Home / F5 / 301b

F5 301b Practice Test - Questions Answers, Page 5

Question list

List of questions

Question 41

(0)

An IT administrator wants to log which server is being load balanced to by a user with IP address 10.10.10.25. Which iRule should the LTM Specialist use to fulfill the request?

Question 42

(0)

A customer needs to intercept all of the redirects its application is sending to clients. When a redirect is matched, the customer needs to log a message including the client IP address. Which iRul

Question 43

(0)

A web application requires knowledge of the client's true IP address for logging and analysis purposes. Instances of the application that can decode X-Forwarded-For HTTP headers reside in pool_a, wh

Question 44

(0)

Which iRule will reject any connection originating from a 10.0.0.0/8 network?

Question 45

(0)

There is a fault with an LTM device load balanced trading application that resides on directly connected VLAN vlan-301. The application virtual server is 10.0.0.1:80 with trading application backend

Question 46

(0)

An LTM Specialist has just captured trace /var/tmp/trace.cap for site www.example.com while listening on virtual address 10.0.0.1:443 configured on partition Application A . The data payload bein

Question 47

(0)

An LTM Specialist must perform a packet capture on a virtual server with an applied standard FastL4 profile. The virtual server 10.0.0.1:443 resides on vlan301. Which steps should the LTM Specialis

Question 48

(0)

A new VLAN vlan301 has been configured on a highly available LTM device in partition Application A . A new directly connected backend server has been placed on vlan301. However, there are connectivi

Question 49

(0)

An LTM device pool has suddenly been marked down by a monitor. The pool consists of members 10.0.1.1:443 and 10.0.1.2:443 and are verified to be listening. The affected virtual server is 10.0.0.1:80

Question 50

(0)

An LTM Specialist needs to modify the logging level for tcpdump execution events. Checking the BigDB Key, the following is currently configured: sys db log.tcpdump.level { value 'Notice' } Which

Related questions

The LTM Specialist is writing a custom HTTP monitor for a web application and has viewed the content by accessing the site directly via their browser. The monitor continually fails. The monitor configuration is: ltm monitor http /Common/exampleComMonitor { defaults-from /Common/http destination *:* interval 5 recv 'Recent Searches' send 'GET /app/feed/current\?uid=20145 HTTP/1.1 \\r\\nHost : www.example.com\\r\\nAccept-EncodinG. gzip, deflate \\r\\nConnection : close\\r\\n \\r\\n' time-until-up 0 timeout 16 } A trace shows the following request and response: Request: GET /app/feed/current?uid=20145 HTTP/1.1 Host www.example.com Accept-Encoding gzip, deflate Connection: close Response: HTTP/1.1 302 Moved Temporarily Date Wed, 17 Oct 2012 18:45:52 GMT Server Apache Location https://example.com/login.jsp Content-Encoding gzip Content-Type text/html;charset=UTF-8 Set-CookiE. JSESSIONID=261EFFBDA8EC3036FBCC22D991AC6835; Path=/app/feed/current?uid=20145 What is the problem?

An LTM Specialist configures the following iRule on an LTM device: when HTTP_REQUEST { if {[string tolower [HTTP::uri]] contains '/URI1/' } { pool Pool1 } elseif {[string tolower [HTTP::uri]] contains '/URI2/' } { pool Pool2 } elseif {[string tolower [HTTP::uri]] contains '/URI3/' } { pool Pool3 } else { pool Pool4} } Given the following request: http://www.example.comURI1/index.html?fu=bar&pass=1234 Which pool will be selected by the iRule?

An LTM Specialist configures an HTTP monitor as follows: ltm monitor http stats_http_monitor { defaults-from http destination *:* interval 5 recv 'Health check: OK' send 'GET /stats/stats.html HTTP/1.1\\r \\nHost : www.example.com\\r\\nAccept-EncodinG. gzip, deflate \\r\\nConnection : close\\r\\n \\r\\n' time-until-up 0 timeout 16 } The monitor is marking all nodes as down. A trace of the HTTP conversation shows the following: GET /stats/stats.html HTTP/1.1 Host: www.example.com Accept-EncodinG. gzip, deflate Connection: close HTTP/1.1 401 Authorization Required DatE. Tue, 23 Oct 2012 19:38:56 GMT Server: Apache/2.2.15 (Unix) WWW-AuthenticatE. Basic realm='Please enter your credentials' Content-LengtH. 480 Connection: close Content-TypE. text/html; charset=iso-8859-1 Which action will resolve the problem?

Which three HTTP headers allow an application server to determine the client's language compatibility, browser, operating system type, and compression compatibility? (Choose three.)

set hsl [HSL::open -proto UDP -pool syslog_server_pool] HSL::send $hsl '<190> [HTTP::host] from [whereis [IP::client_addr] country continent state city zip] , IP: [IP::client_addr]' What do the following iRule commands do when they are used in the same iRule?

