Home / F5 / 301b

F5 301b Practice Test - Questions Answers, Page 6

Question list

List of questions

Question 51

(0)

An application is configured on an LTM device: Virtual server: 10.0.0.1:80 (VLAN vlan301) SNAT IP: 10.0.0.1 Pool members: 10.0.1.1:8080, 10.0.1.2:8080, 10.0.1.3:8080 (VLAN vlan302) Which packet

Question 52

(0)

An application is configured on an LTM device: Virtual server: 10.0.0.1:80 (VLAN vlan301) SNAT IP: 10.0.0.1 Pool members: 10.0.1.1:8080, 10.0.1.2:8080, 10.0.1.3:8080 (VLAN vlan302) Which packet

Question 53

(0)

An LTM Specialist sees these entries in /var/log/ltm: Oct 25 03:34:31 tmm warning tmm[7150]: 01260017:4: Connection attempt to insecure SSL server (see RFC5746) aborteD. 172.16.20.1:443 Oct 25 03:

Question 54

(0)

A virtual server for a set of web services is constructed on an LTM device. The LTM Specialist has created an iRule and applied this iRule to the virtual server: when HTTP_REQUEST { switch [HTTP::

Question 55

(0)

An LTM Specialist is tasked with ensuring that the syslogs for the LTM device are sent to a remote syslog server. The following is an extract from the config file detailing the node and monitor tha

Question 56

(0)

Given a tcpdump on an LTM device from both sides of a connection on the External and Internal VLANs, how should an LTM Specialist determine if SNAT is enabled for a particular pool?

Question 57

(0)

An LTM Specialist has a OneConnect profile and HTTP profile configured on a virtual server to load balance an HTTP application. The following HTTP headers are seen in a network trace when a client

Question 58

(0)

A virtual server for a set of web services is constructed on an LTM device. The LTM Specialist has created an iRule and applied this iRule to the virtual server: when HTTP_REQUEST { switch [HTTP::

Question 59

(0)

An LTM device has a virtual server configured as a Performance Layer 4 virtual listening on 0.0.0.0:0 to perform routing of packets to an upstream router. The client machine at IP address 192.168.0.

Question 60

(0)

An LTM Specialist has configured a virtual server for www.example.com , load balancing connections to a pool of application servers that provide a shopping cart application. Cookie persistence is e

Related questions

The LTM Specialist is writing a custom HTTP monitor for a web application and has viewed the content by accessing the site directly via their browser. The monitor continually fails. The monitor configuration is: ltm monitor http /Common/exampleComMonitor { defaults-from /Common/http destination *:* interval 5 recv 'Recent Searches' send 'GET /app/feed/current\?uid=20145 HTTP/1.1 \\r\\nHost : www.example.com\\r\\nAccept-EncodinG. gzip, deflate \\r\\nConnection : close\\r\\n \\r\\n' time-until-up 0 timeout 16 } A trace shows the following request and response: Request: GET /app/feed/current?uid=20145 HTTP/1.1 Host www.example.com Accept-Encoding gzip, deflate Connection: close Response: HTTP/1.1 302 Moved Temporarily Date Wed, 17 Oct 2012 18:45:52 GMT Server Apache Location https://example.com/login.jsp Content-Encoding gzip Content-Type text/html;charset=UTF-8 Set-CookiE. JSESSIONID=261EFFBDA8EC3036FBCC22D991AC6835; Path=/app/feed/current?uid=20145 What is the problem?

An LTM Specialist configures the following iRule on an LTM device: when HTTP_REQUEST { if {[string tolower [HTTP::uri]] contains '/URI1/' } { pool Pool1 } elseif {[string tolower [HTTP::uri]] contains '/URI2/' } { pool Pool2 } elseif {[string tolower [HTTP::uri]] contains '/URI3/' } { pool Pool3 } else { pool Pool4} } Given the following request: http://www.example.comURI1/index.html?fu=bar&pass=1234 Which pool will be selected by the iRule?

An LTM Specialist configures an HTTP monitor as follows: ltm monitor http stats_http_monitor { defaults-from http destination *:* interval 5 recv 'Health check: OK' send 'GET /stats/stats.html HTTP/1.1\\r \\nHost : www.example.com\\r\\nAccept-EncodinG. gzip, deflate \\r\\nConnection : close\\r\\n \\r\\n' time-until-up 0 timeout 16 } The monitor is marking all nodes as down. A trace of the HTTP conversation shows the following: GET /stats/stats.html HTTP/1.1 Host: www.example.com Accept-EncodinG. gzip, deflate Connection: close HTTP/1.1 401 Authorization Required DatE. Tue, 23 Oct 2012 19:38:56 GMT Server: Apache/2.2.15 (Unix) WWW-AuthenticatE. Basic realm='Please enter your credentials' Content-LengtH. 480 Connection: close Content-TypE. text/html; charset=iso-8859-1 Which action will resolve the problem?

