ExamGecko
Login
Home / F5 / 301b / List of questions
Ask Question

F5 301b Practice Test - Questions Answers, Page 5

Add to Whishlist

List of questions

Question 41

Report Export Collapse

An IT administrator wants to log which server is being load balanced to by a user with IP address 10.10.10.25.

Which iRule should the LTM Specialist use to fulfill the request?

when SERVER_CONNECTED { if { [IP::addr [IP::remote_addr]] equals 10.10.10.25]} { log local0. 'client 10.10.10.25 connected to pool member [IP::addr [LB::server addr]]' } }
when SERVER_CONNECTED { if { [IP::addr [IP::remote_addr]] equals 10.10.10.25]} { log local0. 'client 10.10.10.25 connected to pool member [IP::addr [LB::server addr]]' } }
when CLIENT_ACCEPTED { if { [IP::addr [clientside [IP::remote_addr]] equals 10.10.10.25]} { log local0. 'client 10.10.10.25 connected to pool member [IP::addr [LB::server addr]]' } }
when CLIENT_ACCEPTED { if { [IP::addr [clientside [IP::remote_addr]] equals 10.10.10.25]} { log local0. 'client 10.10.10.25 connected to pool member [IP::addr [LB::server addr]]' } }
when SERVER_CONNECTED { if { [IP::addr [clientside [IP::remote_addr]] equals 10.10.10.25]} { log local0. 'client 10.10.10.25 connected to pool member [IP::addr [LB::server addr]]' } }
when SERVER_CONNECTED { if { [IP::addr [clientside [IP::remote_addr]] equals 10.10.10.25]} { log local0. 'client 10.10.10.25 connected to pool member [IP::addr [LB::server addr]]' } }
when CLIENT_ACCEPTED { if { [IP::addr [IP::remote_addr] equals 10.10.10.25]} { log local0. 'client 10.10.10.25 connected to pool member [IP::addr [LB::server addr]]' } }
when CLIENT_ACCEPTED { if { [IP::addr [IP::remote_addr] equals 10.10.10.25]} { log local0. 'client 10.10.10.25 connected to pool member [IP::addr [LB::server addr]]' } }
Suggested answer: C
asked 24/09/2024
Kai van Dijk
30 questions

Question 42

Report Export Collapse

A customer needs to intercept all of the redirects its application is sending to clients. When a redirect is matched, the customer needs to log a message including the client IP address.

Which iRule should be used?

when HTTP_RESPONSE { if { [HTTP::is_3xx] } { log local0. 'redirecting client ip address [IP::addr [IP::remote_addr]]' } }
when HTTP_RESPONSE { if { [HTTP::is_3xx] } { log local0. 'redirecting client ip address [IP::addr [IP::remote_addr]]' } }
when HTTP_REQUEST { if { [HTTP::is_301] } { log local0. 'redirecting client ip address [IP::addr [IP::remote_addr]]' } }
when HTTP_REQUEST { if { [HTTP::is_301] } { log local0. 'redirecting client ip address [IP::addr [IP::remote_addr]]' } }
when HTTP_REQUEST { if { [HTTP::is_redirect] } { log local0. 'redirecting client ip address [IP::addr [IP::remote_addr]]' } }
when HTTP_REQUEST { if { [HTTP::is_redirect] } { log local0. 'redirecting client ip address [IP::addr [IP::remote_addr]]' } }
when HTTP_RESPONSE { if { [HTTP::is_redirect] } { log local0. 'redirecting client ip address [IP::addr [IP::remote_addr]]' } }
when HTTP_RESPONSE { if { [HTTP::is_redirect] } { log local0. 'redirecting client ip address [IP::addr [IP::remote_addr]]' } }
Suggested answer: D
asked 24/09/2024
P B
43 questions

Question 43

Report Export Collapse

A web application requires knowledge of the client's true IP address for logging and analysis purposes. Instances of the application that can decode X-Forwarded-For HTTP headers reside in pool_a, while pool_b instances assume the source IP is the true address of the client.