What is the effect of an iRule error such as referencing an undefined variable?

A client is attempting to log in to a web application that requires authentication. The following HTTP headers are sent by the client: GET /owa/ HTTP/1.1 Authorization: Basic dXNlcm5hbWU6cGFzc3dvcmQ= User-Agent: curl/7.26.0 Host: 10.0.0.14 Accept: */* Accept-EncodinG. gzip,deflate The web server is responding with the following HTTP headers: HTTP/1.1 401 Unauthorized Content-TypE. text/html Server: Microsoft-IIS/7.5 WWW-AuthenticatE. NTLM DatE. Wed, 16 Aug 1977 19:12:31 GMT Content-LengtH. 1293 The client has checked the login credentials and believes the correct details are being entered. What is the reason the destination web server is sending an HTTP 401 response?

An LTM HTTP pool has an associated monitor that sends a string equal to 'GET /test.html'. Which two configurations could an LTM Specialist implement to allow server administrators to disable their pool member servers without logging into the LTM device? (Choose two.)

An LTM device is serving an FTP virtual server that has three pool members. The FTP pool members are monitored via TCP port 21. Customers are reporting that they are able to log in, but are sometimes unable to upload files to the server. Which monitor should the LTM Specialist configure to verify that the servers can handle file uploads?

-- Exhibit -- -- Exhibit -- Refer to the exhibit. An administrator created a monitor to a pool member web server, which resulted in a pool member that is marked red. The administrator knows the web server is working when it is accessed from another computer. What should the administrator do to correct the problem?

Question 41

An IT administrator wants to log which server is being load balanced to by a user with IP address 10.10.10.25.

Which iRule should the LTM Specialist use to fulfill the request?

when SERVER_CONNECTED { if { [IP::addr [IP::remote_addr]] equals 10.10.10.25]} { log local0. 'client 10.10.10.25 connected to pool member [IP::addr [LB::server addr]]' } }

when CLIENT_ACCEPTED { if { [IP::addr [clientside [IP::remote_addr]] equals 10.10.10.25]} { log local0. 'client 10.10.10.25 connected to pool member [IP::addr [LB::server addr]]' } }

when SERVER_CONNECTED { if { [IP::addr [clientside [IP::remote_addr]] equals 10.10.10.25]} { log local0. 'client 10.10.10.25 connected to pool member [IP::addr [LB::server addr]]' } }

when CLIENT_ACCEPTED { if { [IP::addr [IP::remote_addr] equals 10.10.10.25]} { log local0. 'client 10.10.10.25 connected to pool member [IP::addr [LB::server addr]]' } }

Show Answer Comment (0)

Question 42

A customer needs to intercept all of the redirects its application is sending to clients. When a redirect is matched, the customer needs to log a message including the client IP address.

Which iRule should be used?

when HTTP_RESPONSE { if { [HTTP::is_3xx] } { log local0. 'redirecting client ip address [IP::addr [IP::remote_addr]]' } }

when HTTP_REQUEST { if { [HTTP::is_301] } { log local0. 'redirecting client ip address [IP::addr [IP::remote_addr]]' } }

when HTTP_REQUEST { if { [HTTP::is_redirect] } { log local0. 'redirecting client ip address [IP::addr [IP::remote_addr]]' } }

when HTTP_RESPONSE { if { [HTTP::is_redirect] } { log local0. 'redirecting client ip address [IP::addr [IP::remote_addr]]' } }

Show Answer Comment (0)

A web application requires knowledge of the client's true IP address for logging and analysis purposes. Instances of the application that can decode X-Forwarded-For HTTP headers reside in pool_a, while pool_b instances assume the source IP is the true address of the client.

Which iRule provides the proper functionality?

when HTTP_DATA { if {[HTTP::header exists X-Forwarded-For]}{ pool pool_a } else { pool pool_b } }

when HTTP_RESPONSE { if {[HTTP::header exists X-Forwarded-For]}{ pool pool_a } else { pool pool_b } }

when HTTP_REQUEST { if {[HTTP::header exists X-Forwarded-For]}{ pool pool_a } else { pool pool_b } }

when HTTP_OPEN { if {[HTTP::header exists X-Forwarded-For]}{ pool pool_a } else { pool pool_b } }

Show Answer Comment (0)

Question 44

Which iRule will reject any connection originating from a 10.0.0.0/8 network?