Which three HTTP headers allow an application server to determine the client's language compatibility, browser, operating system type, and compression compatibility? (Choose three.)

set hsl [HSL::open -proto UDP -pool syslog_server_pool] HSL::send $hsl '<190> [HTTP::host] from [whereis [IP::client_addr] country continent state city zip] , IP: [IP::client_addr]' What do the following iRule commands do when they are used in the same iRule?

What is the effect of an iRule error such as referencing an undefined variable?

An LTM HTTP pool has an associated monitor that sends a string equal to 'GET /test.html'. Which two configurations could an LTM Specialist implement to allow server administrators to disable their pool member servers without logging into the LTM device? (Choose two.)

An LTM device is serving an FTP virtual server that has three pool members. The FTP pool members are monitored via TCP port 21. Customers are reporting that they are able to log in, but are sometimes unable to upload files to the server. Which monitor should the LTM Specialist configure to verify that the servers can handle file uploads?

-- Exhibit -- -- Exhibit -- Refer to the exhibit. An administrator created a monitor to a pool member web server, which resulted in a pool member that is marked red. The administrator knows the web server is working when it is accessed from another computer. What should the administrator do to correct the problem?

A client is attempting to log in to a web application that requires authentication. The following HTTP headers are sent by the client: GET /owa/ HTTP/1.1 Authorization: Basic dXNlcm5hbWU6cGFzc3dvcmQ= User-Agent: curl/7.26.0 Host: 10.0.0.14 Accept: */* Accept-EncodinG. gzip,deflate The web server is responding with the following HTTP headers: HTTP/1.1 401 Unauthorized Content-TypE. text/html Server: Microsoft-IIS/7.5 WWW-AuthenticatE. NTLM DatE. Wed, 16 Aug 1977 19:12:31 GMT Content-LengtH. 1293 The client has checked the login credentials and believes the correct details are being entered. What is the reason the destination web server is sending an HTTP 401 response?

Question 51

An application is configured on an LTM device:

Virtual server: 10.0.0.1:80 (VLAN vlan301)

SNAT IP: 10.0.0.1

Pool members: 10.0.1.1:8080, 10.0.1.2:8080, 10.0.1.3:8080 (VLAN vlan302)

Which packet capture should the LTM Specialist perform on the LTM device command line interface to capture only client traffic specifically for this virtual server?

tcpdump -ni 0.0:nnn -s 0 'host 10.0.0.1' -w /var/tmp/trace.cap

tcpdump -ni vlan301 -s 0 'port 80 and host 10.0.0.1' -w /var/tmp/trace.cap

tcpdump -ni vlan301 -s 0 'port 8080 and host 10.0.1.1 or host 10.0.1.2 or host 10.0.1.3' -w /var/tmp/trace.cap

tcpdump -ni vlan302 -s 0 'port 8080 and host 10.0.1.1 or host 10.0.1.2 or host 10.0.1.3' -w /var/tmp/trace.cap

tcpdump -ni 0.0:nnn -s 0 '(port 80 and host 10.0.0.1) or (port 8080 and host 10.0.1.1 or host 10.0.1.2 or host 10.0.1.3)' -w /var/tmp/trace.cap

Show Answer Comment (0)

Question 52

An application is configured on an LTM device:

Virtual server: 10.0.0.1:80 (VLAN vlan301)

SNAT IP: 10.0.0.1

Pool members: 10.0.1.1:8080, 10.0.1.2:8080, 10.0.1.3:8080 (VLAN vlan302)

Which packet capture should the LTM Specialist perform on the LTM device command line interface to capture only server traffic specifically for this application?

tcpdump -ni 0.0:nnn -s 0 'host 10.0.0.1' -w /var/tmp/trace.cap

tcpdump -ni vlan301 -s 0 'port 80 and host 10.0.0.1' -w /var/tmp/trace.cap

tcpdump -ni vlan302 -s 0 'port 8080 and (host 10.0.1.1 or host 10.0.1.2 or host 10.0.1.3)' -w /var/tmp/trace.cap

tcpdump -ni 0.0:nnn -s 0 '(port 80 and host 10.0.0.1) or (port 8080 and host 10.0.1.1 or host 10.0.1.2 or host 10.0.1.3)' -w /var/tmp/trace.cap