Which iRule provides the proper functionality?

when HTTP_DATA { if {[HTTP::header exists X-Forwarded-For]}{ pool pool_a } else { pool pool_b } }
when HTTP_DATA { if {[HTTP::header exists X-Forwarded-For]}{ pool pool_a } else { pool pool_b } }
when HTTP_RESPONSE { if {[HTTP::header exists X-Forwarded-For]}{ pool pool_a } else { pool pool_b } }
when HTTP_RESPONSE { if {[HTTP::header exists X-Forwarded-For]}{ pool pool_a } else { pool pool_b } }
when HTTP_REQUEST { if {[HTTP::header exists X-Forwarded-For]}{ pool pool_a } else { pool pool_b } }
when HTTP_REQUEST { if {[HTTP::header exists X-Forwarded-For]}{ pool pool_a } else { pool pool_b } }
when HTTP_OPEN { if {[HTTP::header exists X-Forwarded-For]}{ pool pool_a } else { pool pool_b } }
when HTTP_OPEN { if {[HTTP::header exists X-Forwarded-For]}{ pool pool_a } else { pool pool_b } }
Suggested answer: C
asked 24/09/2024
Rebecca Gillespie
45 questions

Question 44

Report Export Collapse

Which iRule will reject any connection originating from a 10.0.0.0/8 network?

when CLIENT_ACCEPTED { set remote_ip [IP::addr [IP::remote_addr] mask 8] switch $remote_ip { '10.0.0.0' { reject } '11.0.0.0' { pool pool_http1} default { pool http_pool } } }
when CLIENT_ACCEPTED { set remote_ip [IP::addr [IP::remote_addr] mask 8] switch $remote_ip { '10.0.0.0' { reject } '11.0.0.0' { pool pool_http1} default { pool http_pool } } }
when CLIENT_ACCEPTED { set remote_ip [IP::addr [IP::local_addr] mask 8] switch $remote_ip { '10.0.0.0' { reject } '11.0.0.0' { pool pool_http1} default { pool http_pool } } }
when CLIENT_ACCEPTED { set remote_ip [IP::addr [IP::local_addr] mask 8] switch $remote_ip { '10.0.0.0' { reject } '11.0.0.0' { pool pool_http1} default { pool http_pool } } }
when CLIENT_ACCEPTED { set remote_ip [IP::addr [IP::client_addr] mask 255.0.0.0] switch $remote_ip { '10.0.0.0' { reject } '11.0.0.0' { pool pool_http1} default { pool http_pool } } }
when CLIENT_ACCEPTED { set remote_ip [IP::addr [IP::client_addr] mask 255.0.0.0] switch $remote_ip { '10.0.0.0' { reject } '11.0.0.0' { pool pool_http1} default { pool http_pool } } }
when CLIENT_ACCEPTED { set remote_ip [IP::addr [IP::local_addr] mask 255.0.0.0] switch $remote_ip { '10.0.0.0' { reject } '11.0.0.0' { pool pool_http1} default { pool http_pool } } }
when CLIENT_ACCEPTED { set remote_ip [IP::addr [IP::local_addr] mask 255.0.0.0] switch $remote_ip { '10.0.0.0' { reject } '11.0.0.0' { pool pool_http1} default { pool http_pool } } }
Suggested answer: C
asked 24/09/2024
Kimon Pope
39 questions

Question 45

Report Export Collapse

There is a fault with an LTM device load balanced trading application that resides on directly connected VLAN vlan-301. The application virtual server is 10.0.0.1:80 with trading application backend servers on subnet 192.168.0.0/25. The LTM Specialist wants to save a packet capture with complete payload for external analysis.

