –
-- Exhibit --
Refer to the exhibit.
An LTM Specialist is reviewing the 'test' partition.
Which objects, in order, can be removed from the partition?
Refer to the exhibit.
During maintenance, the BIG-IP Administrator manually disables a pool member as shown.
What is the result?
A BIG-IP Administrator must determine if a Virtual Address is configured to fail over to the standby member of a device group in which area of the Configuration Utility can this be confirmed?
A 8IG-IP device is replaced with an RMA device. The BIG-IP Administrator renews the license and tries to restore the configuration from a previously generated UCS archive on the RMA device. The device configuration is NOT fully loading. What is causing the configuration load to fail?
These log entries can have different root causes:
Jun 28 05:01:21 LTM_A notice mcpd[27545]: 0107143a:5: CMI reconnect timer: enabled
Jun 28 05:01:21 LTM_A notice mcpd[27545]: 01071431:5: Attempting to connect to CMI peer 1.1.1.2 port 6699
Jun 28 05:01:21 LTM_A notice mcpd[27545]: 01071432:5: CMI peer connection established to 1.1.1.2 port 6699
Jun 28 05:01:26 LTM_A notice mcpd[27545]: 0107143a:5: CMI reconnect timer: disabled, all peers are connected
Which two commands should be used to obtain additional information on these entries? (Choose two.)
A new HITP server has been deployed on an LTM device. The application running on the server must be monitored by the LIM device. The following is required:
A new HITP server has been deployed on an LTM device. The application running on theserver must be monitored by the LIM device. The following is required:
When the server is unavailable, it will send an HTTP status code of 200 in response to a request for the status html page.
When the server is available. I will send and HTTP status code of 201 in response to a request for the status html page.
When the 200 status code is received, the pool member should receive No new connections.
Which configuration change should be made to meet these requirements?
A new VLAN vlan301 has been configured on a highly available LTM device in partition ApplicationA. A new directly connected backend server has been placed on vlan301. However, there are connectivity issues pinging the default gateway. The VLAN self IPs configured on the LTM devices are 192.168.0.251 and 192.168.0.252 with floating IP 192.168.0.253. The LTM Specialist needs to perform a packet capture to assist with troubleshooting the connectivity.
Which command should the LTM Specialist execute on the LTM device command line interface to capture the attempted pings to the LTM device default gateway on VLAN vlan301?
Which two items can be logged by the Application Visibility Reporting analytics profile? (Choose two.)
Refer to the exhibit.
A user notifies the BIG-IP Administrator that http://remote company.com is NOT accessible. Remote
access to company resources must be encrypted.
What should the BIG-IP Administrator do to fix the issue?
set payload {CACHE :: payload}
}
Which two profiles should be used on the virtual server? (Choose two.)
-- Exhibit –
-- Exhibit --
Refer to the exhibit.
An HTTP monitor always marks the nodes in the pool as down. The monitor's definition and the HTTP headers from the monitor request and response are provided.
What is the issue?
A BIG-IP device has only LTM and ASM modules provisioned. Both have nominal provisioning level. The BI6-IP Administrator wants to dedicate more resources to the LTM module. The ASM module must remain enabled. Which tmsh command should the BIG-IP Administrator execute to obtain the desired result?
A BIG-IP Administrator adds new Pool Members into an existing, highly utilized pool. Soon after, there are reports that the application is failing to load for some users. What pool level setting should the BIG-IP Administrator check?
When importing a PEM formatted SSL certificate, which text needs to appear first in the file?
-- Exhibit –
-- Exhibit --
Refer to the exhibit.
An LTM Specialist is reviewing the virtual server configuration on an LTM device.
Which two actions should the LTM Specialist perform to minimize the virtual server configuration? (Choose two.)
An LTM Specialist needs to configures virtual server that uses PVA or OPVA Which virtual server type should be used?
-- Exhibit –
-- Exhibit --
Refer to the exhibit.
A web application is configured to allow sessions to continue even after a user computer is shut down for the night. A new LTM device is configured to load balance the web application to several servers. The application owner reports that application users are logged out of the web application whenever their browser is restarted or computer is rebooted.
What is the problem?
A BIG-IP Administrator needs to restore a UCS file to an F5 device using the Configuration Utility. Which section of the Configuration Utility should the BIG-IP Administrator access to perform this task?
Users are experiencing low throughput when downloading large files over a high-speed WAN connection. Extensive packet loss was found to be an issue but CANNOT be eliminated.
Which two TCP profile settings should be modified to compensate for the packet loss in the network? (Choose two.)