Show Answer Comment (0)

Question 53

An LTM Specialist sees these entries in /var/log/ltm:

Oct 25 03:34:31 tmm warning tmm[7150]: 01260017:4: Connection attempt to insecure SSL server (see RFC5746) aborteD. 172.16.20.1:443

Oct 25 03:34:32 tmm warning tmm[7150]: 01260017:4: Connection attempt to insecure SSL server (see RFC5746) aborteD. 172.16.20.1:443

Oct 25 03:34:33 tmm warning tmm[7150]: 01260017:4: Connection attempt to insecure SSL server (see RFC5746) aborteD. 172.16.20.1:443

Assume 172.16.20.0/24 is attached to the VLAN 'internal.'

What should the LTM Specialist use to troubleshoot this issue?

curl -d - -k https://172.16.20.1

ssldump -i internal host 172.16.20.1

tcpdump -i internal host 172.16.20.1 > /shared/ssl.pcap ssldump < /shared/ssl.pcap

tcpdump -s 64 -i internal -w /shared/ssl.pcap host 172.16.20.1 ssldump -r /shared/ssl.pcap

Show Answer Comment (0)

Question 54

A virtual server for a set of web services is constructed on an LTM device. The LTM Specialist has created an iRule and applied this iRule to the virtual server:

when HTTP_REQUEST {

switch [HTTP::uri] {

'/WS1/ws.jsp' {

log local0. '[HTTP::uri]-Redirected to JSP Pool'

pool JSP

}

default { log local0. '[HTTP::uri]-Redirected to Non-JSP Pool'

pool NonJSP

}

However, the iRule is NOT behaving as expected. Below is a snapshot of the log:

/WS1/ws.jsp-Redirected to JSP Pool

/WS1/WS.jsp-Redirected to Non-JSP Pool

/ws1/WS.jsp-Redirected to Non-JSP Pool

/WS1/ws.jsp-Redirected to JSP Pool

/ws1/ws.jsp-Redirected to Non-JSP Pool

What is the problem?

The condition in the iRule is case sensitive.

The 'switch' command in the iRule has been used incorrectly.

The pool members of both pools need to be set up as case-insensitive members.

The 'Process Case-Insensitivity' option for the virtual server needs to be selected.

Show Answer Comment (0)

Question 55

An LTM Specialist is tasked with ensuring that the syslogs for the LTM device are sent to a remote syslog server.

The following is an extract from the config file detailing the node and monitor that the LTM device is using for the remote syslog server:

monitor

Syslog_15002 {

defaults from udp

dest *:15002

}

node 91.223.45.231 {

monitor Syslog_15002

screen RemoteSYSLOG

}

There seem to be problems communicating with the remote syslog server. However, the pool monitor shows that the remote server is up.

The network department has confirmed that there are no firewall rules or networking issues preventing the LTM device from communicating with the syslog server. The department responsible for the remote syslog server indicates that there may be problems with the syslog server. The LTM Specialist checks the BIG-IP LTM logs for errors relating to the remote syslog server. None are found. The LTM Specialist does a tcpdump:

tcpdump -nn port 15002, with the following results:

21:28:36.395543 IP 192.168.100.100.44772 > 91.223.45.231.15002: UDP, length 19

21:28:36.429073 IP 192.168.100.100.39499 > 91.223.45.231.15002: UDP, length 169

21:28:36.430714 IP 192.168.100.100.39499 > 91.223.45.231.15002: UDP, length 181

21:28:36.840524 IP 192.168.100.100.39499 > 91.223.45.231.15002: UDP, length 169

21:28:36.846547 IP 192.168.100.100.39499 > 91.223.45.231.15002: UDP, length 181

21:28:39.886343 IP 192.168.100.100.39499 > 91.223.45.231.15002: UDP, length 144

NotE. 192.168.100.100 is the self IP of the LTM device.

Why are there no errors for the remote syslog server in the log files?

The -log option for tcpdump needs to be used.

The monitor type used is inappropriate.

The 'verbose' logging option needs to be enabled for the pool.

When the remote syslog sever fails, it returns to service before the timeout for the monitor has expired.