Which command should the LTM Specialist execute on the LTM device command line interface?

tcpdump -vvv -w /var/tmp/trace.cap 'net 192.168.0.0/25'
tcpdump -vvv -w /var/tmp/trace.cap 'net 192.168.0.0/25'
tcpdump -vvv -s 0 -w /var/tmp/trace.cap 'net 192.168.0.0/25'
tcpdump -vvv -s 0 -w /var/tmp/trace.cap 'net 192.168.0.0/25'
tcpdump -vvv -nni vlan-301 -w /var/tmp/trace.cap 'net 192.168.0.0/25'
tcpdump -vvv -nni vlan-301 -w /var/tmp/trace.cap 'net 192.168.0.0/25'
tcpdump -vvv -s 0 -nni vlan-301 -w /var/tmp/trace.cap 'net 192.168.0.0/25'
tcpdump -vvv -s 0 -nni vlan-301 -w /var/tmp/trace.cap 'net 192.168.0.0/25'
Suggested answer: D
asked 24/09/2024
Pawel Lenart
38 questions

Question 46

Report Export Collapse

An LTM Specialist has just captured trace /var/tmp/trace.cap for site www.example.com while listening on virtual address 10.0.0.1:443 configured on partition Application

A . The data payload being captured is SSL encrypted.

Which command should the LTM Specialist execute to decrypt the data payload?

ssldump -Aed -nr /var/tmp/trace.cap -k /config/filestore/files_d/Common_d/certificate_d/:Common:www.example.com.crt_1
ssldump -Aed -nr /var/tmp/trace.cap -k /config/filestore/files_d/Common_d/certificate_d/:Common:www.example.com.crt_1
ssldump -Aed -nr /var/tmp/trace.cap -k /config/filestore/files_d/Common_d/certificate_key_d/:Common:www.example.com.key_1
ssldump -Aed -nr /var/tmp/trace.cap -k /config/filestore/files_d/Common_d/certificate_key_d/:Common:www.example.com.key_1
ssldump -Aed -nr /var/tmp/trace.cap -k /config/filestore/files_d/ApplicationA_d/certificate_d/:ApplicationA:www.example.com.crt_1
ssldump -Aed -nr /var/tmp/trace.cap -k /config/filestore/files_d/ApplicationA_d/certificate_d/:ApplicationA:www.example.com.crt_1
ssldump -Aed -nr /var/tmp/trace.cap -k /config/filestore/files_d/ApplicationA_d/certificate_key_d/:ApplicationA:www.example.com.key_1
ssldump -Aed -nr /var/tmp/trace.cap -k /config/filestore/files_d/ApplicationA_d/certificate_key_d/:ApplicationA:www.example.com.key_1
Suggested answer: B
asked 24/09/2024
Amin Dashti
55 questions

Question 47

Report Export Collapse

An LTM Specialist must perform a packet capture on a virtual server with an applied standard FastL4 profile. The virtual server 10.0.0.1:443 resides on vlan301.

Which steps should the LTM Specialist take to capture the data payload successfully while ensuring no other virtual servers are affected?

The standard FastL4 profile should have PVA acceleration disabled. Then the packet capture tcpdump -ni vlan301 should be executed on the command line interface.
The standard FastL4 profile should have PVA acceleration disabled. Then the packet capture tcpdump -ni vlan301 should be executed on the command line interface.
The packet capture tcpdump -ni vlan301 should be executed on the command line interface. There is no need to change profiles or PVA acceleration.
The packet capture tcpdump -ni vlan301 should be executed on the command line interface. There is no need to change profiles or PVA acceleration.
A new FastL4 profile should be created and applied to the virtual server with PVA acceleration disabled. Then the packet capture tcpdump -ni vlan301 should be executed on the command line interface.
A new FastL4 profile should be created and applied to the virtual server with PVA acceleration disabled. Then the packet capture tcpdump -ni vlan301 should be executed on the command line interface.
The LTM device is under light load. The traffic should be mirrored to a dedicated sniffing device. On the sniffing device, the packet capture tcpdump -ni vlan301 should be executed.
The LTM device is under light load. The traffic should be mirrored to a dedicated sniffing device. On the sniffing device, the packet capture tcpdump -ni vlan301 should be executed.
Suggested answer: C
asked 24/09/2024
Tamas Szekely
39 questions

Question 48

Report Export Collapse

A new VLAN vlan301 has been configured on a highly available LTM device in partition Application A . A new directly connected backend server has been placed on vlan301. However, there are connectivity issues pinging the default gateway. The VLAN self IPs configured on the LTM devices are 192.168.0.251 and 192.168.0.252 with floating IP 192.168.0.253. The LTM Specialist needs to perform a packet capture to assist with troubleshooting the connectivity.