-- Exhibit –
-- Exhibit --
Refer to the exhibit.
An LTM Specialist is troubleshooting a virtual server. Both the virtual server and the pool are showing blue squares for their statuses, and new clients report receiving "The connection was reset" through their browsers. Connections directly to the pool member are successful.
What is the issue?
A 8IG-IP Administrator configures a node with a standard icmp Health Monitor. The Node shows as DOWN although the Backend Server is configured to answer ICMP requests. Which step should the administrator take next to find the root cause of this issue?
An LTM Specialist has noticed in the audit log that there are numerous attempts to loginto the Admin account. Theses attempts are sourced from a suspicious IP address range to the Configuration Utility of the LTM device.
How should the LTM Specialist block these attempts?
Refer to the exhibit.
During a planned upgrade lo a BIG-IP HA pair running Active/Standby, an outage to application traffic is reported shortly after the Active unit is forced to Standby Reverting the flower resolves the outage. What should the BIG-IP Administrator modify to avoid an outage during the next for over event?
An TLM Specialist has an Exchange that must use the LTM device to route traffic to the internet.
Which SNAT/NAT configure allows the Exchange server’s traffic access the internet through the LTM device?
Refer of the exhibit.
The 816-IP Administrator runs the command shown and observes a device trust issue between BIG-IP
devices in a device group. The issue prevents config sync on device bigip3.local.
What is preventing the config sync?
A custom HTTP monitor is failing to a pool member 10.10.3.75:8080 that serves up www.example.com.
A ping works to the pool member address.
The SEND string that the monitor is using is: GET/HTTP/l.l/r/n/Host.www.example.com/r/n/Connection
Close/r/n/r/n
Which CLI tool syntax will show that the web server returns the correct HTTP response?
-- Exhibit –
-- Exhibit --
Refer to the exhibit.
A user is unable to access a secure application via a virtual server.
What is the cause of the issue?
An LTM device has been configured to log the reasons for generating TCP RST packets.
The following log entry occurs:
"01230140:3: RST sent from 192.168.1.100:80 to 192.168.1.124:39272, [0x112d82a:1721] {peer} TCP RST from remote system."
Which condition will trigger this log entry?
-- Exhibit –
-- Exhibit --
Refer to the exhibit.
An LTM Specialist is troubleshooting an HTTP monitor that is marking a pool member as down. Connecting to the pool member directly through a browser shows the application is up and functioning correctly.
ltm monitor http http_mon {
defaults-from http
destination *:*
interval 5
recv "200 OK"
send "GET /\\r\\n"
time-until-up 0
timeout 16
}
What is the issue?
A user is having issues with connectivity to an HTTPS virtual server. The virtual server is on the LTM device's external vlan, and the pools associated with the virtual server are on the internal vlan. An LTM Specialist does a tcpdump on the external interface and notices that the host header is incomplete.
In which location should the LTM Specialist put a traffic analyzer to gather the most pertinent data?
A user needs to determine known security vulnerabilities on an existing BIG-IP appliance and how to
remediate these vulnerabilities.
Which action should the BIG-IP Administrator recommend?
-- Exhibit –
-- Exhibit --
Refer to the exhibits.
An LTM device has been configured for load balancing a number of different application servers. Configuration changes need to be made to the LTM device to allow administrative management of the servers in 172.16.10/24, 172.16.20/24, and 172.16.30/24 networks. The servers require outbound access to numerous destinations for operations.
Which solution has the simplest configuration changes while maintaining functionality and basic security?
An LTM Specialist needs to deploy a virtual server that will load balance traffic targeting https://register.example.com to a set of three web servers. Persistence needs to be ensured. No persistence mirroring is allowed SSL offloading is required.
A fourth web server with fewer resources will be used to handle requests from engine bots to https://register.example.comvrobots.txt by an iRule. The (Rule will use the HTTP_REQUEST event. .
What are the required profile and persistence settings to implement this
A BIG-IP Administrator explicitly creates a traffic group on a BIG-IP device.
Which two types of configuration objects can be associated with this traffic group? (Choose two.)
A customer needs to intercept all of the redirects its application is sending to clients. When a redirect is matched, the customer needs to log a message including the client IP address.
Which iRule should be used?
While investigating the cause of a device failover, an LTM Specialist discovers the following events in /var/log/ltm:
01010029:5: Clock advanced by 518 ticks
01010029:5: Clock advanced by 505 ticks
01010029:5: Clock advanced by 590 ticks
01010029:5: Clock advanced by 568 ticks
01010029:5: Clock advanced by 1681 ticks
01010029:5: Clock advanced by 6584 ticks
01140029:5: HA daemon_heartbeat tmm fails action is failover and restart.