when CLIENT_ACCEPTED { set remote_ip [IP::addr [IP::remote_addr] mask 8] switch $remote_ip { '10.0.0.0' { reject } '11.0.0.0' { pool pool_http1} default { pool http_pool } } }

when CLIENT_ACCEPTED { set remote_ip [IP::addr [IP::local_addr] mask 8] switch $remote_ip { '10.0.0.0' { reject } '11.0.0.0' { pool pool_http1} default { pool http_pool } } }

when CLIENT_ACCEPTED { set remote_ip [IP::addr [IP::client_addr] mask 255.0.0.0] switch $remote_ip { '10.0.0.0' { reject } '11.0.0.0' { pool pool_http1} default { pool http_pool } } }

when CLIENT_ACCEPTED { set remote_ip [IP::addr [IP::local_addr] mask 255.0.0.0] switch $remote_ip { '10.0.0.0' { reject } '11.0.0.0' { pool pool_http1} default { pool http_pool } } }

Show Answer Comment (0)

Question 45

There is a fault with an LTM device load balanced trading application that resides on directly connected VLAN vlan-301. The application virtual server is 10.0.0.1:80 with trading application backend servers on subnet 192.168.0.0/25. The LTM Specialist wants to save a packet capture with complete payload for external analysis.

Which command should the LTM Specialist execute on the LTM device command line interface?

tcpdump -vvv -w /var/tmp/trace.cap 'net 192.168.0.0/25'

tcpdump -vvv -s 0 -w /var/tmp/trace.cap 'net 192.168.0.0/25'

tcpdump -vvv -nni vlan-301 -w /var/tmp/trace.cap 'net 192.168.0.0/25'

tcpdump -vvv -s 0 -nni vlan-301 -w /var/tmp/trace.cap 'net 192.168.0.0/25'

Show Answer Comment (0)

Question 46

An LTM Specialist has just captured trace /var/tmp/trace.cap for site www.example.com while listening on virtual address 10.0.0.1:443 configured on partition Application

A . The data payload being captured is SSL encrypted.

Which command should the LTM Specialist execute to decrypt the data payload?

ssldump -Aed -nr /var/tmp/trace.cap -k /config/filestore/files_d/Common_d/certificate_d/:Common:www.example.com.crt_1

ssldump -Aed -nr /var/tmp/trace.cap -k /config/filestore/files_d/Common_d/certificate_key_d/:Common:www.example.com.key_1

ssldump -Aed -nr /var/tmp/trace.cap -k /config/filestore/files_d/ApplicationA_d/certificate_d/:ApplicationA:www.example.com.crt_1

ssldump -Aed -nr /var/tmp/trace.cap -k /config/filestore/files_d/ApplicationA_d/certificate_key_d/:ApplicationA:www.example.com.key_1

Show Answer Comment (0)

Question 47

An LTM Specialist must perform a packet capture on a virtual server with an applied standard FastL4 profile. The virtual server 10.0.0.1:443 resides on vlan301.

Which steps should the LTM Specialist take to capture the data payload successfully while ensuring no other virtual servers are affected?

The standard FastL4 profile should have PVA acceleration disabled. Then the packet capture tcpdump -ni vlan301 should be executed on the command line interface.

The packet capture tcpdump -ni vlan301 should be executed on the command line interface. There is no need to change profiles or PVA acceleration.

A new FastL4 profile should be created and applied to the virtual server with PVA acceleration disabled. Then the packet capture tcpdump -ni vlan301 should be executed on the command line interface.

The LTM device is under light load. The traffic should be mirrored to a dedicated sniffing device. On the sniffing device, the packet capture tcpdump -ni vlan301 should be executed.

Show Answer Comment (0)

Question 48

A new VLAN vlan301 has been configured on a highly available LTM device in partition Application A . A new directly connected backend server has been placed on vlan301. However, there are connectivity issues pinging the default gateway. The VLAN self IPs configured on the LTM devices are 192.168.0.251 and 192.168.0.252 with floating IP 192.168.0.253. The LTM Specialist needs to perform a packet capture to assist with troubleshooting the connectivity.

Which command should the LTM Specialist execute on the LTM device command line interface to capture the attempted pings to the LTM device default gateway on VLAN vlan301?

tcpdump -ni /ApplicationA/vlan301 'host 192.168.0.253'

tcpdump -ni vlan301 'host 192.168.0.253'

tcpdump -ni /ApplicationA/vlan301 'host 192.168.0.251 or host 192.168.0.252'

tcpdump -ni vlan301 'host 192.168.0.251 or host 192.168.0.252'

Show Answer Comment (0)

Question 49

An LTM device pool has suddenly been marked down by a monitor. The pool consists of members 10.0.1.1:443 and 10.0.1.2:443 and are verified to be listening. The affected virtual server is 10.0.0.1:80.

Which two tools should the LTM Specialist use to troubleshoot the associated HTTPS pool monitor via the command line interface? (Choose two.)

curl

telnet

ssldump

tcpdump

Show Answer Comment (0)