Which command should the LTM Specialist execute on the LTM device command line interface to capture the attempted pings to the LTM device default gateway on VLAN vlan301?

tcpdump -ni /ApplicationA/vlan301 'host 192.168.0.253'
tcpdump -ni /ApplicationA/vlan301 'host 192.168.0.253'
tcpdump -ni vlan301 'host 192.168.0.253'
tcpdump -ni vlan301 'host 192.168.0.253'
tcpdump -ni /ApplicationA/vlan301 'host 192.168.0.251 or host 192.168.0.252'
tcpdump -ni /ApplicationA/vlan301 'host 192.168.0.251 or host 192.168.0.252'
tcpdump -ni vlan301 'host 192.168.0.251 or host 192.168.0.252'
tcpdump -ni vlan301 'host 192.168.0.251 or host 192.168.0.252'
Suggested answer: A
asked 24/09/2024
jose fajardo
30 questions

Question 49

Report Export Collapse

An LTM device pool has suddenly been marked down by a monitor. The pool consists of members 10.0.1.1:443 and 10.0.1.2:443 and are verified to be listening. The affected virtual server is 10.0.0.1:80.

Which two tools should the LTM Specialist use to troubleshoot the associated HTTPS pool monitor via the command line interface? (Choose two.)

curl
curl
telnet
telnet
ssldump
ssldump
tcpdump
tcpdump
Suggested answer: A, C
asked 24/09/2024
Nomandla Asiya
42 questions

Question 50

Report Export Collapse

An LTM Specialist needs to modify the logging level for tcpdump execution events. Checking the BigDB Key, the following is currently configured:

sys db log.tcpdump.level {

value 'Notice'

}

Which command should the LTM Specialist execute on the LTM device to change the logging level to informational?

tmsh set /sys db log.tcpdump.level value informational
tmsh set /sys db log.tcpdump.level value informational
tmsh set /sys db log.tcpdump.level status informational
tmsh set /sys db log.tcpdump.level status informational
tmsh modify /sys db log.tcpdump.level value informational
tmsh modify /sys db log.tcpdump.level value informational
tmsh modify /sys db log.tcpdump.level status informational
tmsh modify /sys db log.tcpdump.level status informational
Suggested answer: C
asked 24/09/2024
Aboudou-Razakou KONI
40 questions
Total 210 questions
Go to page: of 21
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