010c0026:5: Failover condition, active attempting to go standby.
Which issue caused the failover?
-- Exhibit –
-- Exhibit --
Refer to the exhibits.
How should the LTM Specialist minimize the configuration?
The network team has recently added a new syslog server with IP address 10.1.1.1.
Which command adds the new syslog entry on the F5 LTM device?
A)
B)
C)
D)
A BIG-IP Administrator reviews the Plane CPU Usage performance chart and discovers a high percentage
of Control Plane utilization.
Which type of traffic does this indicate a higher usage of?
An LTM specialist needs to upgrade a VCMP quest in an HA Setup with minimum interruption for all VCMP guestinstances.
In which should the LTM Specialist perform this upgrade?
A virtual serverconfiguration for traffic destined to a server is as shown:
HTTP traffic is destined to the 10 10.20.1 server from the source
Based on precedence, which virtual server accepts this traffic?
A BIG-IP Administrator wants to add a new Self IP to the BIG-IP device. Which item should be assigned to the new Self IP being configured?
An LTM Specialist wants to allow access to the Always On Management (AOM) from the network.
Which two methods should the LTM Specialist use to configure the AOM interface? (Choose two.)
To improve application security, an LTM Specialist must configure a BIG application access. The BIG IPsystem to authenticate the client certificate before permitting application access. The BIG-IP system must also support the ability to red to redirect users to a certificate enrolment system without generating a browser error.
Within the Client SSL profile, which value should the LTM Specialist select for the Client Certificate option?
An LTM Specialist is working with an LTM device configured with 10 virtual servers on the same domain with a different key/cert pair per virtual. For examplE. www.example.com; ftp.example.com; ssh.example.com; ftps.example.com.
What should the LTM Specialist do to reduce the number of objects on the LTM device?
A BIG-IP Administrator notices that one of the servers that runs an application is NOT receiving any traffic. The BIG-IP Administrator examines the configuration status of the application and observes the displayed monitor configuration and affected Pool Member status. What is the possible cause of this issue?
Remote users who access the LTM device are authenticated via Radius. The default remote user role is Guest Some users need LTM device with the Administrator role. The F5 Radius attributes are configure on the Radius server.
Which configuration item needs to be created?
An LTM Specialist needs to terminate client SSL traffic and based on the cookie presented by client.
Which set of profiles should the LTM Specialist use?
An LTM Specialist configures a new HTTP virtual server on an LTM device external VLAN. The web servers are connected to the LTM device internal VLAN. Clients trying to connect to the virtual server are unable to establish a connection. A packet capture shows an HTTP response from a web server to the client and then a reset from the client to the web server.
From which two locations could the packet capture have been collected? (Choose two.)
AnLTM specialist needs to create a new account with the admin role called "newadmin' and access to all partitions.
Which tmsh command should be executed?
-- Exhibit --
-- Exhibit --
Refer to the exhibit.
A company uses a complex piece of client software that connects to one or more virtual servers (VS) hosted on an LTM device. The client software is experiencing issues. An LTM Specialist must determine the cause of the problem.
The LTM Specialist is seeing a client source IP of 168.210.232.5 in the tcpdump. However, the client source IP is actually 10.123.17.12.
Why does the IP address of 10.123.17.12 fail to appear in the tcpdump?
A BIG-IP Administrator uses backend servers to host multiple services per server. There are multiple virtual servers and pools defined, referencing the same backend servers.
Which load balancing algorithm is most appropriate to have an equal number of connections on each backend server?
An LTM Specialist needs to create two virtual servers.
The application has links for both HTTP and HTTPS version of application. The client must be persistence to a pool member, no matter which virtual server isaccessed.
What must be selected in the Source Address Affinity persistence profile?
OneLTM device in an HA pair of LTM devices is unable to reach its default gateway. An HA Failover event needs to happen.
Which configuration item enables this behavior?
A BIG-IP Administrator discovers malicious brute-force attempts to access the BIG-IP device on the management interface via SSH. The BIG-IP Administrator needs to restrict SSH access to the
management interface.
Where should this be accomplished?
An LTM Specialist must perform a packet capture on a virtual server with an applied standard FastL4 profile. The virtual server 10.0.0.1:443 resides on vlan301.
Which steps should the LTM Specialist take to capture the data payload successfully while ensuring no other virtual servers are affected?
Refer to the exhibit.
Which two pool members are eligible to receive new connections? (Choose two)
A Client makes the request displayed below to the application server.
Which virtual server type should an LTM Specialist use to load balance based on the URI?
.A. Forwarding (Layer 2)
B. Stateless
C.Standard
D. Performance (Layer 4)
Refer to the exhibit.
A BIG-IP Administrator configures a Virtual Server to handle HTTPS traffic. Users report that the
application is NOT working.
Which actional configuration is regard to resolve this issue?
A development team needs to apply a software fix and troubleshoot one of its servers. The BIG-IP Administrator needs to immediately remove all connections from the BIG-IP system to the back end server. The BIG-IP Administrator checks the Virtual Server configuration and finds that a persistence profile is assigned to it. What should the 8IG-IP Administrator do to meet this requirement?
-- Exhibit –
-- Exhibit --
Refer to the exhibits.
Users are able to access the application when connecting directly to the web server but are unsuccessful when connecting to the virtual server. Return traffic bypasses the LTM device using Layer 2 nPath routing.
Which configuration change resolves this problem?
An LTM device is configure with the wildcard virtual servers displayed below.
A client connection is made to 172.24.31.14:443.
A BIG-IP Administrator wants to add the ASM Module to an HA pair of BIG-IP devices. The BIG-IP Administrator has already installed a new Add-On License on both devices in the HA pair. What should the BIG-IP Administrator do next to use the module?
-- Exhibit –
-- Exhibit --
Refer to the exhibit.
An LTM Specialist configures a virtual server that balances HTTP connections to a pool of three application servers. Approximately one out of every three connections to the virtual server fails.
Which two actions will resolve the problem? (Choose two.)
An application is making heavy use of a large, high-quality JPEG image file. An LTM Specialist needs to enhance page load times without increasing server load.
Which profile should be applied to the virtual server to perform this task?
An LTM Specialist is creating a custom EAV monitor.
In which directory should the LTM Specialist upload the script?
-- Exhibit –
-- Exhibit --
Refer to the exhibit.
The decoded TCPDump capture is a trace of a failing health monitor. The health monitor is sending the string shown in the capture; however, the server response is NOT as expected. The receive string is set to 'SERVER IS UP'.
What is the solution?
Refer to the exhibit.
A BIG-IP Administrator configures a now VLAN on an HA pair of devices that does NOT yet have any
traffic. This action causes the assigned traffic group to fail over to the standby device.
Which VLAN setting should be changed to prevent this issue?
A new web application is being deployed Mutual SSL authentication must be used to authenticate clients.
Which of the following two tasks must be completed to meet therequirements? (Choose two)
A VCMP guest has the following characteristics:
• Resources allocated for CPU memory, network interfaces, and disk space
• Virtual disk created
• The guest is NOT running
The guest isNOT running in which state is the VCMP guest
An LTM Specialist needs to gather website statistics such as latency and throughput on the existing virtual server. This virtual server loadBalances the backend web servers.
Which F5 feature will provide this?
An LTM Specialist is troubleshooting an issue where one LTM device in a three LTM device group is failing to synchronize after a synchronize to group command is issued. The LTM Specialist verifies there are no packet filters, port lock down, or network issues preventing the connection.
What are two reasons the synchronization group is having issues? (Choose two.)
An LTM Specialist sees these entries in /var/log/ltm:
Oct 25 03:34:31 tmm warning tmm[7150]: 01260017:4: Connection attempt to insecure SSL server (see RFC5746) aborteD. 172.16.20.1:443
Oct 25 03:34:32 tmm warning tmm[7150]: 01260017:4: Connection attempt to insecure SSL server (see RFC5746) aborteD. 172.16.20.1:443
Oct 25 03:34:32 tmm warning tmm[7150]: 01260017:4: Connection attempt to insecure SSL server (see RFC5746) aborteD. 172.16.20.1:443
Oct 25 03:34:32 tmm warning tmm[7150]: 01260017:4: Connection attempt to insecure SSL server (see RFC5746) aborteD. 172.16.20.1:443
Oct 25 03:34:32 tmm warning tmm[7150]: 01260017:4: Connection attempt to insecure SSL server (see RFC5746) aborteD. 172.16.20.1:443
Oct 25 03:34:33 tmm warning tmm[7150]: 01260017:4: Connection attempt to insecure SSL server (see RFC5746) aborteD. 172.16.20.1:443
Assume 172.16.20.0/24 is attached to the VLAN "internal."
What should the LTM Specialist use to troubleshoot this issue?
TESTED 24 Nov 2024