Show Answer Comment (0)

Question 56

Given a tcpdump on an LTM device from both sides of a connection on the External and Internal VLANs, how should an LTM Specialist determine if SNAT is enabled for a particular pool?

by checking to see if the Source IP is carried through from the External Vlan to the Internal Vlan

by checking to see if the Destination port is carried through from the External Vlan to the Internal Vlan

by checking to see if the Source port is carried through from the External Vlan to the Internal Vlan

by checking to see if the Destination IP is carried through from the External Vlan to the Internal Vlan

Show Answer Comment (0)

Question 57

An LTM Specialist has a OneConnect profile and HTTP profile configured on a virtual server to load balance an HTTP application.

The following HTTP headers are seen in a network trace when a client connects to the virtual server:

Clientside:

GET / HTTP/1.1

Host: 192.168.136.100

User-Agent: Mozilla/5.0

Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8

Accept-EncodinG. gzip, deflate

Connection: keep-alive

Serverside:

HTTP/1.1 200 OK

DatE. 5 Jun 1989 17:06:55 GMT

Server: Apache/2.2.14 (Ubuntu)

Vary: Accept-Encoding

Content-EncodinG. gzip

Content-LengtH. 3729

X-Cnection: close

Content-TypE. text/html

The LTM Specialist notices the OneConnect feature is working incorrectly.

Why is OneConnect functioning incorrectly?

Client must support HTTP/1.0.

Client must support HTTP keep-alive.

Server must support HTTP/0.9.

Server must support HTTP keep-alive.

Show Answer Comment (0)

Question 58

A virtual server for a set of web services is constructed on an LTM device. The LTM Specialist has created an iRule and applied this iRule to the virtual server:

when HTTP_REQUEST {

switch [HTTP::uri] {

'/ws1/ws.jsp' {

log local0. '[HTTP::uri]-Redirected to JSP Pool'

pool JSP

}

default { log local0. '[HTTP::uri]-Redirected to Non-JSP Pool'

pool NonJSP

}

However, the iRule is NOT behaving as expected. Below is a snapshot of the log:

/WS1/ws.jsp-Redirected to JSP Pool

/WS1/WS.jsp-Redirected to Non-JSP Pool

/ws1/WS.jsp-Redirected to Non-JSP Pool

/WS1/ws.jsp-Redirected to JSP Pool

/ws1/ws.jsp-Redirected to Non-JSP Pool

What should the LTM Specialist do to resolve this?

Use the followinG. switch -lc [HTTP::uri]

Use the followinG. switch [string tolower [HTTP::uri]]

Set the 'Case Sensitivity' option of each member to 'None'.

Select the 'Process Case-Insensitivity' option for the virtual server.

Show Answer Comment (0)

Question 59

An LTM device has a virtual server configured as a Performance Layer 4 virtual listening on 0.0.0.0:0 to perform routing of packets to an upstream router. The client machine at IP address 192.168.0.4 is attempting to contact a host upstream of the LTM device on IP address 10.0.0.99.

The network flow is asymmetrical, and the following TCP capture displays:

# tcpdump -nnni 0.0 'host 192.168.0.4 and host 10.0.0.99'

tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on 0.0, link-type EN10MB (Ethernet), capture size 96 bytes

05:07:55.499954 IP 192.168.0.4.35345 > 10.0.0.99.443: S 3205656213:3205656213(0) ack 3267995082 win 1480

05:07:55.499983 IP 10.0.0.99.443 > 192.168.0.4.35345: R 1:1(0) ack 1 win 0

05:07:56.499960 IP 192.168.0.4.35345 > 10.0.0.99.443: S 3205656213:3205656213(0) ack 3267995082 win 1480

05:07:56.499990 IP 10.0.0.99.443 > 192.168.0.4.35345: R 1:1(0) ack 1 win 0

4 packets captured

Which option within the fastL4 profile needs to be enabled by the LTM Specialist to prevent the LTM device from rejecting the flow?

Loose Close

Loose Initiation

Reset on Timeout

Generate Initial Sequence Number

Show Answer Comment (0)

Question 60

An LTM Specialist has configured a virtual server for www.example.com, load balancing connections to a pool of application servers that provide a shopping cart application. Cookie persistence is enabled on the virtual server. Users are able to connect to the application, but the user's shopping cart fails to update. A traffic capture shows the following:

Request:

GET /cart/updatecart.php HTTP/1.1

Host: www.example.com

Connection: keep-alive

Cache-Control: max-age=0

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_7_5) AppleWebKit/537.4 (KHTML, like Gecko) Chrome/22.0.1229.94 Safari/537.4

Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8

Accept-EncodinG. gzip,deflate,sdch

Accept-LanguagE. en-US,en;q=0.8

Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

CookiE. BIGipServerwebstore_pool=353636524.20480.0000

Response: