New Year Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: cramtick70

303 BIG-IP ASM Specialist Questions and Answers

Questions 4

-- Exhibit –

-- Exhibit --

Refer to the exhibit.

An LTM Specialist is reviewing the 'test' partition.

Which objects, in order, can be removed from the partition?

Options:

A.

delete pool test1_pool, delete node 10.1.1.2

B.

delete node 10.1.1.2, delete pool test2_pool

C.

delete pool test1_pool, delete node 10.1.1.2, delete node 10.1.1.1

D.

delete virtual test1_vs, delete pool test2_pool, delete node 10.1.1.1

E.

delete pool test1_pool, delete pool test2_pool, delete node 10.1.1.3

Buy Now
Questions 5

Refer to the exhibit.

During maintenance, the BIG-IP Administrator manually disables a pool member as shown.

What is the result?

Options:

A.

All pool members continue to process persistent connections

B.

All pool members stop accepting new connections.

C.

The disabled pool member stops processing persistent connections.

D.

The disabled pool member stops processing existing connections

Buy Now
Questions 6

A BIG-IP Administrator must determine if a Virtual Address is configured to fail over to the standby member of a device group in which area of the Configuration Utility can this be confirmed?

Options:

A.

Device Management > Traffic Groups

B.

Device Management > Devices

C.

Local Traffic > Virtual Servers

D.

Device Management > Overview

Buy Now
Questions 7

A 8IG-IP device is replaced with an RMA device. The BIG-IP Administrator renews the license and tries to restore the configuration from a previously generated UCS archive on the RMA device. The device configuration is NOT fully loading. What is causing the configuration load to fail?

Options:

A.

The Device Group is NOT configured for Full Sync.

B.

The US does NOT contain the full config

C.

The clock is NOT set correctly

D.

The Master Key is NOT restored

Buy Now
Questions 8

These log entries can have different root causes:

Jun 28 05:01:21 LTM_A notice mcpd[27545]: 0107143a:5: CMI reconnect timer: enabled

Jun 28 05:01:21 LTM_A notice mcpd[27545]: 01071431:5: Attempting to connect to CMI peer 1.1.1.2 port 6699

Jun 28 05:01:21 LTM_A notice mcpd[27545]: 01071432:5: CMI peer connection established to 1.1.1.2 port 6699

Jun 28 05:01:26 LTM_A notice mcpd[27545]: 0107143a:5: CMI reconnect timer: disabled, all peers are connected

Which two commands should be used to obtain additional information on these entries? (Choose two.)

Options:

A.

tmsh show /sys mcpd

B.

bigstart status mcpd

C.

tmsh modify /sys db log.mcpd.level value debug

D.

tmsh modify /sys db log.cmi.level value debug

Buy Now
Questions 9

A new HITP server has been deployed on an LTM device. The application running on the server must be monitored by the LIM device. The following is required:

A new HITP server has been deployed on an LTM device. The application running on theserver must be monitored by the LIM device. The following is required:

When the server is unavailable, it will send an HTTP status code of 200 in response to a request for the status html page.

When the server is available. I will send and HTTP status code of 201 in response to a request for the status html page.

When the 200 status code is received, the pool member should receive No new connections.

Which configuration change should be made to meet these requirements?

Options:

A.

set the Send String to GET/status html and the Receive String to 200 and Receive Disable String to 201.

B.

set the Send String to GET Arian and the Receive String to 200 and Receive Disable String to 201.

C.

set the Send String to GET Arian and the Receive Disable String to 200 andReceive String to 201.

D.

set the Send String to Get /status html and the Receive Disable String to 200 and Receive String to 201.

Buy Now
Questions 10

A new VLAN vlan301 has been configured on a highly available LTM device in partition ApplicationA. A new directly connected backend server has been placed on vlan301. However, there are connectivity issues pinging the default gateway. The VLAN self IPs configured on the LTM devices are 192.168.0.251 and 192.168.0.252 with floating IP 192.168.0.253. The LTM Specialist needs to perform a packet capture to assist with troubleshooting the connectivity.

Which command should the LTM Specialist execute on the LTM device command line interface to capture the attempted pings to the LTM device default gateway on VLAN vlan301?

Options:

A.

tcpdump -ni /ApplicationA/vlan301 'host 192.168.0.253'

B.

tcpdump -ni vlan301 'host 192.168.0.253'

C.

tcpdump -ni /ApplicationA/vlan301 'host 192.168.0.251 or host 192.168.0.252'

D.

tcpdump -ni vlan301 'host 192.168.0.251 or host 192.168.0.252'

Buy Now
Questions 11

Which two items can be logged by the Application Visibility Reporting analytics profile? (Choose two.)

Options:

A.

User Agent

B.