An LTM Specialist configures an HTTP monitor as follows: ltm monitor http stats_http_monitor { defaults-from http destination *:* interval 5 recv 'Health check: OK' send 'GET /stats/stats.html HTTP/1.1\\r \\nHost : www.example.com\\r\\nAccept-EncodinG. gzip, deflate \\r\\nConnection : close\\r\\n \\r\\n' time-until-up 0 timeout 16 } The monitor is marking all nodes as down. A trace of the HTTP conversation shows the following: GET /stats/stats.html HTTP/1.1 Host: www.example.com Accept-EncodinG. gzip, deflate Connection: close HTTP/1.1 401 Authorization Required DatE. Tue, 23 Oct 2012 19:38:56 GMT Server: Apache/2.2.15 (Unix) WWW-AuthenticatE. Basic realm='Please enter your credentials' Content-LengtH. 480 Connection: close Content-TypE. text/html; charset=iso-8859-1 Which action will resolve the problem?
An LTM Specialist configures the following iRule on an LTM device: when HTTP_REQUEST { if {[string tolower [HTTP::uri]] contains '/URI1/' } { pool Pool1 } elseif {[string tolower [HTTP::uri]] contains '/URI2/' } { pool Pool2 } elseif {[string tolower [HTTP::uri]] contains '/URI3/' } { pool Pool3 } else { pool Pool4} } Given the following request: http://www.example.comURI1/index.html?fu=bar&pass=1234 Which pool will be selected by the iRule?
An LTM device is serving an FTP virtual server that has three pool members. The FTP pool members are monitored via TCP port 21. Customers are reporting that they are able to log in, but are sometimes unable to upload files to the server. Which monitor should the LTM Specialist configure to verify that the servers can handle file uploads?
The LTM Specialist is writing a custom HTTP monitor for a web application and has viewed the content by accessing the site directly via their browser. The monitor continually fails. The monitor configuration is: ltm monitor http /Common/exampleComMonitor { defaults-from /Common/http destination *:* interval 5 recv 'Recent Searches' send 'GET /app/feed/current\?uid=20145 HTTP/1.1 \\r\\nHost : www.example.com\\r\\nAccept-EncodinG. gzip, deflate \\r\\nConnection : close\\r\\n \\r\\n' time-until-up 0 timeout 16 } A trace shows the following request and response: Request: GET /app/feed/current?uid=20145 HTTP/1.1 Host www.example.com Accept-Encoding gzip, deflate Connection: close Response: HTTP/1.1 302 Moved Temporarily Date Wed, 17 Oct 2012 18:45:52 GMT Server Apache Location https://example.com/login.jsp Content-Encoding gzip Content-Type text/html;charset=UTF-8 Set-CookiE. JSESSIONID=261EFFBDA8EC3036FBCC22D991AC6835; Path=/app/feed/current?uid=20145 What is the problem?
-- Exhibit -- -- Exhibit -- Refer to the exhibit. An LTM Specialist is troubleshooting an HTTP monitor that is marking a pool member as down. Connecting to the pool member directly through a browser shows the application is up and functioning correctly. How should the send string be modified to correct this issue?
-- Exhibit -- -- Exhibit -- Refer to the exhibit. An LTM Specialist is troubleshooting a new HTTP monitor on a pool. The pool member is functioning correctly when accessed directly through a browser, although the monitor is marking the member as down. As part of the troubleshooting, the LTM Specialist has captured the monitor traffic via tcpdump. How should the LTM Specialist resolve this issue?
-- Exhibit -- -- Exhibit -- Refer to the exhibit. A client attempts to connect from a Google Chrome browser to a virtual server on a BIG-IP LTM. The virtual server is SSL Offloaded. When the client connects, the client receives an SSL error. The client receives the same errors when trying Mozilla Firefox and Internet Explorer browsers. The LTM Specialist does an ssldump on the virtual server and receives the results as per the exhibit. How should this be resolved?
-- Exhibit -- -- Exhibit -- Refer to the exhibit. An LTM device is used to load balance web content over a secure channel. The developers of the web content have done a trace using an HTTP profiler application. They believe that allowing the LTM device to compress traffic to the client will improve performance. The client can utilize GZIP or deflate compression algorithms. An LTM Specialist must implement the compression. The LTM Specialist has completed the following actions: 1. Create the relevant profile. 2. Apply the relevant profile to the virtual server (VS). After applying the relevant profile, the LTM device is failing to compress the traffic. Instead, the traffic is being served with an error. What is the problem?
-- Exhibit -- -- Exhibit -- Refer to the exhibit. Which step should an LTM Specialist take next to finish upgrading to HD1.3?
An LTM Specialist configures a new HTTP virtual server on an LTM device external VLAN. The web servers are connected to the LTM device internal VLAN. Clients trying to connect to the virtual server are unable to establish a connection. A packet capture shows an HTTP response from a web server to the client and then a reset from the client to the web server. From which two locations could the packet capture have been collected? (Choose two.)