HTTP version

C.

HTTP Response Codes

D.

Per Virtual Server CPU Utilization

Buy Now
Questions 12

Refer to the exhibit.

A user notifies the BIG-IP Administrator that http://remote company.com is NOT accessible. Remote

access to company resources must be encrypted.

What should the BIG-IP Administrator do to fix the issue?

Options:

A.

Change the Listening Port on remote.company.com_vs to Port 80

B.

Add a Pool to the Virtual Server remote.company.com_VS

C.

Add an iRule to remote.company.com_vs to redirect Traffic to HTTPS

D.

Change the Type of the Virtual Server remote.company.com_vs to Forwarding

Buy Now
Questions 13

set payload {CACHE :: payload}

}

Which two profiles should be used on the virtual server? (Choose two.)

Options:

A.

http-transparent

B.

http compression

C.

http

D.

webacceleration

E.

stream

Buy Now
Questions 14

-- Exhibit –

-- Exhibit --

Refer to the exhibit.

An HTTP monitor always marks the nodes in the pool as down. The monitor's definition and the HTTP headers from the monitor request and response are provided.

What is the issue?

Options:

A.

The response is compressed.

B.

The send string is incorrect.

C.

The monitor timeout is too short.

D.

The monitor is NOT configured to follow the redirect.

Buy Now
Questions 15

A BIG-IP device has only LTM and ASM modules provisioned. Both have nominal provisioning level. The BI6-IP Administrator wants to dedicate more resources to the LTM module. The ASM module must remain enabled. Which tmsh command should the BIG-IP Administrator execute to obtain the desired result?

Options:

A.

modify/sys provision asm level minimum

B.

modify /sys provision Itm level dedicated

C.

modify /sys provision asm level none

D.

modify /sys provision Itm level minimum

Buy Now
Questions 16

A BIG-IP Administrator adds new Pool Members into an existing, highly utilized pool. Soon after, there are reports that the application is failing to load for some users. What pool level setting should the BIG-IP Administrator check?

Options:

A.

Availability Requirement

B.

Allow SNAT

C.

Action On Service Down

D.

Slow Ramp Time

Buy Now
Questions 17

Refer to the exhibit.

How long will the persistence record remain in the table?

Options:

A.

180 seconds after the last packet

B.

180 seconds after the initial table entry

C.

300 seconds after the initial table entry

D.

300 seconds after the last packet

Buy Now
Questions 18

When importing a PEM formatted SSL certificate, which text needs to appear first in the file?

Options:

A.

--START CERTIFICATE....

B.

...BEGIN CERTIFICATE....

C.

...SECURITY CERTIFICATE....

D.

...SSL CERTIFICATE....

Buy Now
Questions 19

-- Exhibit –

-- Exhibit --

Refer to the exhibit.

An LTM Specialist is reviewing the virtual server configuration on an LTM device.

Which two actions should the LTM Specialist perform to minimize the virtual server configuration? (Choose two.)

Options:

A.

Remove 'snat automap' from the virtual server.

B.

Remove the 'http' profile from the virtual server.

C.

Remove the 'default_class' from the virtual server.

D.

Combine 'acct_class' and 'marketing_class' into one class and update associations on the virtual server.

E.

Combine 'marketing_class' and 'default_class' into one class and update associations on the virtual server.

Buy Now
Questions 20

An LTM Specialist needs to configures virtual server that uses PVA or OPVA Which virtual server type should be used?

Options:

A.

Stateless

B.

Performance (HTTP)

C.

Standard

D.

Performance (Layer 4)

Buy Now
Questions 21

-- Exhibit –

-- Exhibit --

Refer to the exhibit.

A web application is configured to allow sessions to continue even after a user computer is shut down for the night. A new LTM device is configured to load balance the web application to several servers. The application owner reports that application users are logged out of the web application whenever their browser is restarted or computer is rebooted.

What is the problem?

Options:

A.

The virtual server does NOT have persistence configured.

B.

The virtual server does NOT have persistence mirroring configured.

C.

The cookie set by the LTM device does NOT have an "Expires" value.

D.

The cookie set by the server is NOT being passed to client by the LTM device.

Buy Now
Questions 22

A BIG-IP Administrator needs to restore a UCS file to an F5 device using the Configuration Utility. Which section of the Configuration Utility should the BIG-IP Administrator access to perform this task?

Options:

A.

Local Traffic > Virtual Servers

B.

Local Traffic > Policies

C.

System > Archives

D.

System > Configuration

Buy Now
Questions 23

Refer to the exhibit.

Which Pool Members are receiving traffic?

Options:

A.

Serv1, serv2,serv3, serv4

B.

serv1, serv3

C.

serv1, serv3, serv4

D.

serv1

Buy Now
Questions 24

Users are experiencing low throughput when downloading large files over a high-speed WAN connection. Extensive packet loss was found to be an issue but CANNOT be eliminated.

Which two TCP profile settings should be modified to compensate for the packet loss in the network? (Choose two.)

Options:

A.

slow start

B.

proxy options

C.

proxy buffer low

D.

proxy buffer high

E.

Nagle's algorithm

Buy Now
Questions 25

-- Exhibit –

-- Exhibit --

Refer to the exhibit.

An LTM Specialist is troubleshooting a virtual server. Both the virtual server and the pool are showing blue squares for their statuses, and new clients report receiving "The connection was reset" through their browsers. Connections directly to the pool member are successful.

What is the issue?

Options:

A.

The pool member is disabled.

B.

The node is marked as disabled.

C.

The HTTP profile has incorrect settings.

D.

The virtual server is disabled on all VLANs.

Buy Now
Questions 26

A 8IG-IP Administrator configures a node with a standard icmp Health Monitor. The Node shows as DOWN although the Backend Server is configured to answer ICMP requests. Which step should the administrator take next to find the root cause of this issue?

Options:

A.

Run a curl Run a qkview

B.

Run a qkview

C.

Runatcpdump

D.

Runanssldump

Buy Now
Questions 27

An LTM Specialist has noticed in the audit log that there are numerous attempts to loginto the Admin account. Theses attempts are sourced from a suspicious IP address range to the Configuration Utility of the LTM device.

How should the LTM Specialist block these attempts?

Options:

A.

add the permitted source IP addresses to the httpd allow list viatmsh

B.

add the suspicious source IP addresses to the httpd deny list via tmsh

C.

add the suspicious source IP addresses to the httpd deny list via Configuration Utility

D.

add the permitted source IP addresses to the allow list viaConfiguration Utility

Buy Now
Questions 28

Refer to the exhibit.

During a planned upgrade lo a BIG-IP HA pair running Active/Standby, an outage to application traffic is reported shortly after the Active unit is forced to Standby Reverting the flower resolves the outage. What should the BIG-IP Administrator modify to avoid an outage during the next for over event?

Options:

A.

The Tag voice on the Standby device

B.

The interface on the Active device to 1.1

C.

The Tag value on the Active device

D.

The Interface on the Standby device to 1.1

Buy Now
Questions 29

An TLM Specialist has an Exchange that must use the LTM device to route traffic to the internet.

Which SNAT/NAT configure allows the Exchange server’s traffic access the internet through the LTM device?

Options:

A.

NAT

B.

SNAT Pool

C.

SNAT List

D.

SNAT Automap

Buy Now
Questions 30

Refer of the exhibit.

The 816-IP Administrator runs the command shown and observes a device trust issue between BIG-IP

devices in a device group. The issue prevents config sync on device bigip3.local.

What is preventing the config sync?

Options:

A.

Next Active Load factor is 0 on bigip1.local

B.

Both devices are standby

C.

Next Active Load factor is 1 on bigip1.local

D.

Time Delta to local system is 12

Buy Now
Questions 31

A custom HTTP monitor is failing to a pool member 10.10.3.75:8080 that serves up www.example.com.

A ping works to the pool member address.

The SEND string that the monitor is using is: GET/HTTP/l.l/r/n/Host.www.example.com/r/n/Connection

Close/r/n/r/n

Which CLI tool syntax will show that the web server returns the correct HTTP response?

Options:

A.

curlhttp://10.10.10.3.75:8080/www.example.com/index.html

B.

curl-header 'Host:www.example.com' http://10.10.3.75:8080/

C.

tracepath 'http://www.example.com:80

D.

tracepath 10.10.3.75:8080 GET /index

Buy Now
Questions 32

-- Exhibit –

-- Exhibit --

Refer to the exhibit.

A user is unable to access a secure application via a virtual server.

What is the cause of the issue?

Options:

A.

The client authentication failed.

B.

The virtual server does NOT have a pool configured.

C.

The client and server CANNOT agree on a common cipher.

D.

The virtual server does NOT have a client SSL profile configured.

Buy Now
Questions 33

An LTM device has been configured to log the reasons for generating TCP RST packets.

The following log entry occurs:

"01230140:3: RST sent from 192.168.1.100:80 to 192.168.1.124:39272, [0x112d82a:1721] {peer} TCP RST from remote system."

Which condition will trigger this log entry?

Options:

A.

A virtual server connection limit has been reached.

B.

The host at the other end terminated the TCP connection.

C.

The LTM device reset the connection because no pool members are available.

D.

The LTM device has reached the maximum number of allowed attempts to send the data segment to the affected TCP connection.

Buy Now
Questions 34

-- Exhibit –

-- Exhibit --

Refer to the exhibit.

An LTM Specialist is troubleshooting an HTTP monitor that is marking a pool member as down. Connecting to the pool member directly through a browser shows the application is up and functioning correctly.

ltm monitor http http_mon {

defaults-from http

destination *:*

interval 5

recv "200 OK"

send "GET /\\r\\n"

time-until-up 0

timeout 16

}

What is the issue?

Options:

A.

The HTTP headers are compressed.

B.

The pool member is responding with a 404.

C.

The pool member is responding without HTTP headers.

D.

The request is NOT being received by the pool member.

Buy Now
Questions 35

A user is having issues with connectivity to an HTTPS virtual server. The virtual server is on the LTM device's external vlan, and the pools associated with the virtual server are on the internal vlan. An LTM Specialist does a tcpdump on the external interface and notices that the host header is incomplete.

In which location should the LTM Specialist put a traffic analyzer to gather the most pertinent data?

Options:

A.

server

B.

external VLAN

C.

internal VLAN

D.

client machine

Buy Now
Questions 36

A user needs to determine known security vulnerabilities on an existing BIG-IP appliance and how to

remediate these vulnerabilities.

Which action should the BIG-IP Administrator recommend?

Options:

A.

Verify the TMOS version and review the release notes

B.

Create a UCS archive and upload to Health

C.

Create a UCS archive and open an F5 Support request

D.

Generate a view and upload to Heath

Buy Now
Questions 37

-- Exhibit –

-- Exhibit --

Refer to the exhibits.

An LTM device has been configured for load balancing a number of different application servers. Configuration changes need to be made to the LTM device to allow administrative management of the servers in 172.16.10/24, 172.16.20/24, and 172.16.30/24 networks. The servers require outbound access to numerous destinations for operations.

Which solution has the simplest configuration changes while maintaining functionality and basic security?

Options:

A.

Remove 172.16.10.0:0/24, 172.16.20.0:0/24, and 172.16.30.0:0/24, and keep 0.0.0.0:0/0.0.0.0 enabled on all VLANs.

B.

Replace 172.16.10.0:0/24, 172.16.20.0:0/24, and 172.16.30.0:0/24, with 172.16.0.0:0/16, and keep 0.0.0.0:0/0.0.0.0.

C.

Enable 172.16.10.0:0/24, 172.16.20.0:0/24, and 172.16.30.0:0/24 on ingress VLAN(s), and enable 0.0.0.0:0/0.0.0.0 on egress VLAN(s).

D.

Enable 172.16.10.0:0/24, 172.16.20.0:0/24, and 172.16.30.0:0/24 on egress VLAN(s), and enable 0.0.0.0:0/0.0.0.0 on ingress VLAN(s).

Buy Now
Questions 38

An LTM Specialist needs to deploy a virtual server that will load balance traffic targeting https://register.example.com to a set of three web servers. Persistence needs to be ensured. No persistence mirroring is allowed SSL offloading is required.

A fourth web server with fewer resources will be used to handle requests from engine bots to https://register.example.comvrobots.txt by an iRule. The (Rule will use the HTTP_REQUEST event. .

What are the required profile and persistence settings to implement this

Options:

A.

tcp. dientssl, hup, source address persistence

B.

tcp, clientssl, http. cookie persistence

C.

tcp, clientssl, serverssl, ssl persistence

D.

tcp, clientssl, http, serverssl cookie persistence

Buy Now
Questions 39

A BIG-IP Administrator explicitly creates a traffic group on a BIG-IP device.

Which two types of configuration objects can be associated with this traffic group? (Choose two.)

Options:

A.

Pool Members

B.

Virtual Addresses

C.

iRules

D.

VLANS

E.

Application Instances

Buy Now
Questions 40

A customer needs to intercept all of the redirects its application is sending to clients. When a redirect is matched, the customer needs to log a message including the client IP address.

Which iRule should be used?

Options:

A.

when HTTP_RESPONSE {

if { [HTTP::is_3xx] } {

log local0. "redirecting client ip address [IP::addr [IP::remote_addr]]"

}

}

B.

when HTTP_REQUEST {

if { [HTTP::is_301] } {

log local0. "redirecting client ip address [IP::addr [IP::remote_addr]]"

}

}

C.

when HTTP_REQUEST {

if { [HTTP::is_redirect] } {

log local0. "redirecting client ip address [IP::addr [IP::remote_addr]]"

}

}

D.

when HTTP_RESPONSE {

if { [HTTP::is_redirect] } {

log local0. "redirecting client ip address [IP::addr [IP::remote_addr]]"

}

}

Buy Now
Questions 41

While investigating the cause of a device failover, an LTM Specialist discovers the following events in /var/log/ltm:

01010029:5: Clock advanced by 518 ticks

01010029:5: Clock advanced by 505 ticks

01010029:5: Clock advanced by 590 ticks

01010029:5: Clock advanced by 568 ticks

01010029:5: Clock advanced by 1681 ticks

01010029:5: Clock advanced by 6584 ticks

01140029:5: HA daemon_heartbeat tmm fails action is failover and restart.

010c0026:5: Failover condition, active attempting to go standby.

Which issue caused the failover?

Options:

A.

NTP being out of sync

B.

TMM being descheduled

C.

VLAN Fail-safe heartbeats

D.

HA missing heartbeat packets

Buy Now
Questions 42

-- Exhibit –

-- Exhibit --

Refer to the exhibits.

How should the LTM Specialist minimize the configuration?

Options:

A.

Remove the pool member level monitors.

B.

The configuration is as minimized as possible.

C.

Create a single monitor and apply it to each pool member.

D.

Create a single monitor, apply it to the pool, and remove the pool member level monitors.

Buy Now
Questions 43

The network team has recently added a new syslog server with IP address 10.1.1.1.

Which command adds the new syslog entry on the F5 LTM device?

A)

B)

C)

D)

Options:

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Buy Now
Questions 44

A BIG-IP Administrator reviews the Plane CPU Usage performance chart and discovers a high percentage

of Control Plane utilization.

Which type of traffic does this indicate a higher usage of?

Options:

A.

Administrative

B.

Tunnel

C.

Accelerated ,

D.

Application

Buy Now
Questions 45

An LTM specialist needs to upgrade a VCMP quest in an HA Setup with minimum interruption for all VCMP guestinstances.

In which should the LTM Specialist perform this upgrade?

Options:

A.

Relicense the host. Failover all guest’s active traffic-groups to the other host, copy image to gest, create guest UCS install and set boot location to new volume, reboot

B.

Failover this specific guest’s active traffic-group to the other Host, Relicense the guest, copy image to guest , create guest UCS, install and set boot location to new volume, reboot

C.

Failover all guests’ active traffic-group to the other Host, Relicense the host, copy image to guest, create guest UCS, install and set boot location to new volume , reboot

D.

Failover all guests’ active traffic-group to the other host, copy image to guest, create guest UCS install and set boot location to new volume, reboot, Relicense the host

Buy Now
Questions 46

A virtual serverconfiguration for traffic destined to a server is as shown:

HTTP traffic is destined to the 10 10.20.1 server from the source

Based on precedence, which virtual server accepts this traffic?

Options:

A.

MyvS1

B.

MyVS2

C.

MyVS3

D.

MyVS4

Buy Now
Questions 47

A BIG-IP Administrator wants to add a new Self IP to the BIG-IP device. Which item should be assigned to the new Self IP being configured?

Options:

A.

Interface

B.

Route

C.

VLAN

D.

Trunk

Buy Now
Questions 48

An LTM Specialist wants to allow access to the Always On Management (AOM) from the network.

Which two methods should the LTM Specialist use to configure the AOM interface? (Choose two.)

Options:

A.

Configure the AOM IP from the front panel buttons and LCD.

B.

Choose the network configurator in the AOM menu on the serial port.

C.

Configure the AOM network address in the GUI under System>Platform.

D.

Log in to the Host via ssh, "ssh aom", and modify the network configuration file.

Buy Now
Questions 49

To improve application security, an LTM Specialist must configure a BIG application access. The BIG IPsystem to authenticate the client certificate before permitting application access. The BIG-IP system must also support the ability to red to redirect users to a certificate enrolment system without generating a browser error.

Within the Client SSL profile, which value should the LTM Specialist select for the Client Certificate option?

Options:

A.

Require

B.

Request

C.

Demand

D.

ignore

Buy Now
Questions 50

An LTM Specialist is working with an LTM device configured with 10 virtual servers on the same domain with a different key/cert pair per virtual. For examplE. www.example.com; ftp.example.com; ssh.example.com; ftps.example.com.

What should the LTM Specialist do to reduce the number of objects on the LTM device?

Options:

A.

create a 0 port virtual server and have it answer for all protocols

B.

create a 0.0.0.0:0 virtual server thus eliminating all virtual servers

C.

create a transparent virtual server thus eliminating all virtual servers

D.

create a wildcard certificate and use it on all *.example.com virtual servers

Buy Now
Questions 51

A BIG-IP Administrator notices that one of the servers that runs an application is NOT receiving any traffic. The BIG-IP Administrator examines the configuration status of the application and observes the displayed monitor configuration and affected Pool Member status. What is the possible cause of this issue?

Options:

A.

The Node Health Monitor is NOT responding.

B.

The application is NOT responding with the expected Receive String.

C.

HTTP 1.1 is NOT appropriate for monitoring purposes.

D.

The BIG-IP device is NOT able to reach the Pool.

Buy Now
Questions 52

Remote users who access the LTM device are authenticated via Radius. The default remote user role is Guest Some users need LTM device with the Administrator role. The F5 Radius attributes are configure on the Radius server.

Which configuration item needs to be created?

Options:

A.

Remote User role

B.

Admin account

C.

User role

D.

Useraccount

Buy Now
Questions 53

An LTM Specialist needs to terminate client SSL traffic and based on the cookie presented by client.

Which set of profiles should the LTM Specialist use?

Options:

A.

HTTPS, Client SSL, Cookie Persistence Profile

B.

HTTP, Server SSL, SSL Cookie Profile

C.

HTTPS, Server SSL, SSL Cookie Profile

D.

HTTP, Client SSL, Cookie Persistence Profile,

Buy Now
Questions 54

An LTM Specialist configures a new HTTP virtual server on an LTM device external VLAN. The web servers are connected to the LTM device internal VLAN. Clients trying to connect to the virtual server are unable to establish a connection. A packet capture shows an HTTP response from a web server to the client and then a reset from the client to the web server.

From which two locations could the packet capture have been collected? (Choose two.)

Options:

A.

network interface of web server

B.

network interface of client machine

C.

internal VLAN interface of the LTM device

D.

external VLAN interface of the LTM device

E.

management VLAN interface of the LTM device

Buy Now
Questions 55

AnLTM specialist needs to create a new account with the admin role called "newadmin' and access to all partitions.

Which tmsh command should be executed?

Options:

A.

create /auth user newadmin partition-access add {all-partitions {role admin }} prompt for-password.

B.

create /users newadmin partition-access add {all-partitions {role admin JJ prompt for-password.

C.

create /user newadmin partition-access add (all-partitions {role admin }} prompt- for-password.

D.

create / sys user newadmin partition-access add (all-partitions {role admin )} prompt-for-password.

Buy Now
Questions 56

-- Exhibit --

-- Exhibit --

Refer to the exhibit.

A company uses a complex piece of client software that connects to one or more virtual servers (VS) hosted on an LTM device. The client software is experiencing issues. An LTM Specialist must determine the cause of the problem.

The LTM Specialist is seeing a client source IP of 168.210.232.5 in the tcpdump. However, the client source IP is actually 10.123.17.12.

Why does the IP address of 10.123.17.12 fail to appear in the tcpdump?

Options:

A.

The LTM device performed NAT on the individual's IP address.

B.

The Secure Network Address Translation (SNAT) pool on the virtual server is activated.

C.

Network Address Translation (NAT) has occurred in the path between the client and the LTM device.

D.

The individual's data stream is being routed to the LTM device by a means other than the default route.

Buy Now
Questions 57

A BIG-IP Administrator uses backend servers to host multiple services per server. There are multiple virtual servers and pools defined, referencing the same backend servers.

Which load balancing algorithm is most appropriate to have an equal number of connections on each backend server?

Options:

A.

Least Connections (member)

B.

Least Connections (node)

C.

Predictive (member)

D.

Predictive (node)

Buy Now
Questions 58

An LTM Specialist needs to create two virtual servers.

The application has links for both HTTP and HTTPS version of application. The client must be persistence to a pool member, no matter which virtual server isaccessed.

What must be selected in the Source Address Affinity persistence profile?

Options:

A.

Match across Virtual Servers

B.

Match across Pool Members

C.

Match across Services

D.

Match across Polls

Buy Now
Questions 59

OneLTM device in an HA pair of LTM devices is unable to reach its default gateway. An HA Failover event needs to happen.

Which configuration item enables this behavior?

Options:

A.

iRule

B.

Gateway Fail Safe

C.

Gateway pool monitor

D.

Gateway pool

Buy Now
Questions 60

A BIG-IP Administrator discovers malicious brute-force attempts to access the BIG-IP device on the management interface via SSH. The BIG-IP Administrator needs to restrict SSH access to the

management interface.

Where should this be accomplished?

Options:

A.

System > Configuration

B.

Network > Interfaces

C.

Network > Self IPs

D.

System > Platform

Buy Now
Questions 61

An LTM Specialist must perform a packet capture on a virtual server with an applied standard FastL4 profile. The virtual server 10.0.0.1:443 resides on vlan301.

Which steps should the LTM Specialist take to capture the data payload successfully while ensuring no other virtual servers are affected?

Options:

A.

The standard FastL4 profile should have PVA acceleration disabled. Then the packet capture tcpdump -ni vlan301 should be executed on the command line interface.

B.

The packet capture tcpdump -ni vlan301 should be executed on the command line interface. There is no need to change profiles or PVA acceleration.

C.

A new FastL4 profile should be created and applied to the virtual server with PVA acceleration disabled. Then the packet capture tcpdump -ni vlan301 should be executed on the command line interface.

D.

The LTM device is under light load. The traffic should be mirrored to a dedicated sniffing device. On the sniffing device, the packet capture tcpdump -ni vlan301 should be executed.

Buy Now
Questions 62

Refer to the exhibit.

Which two pool members are eligible to receive new connections? (Choose two)

Options:

A.

10.21.0.102.80

B.

10.21.0.104.80

C.

10.21.0.105.80

D.

10.21.0.101.80

E.

10.21.0.103.80

Buy Now
Questions 63

A Client makes the request displayed below to the application server.

Which virtual server type should an LTM Specialist use to load balance based on the URI?

.A. Forwarding (Layer 2)

B. Stateless

C.Standard

D. Performance (Layer 4)

Options:

Buy Now
Questions 64

Refer to the exhibit.

A BIG-IP Administrator configures a Virtual Server to handle HTTPS traffic. Users report that the

application is NOT working.

Which actional configuration is regard to resolve this issue?

Options:

A.

Configure SSL Profile (Client)

B.

Configure Protocol Profile (Server)

C.

Configure Service Profile HTTP

D.

Configure SSL Profile (Server)

Buy Now
Questions 65

A development team needs to apply a software fix and troubleshoot one of its servers. The BIG-IP Administrator needs to immediately remove all connections from the BIG-IP system to the back end server. The BIG-IP Administrator checks the Virtual Server configuration and finds that a persistence profile is assigned to it. What should the 8IG-IP Administrator do to meet this requirement?

Options:

A.

Set the pool member to a Forced Offline state and manually delete easting connections through the command line.

B.

Set the pool member to a Forced Offline state.

C.

Set the pool member to a Disabled state.

D.

Set the pool member to a Disabled state and manually delete existing connections through the command line.

Buy Now
Questions 66

-- Exhibit –

-- Exhibit --

Refer to the exhibits.

Users are able to access the application when connecting directly to the web server but are unsuccessful when connecting to the virtual server. Return traffic bypasses the LTM device using Layer 2 nPath routing.

Which configuration change resolves this problem?

Options:

A.

Enable a SNAT pool on the LTM device.

B.

Disable address translation on the LTM device.

C.

Configure a route on the web server to the client subnet.

D.

Configure the virtual server to listen on port 80 on the LTM device.

E.

Configure the VIP address on the loopback interface of the web server.

Buy Now
Questions 67

An LTM device is configure with the wildcard virtual servers displayed below.

A client connection is made to 172.24.31.14:443.

Options:

A.

VS_172_24_1_WILDCARD

B.

VS_HTTP_WILDCARD

C.

VS_172_24_WILDCARD

D.

VS_HTTPS_WILDCARD

Buy Now
Questions 68

A BIG-IP Administrator wants to add the ASM Module to an HA pair of BIG-IP devices. The BIG-IP Administrator has already installed a new Add-On License on both devices in the HA pair. What should the BIG-IP Administrator do next to use the module?

Options:

A.

Provision the new module on both BIG-IP device's

B.

Synchronize both BIG-IP devices

C.

Reboot both BIG-IP devices

D.

Reactivate the Licenses on both BIG IP devices

Buy Now
Questions 69

-- Exhibit –

-- Exhibit --

Refer to the exhibit.

An LTM Specialist configures a virtual server that balances HTTP connections to a pool of three application servers. Approximately one out of every three connections to the virtual server fails.

Which two actions will resolve the problem? (Choose two.)

Options:

A.

Assign a custom HTTP monitor to the pool.

B.

Enable SNAT automap on the virtual server.

C.

Verify that port lockdown is set to allow port 80.

D.

Verify the default gateway on the application servers.

E.

Increase the TCP timeout value in the default TCP profile.

Buy Now
Questions 70

An application is making heavy use of a large, high-quality JPEG image file. An LTM Specialist needs to enhance page load times without increasing server load.

Which profile should be applied to the virtual server to perform this task?

Options:

A.

Response Adapt

B.

OneConnect

C.

FastHTTP

D.

Web Acceleration

Buy Now
Questions 71

An LTM Specialist is creating a custom EAV monitor.

In which directory should the LTM Specialist upload the script?

Options:

A.

/usr/monitor

B.

/usr/monitors

C.

/config/monitors

D.

/usr/bin/monitors

E.

/config/templates

Buy Now
Questions 72

-- Exhibit –

-- Exhibit --

Refer to the exhibit.

The decoded TCPDump capture is a trace of a failing health monitor. The health monitor is sending the string shown in the capture; however, the server response is NOT as expected. The receive string is set to 'SERVER IS UP'.

What is the solution?

Options:

A.

The GET request Host header field requires a host name.

B.

Incorrect syntax in send string. 'HTTP/1.1' should be 'HTTP1.1'.

C.

The /test_page.html does NOT exist on the web server and should be added.

D.

Incorrect syntax in send string. 'Connection: Close' should be 'Connection: Open'.

Buy Now
Questions 73

Refer to the exhibit.

A BIG-IP Administrator configures a now VLAN on an HA pair of devices that does NOT yet have any

traffic. This action causes the assigned traffic group to fail over to the standby device.

Which VLAN setting should be changed to prevent this issue?

Options:

A.

Auto Last Hop

B.

Fail-safe

C.

Customer Tag

D.

Source Check

Buy Now
Questions 74

A new web application is being deployed Mutual SSL authentication must be used to authenticate clients.

Which of the following two tasks must be completed to meet therequirements? (Choose two)

Options:

A.

configure the server SSL profile with "Client Certificate" Set to require

B.

configure the client SSL profile with "Client Certificate" set to require

C.

instruct the desktop team to update the web browser to the most recent release

D.

generate a CSR to register a certificate with the CA

E.

configure the client SSL profile with the Trusted .Certificate Authorities

Buy Now
Questions 75

A VCMP guest has the following characteristics:

• Resources allocated for CPU memory, network interfaces, and disk space

• Virtual disk created

• The guest is NOT running

The guest isNOT running in which state is the VCMP guest

Options:

A.

Offline

B.

Deployed

C.

Provisioned

D.

Configured

Buy Now
Questions 76

An LTM Specialist needs to gather website statistics such as latency and throughput on the existing virtual server. This virtual server loadBalances the backend web servers.

Which F5 feature will provide this?

Options:

A.

the Performance panel

B.

the AVR module

C.

the Dashboard

D.

the Statistics panel

Buy Now
Questions 77

An LTM Specialist is troubleshooting an issue where one LTM device in a three LTM device group is failing to synchronize after a synchronize to group command is issued. The LTM Specialist verifies there are no packet filters, port lock down, or network issues preventing the connection.

What are two reasons the synchronization group is having issues? (Choose two.)

Options:

A.

Certificates expired on all of the peer LTM devices.

B.

Certificates stored for the device trusts on all of the peer LTM devices are corrupted.

C.

Admin passwords changed on one of the peer LTM devices that are able to synchronize.

D.

Admin password changed on the LTM device NOT receiving the synchronized configurations.

E.

Certificates stored for the device trusts on the LTM device NOT receiving the configuration are corrupted.

Buy Now
Questions 78

An LTM Specialist sees these entries in /var/log/ltm:

Oct 25 03:34:31 tmm warning tmm[7150]: 01260017:4: Connection attempt to insecure SSL server (see RFC5746) aborteD. 172.16.20.1:443

Oct 25 03:34:32 tmm warning tmm[7150]: 01260017:4: Connection attempt to insecure SSL server (see RFC5746) aborteD. 172.16.20.1:443

Oct 25 03:34:32 tmm warning tmm[7150]: 01260017:4: Connection attempt to insecure SSL server (see RFC5746) aborteD. 172.16.20.1:443

Oct 25 03:34:32 tmm warning tmm[7150]: 01260017:4: Connection attempt to insecure SSL server (see RFC5746) aborteD. 172.16.20.1:443

Oct 25 03:34:32 tmm warning tmm[7150]: 01260017:4: Connection attempt to insecure SSL server (see RFC5746) aborteD. 172.16.20.1:443

Oct 25 03:34:33 tmm warning tmm[7150]: 01260017:4: Connection attempt to insecure SSL server (see RFC5746) aborteD. 172.16.20.1:443

Assume 172.16.20.0/24 is attached to the VLAN "internal."

What should the LTM Specialist use to troubleshoot this issue?

Options:

A.

curl -d - -k https://172.16.20.1

B.

ssldump -i internal host 172.16.20.1

C.

tcpdump -i internal host 172.16.20.1 > /shared/ssl.pcap

ssldump < /shared/ssl.pcap

D.

tcpdump -s 64 -i internal -w /shared/ssl.pcap host 172.16.20.1

ssldump -r /shared/ssl.pcap

Buy Now
Exam Code: 303
Exam Name: BIG-IP ASM Specialist
Last Update: Dec 25, 2024
Questions: 0
303 pdf

303 PDF

$25.5  $84.99
303 Engine

303 Testing Engine

$30  $99.99
303 PDF + Engine

303 PDF + Testing Engine

$135  $450