Black Friday Special Sale - Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: mxmas70

 
Home > F5 > LTM Specialist > 301b

301b LTM Specialist: Maintain & Troubleshoot Question and Answers

Question # 4

A virtual server for a set of web services is constructed on an LTM device. The LTM Specialist has created an iRule and applied this iRule to the virtual server:

when HTTP_REQUEST {

switch [HTTP::uri] {

"/WS1/ws.jsp" {

log local0. "[HTTP::uri]-Redirected to JSP Pool"

pool JSP

}

default { log local0. "[HTTP::uri]-Redirected to Non-JSP Pool"

pool NonJSP

}

}

}

However, the iRule is NOT behaving as expected. Below is a snapshot of the log:

/WS1/ws.jsp-Redirected to JSP Pool

/WS1/ws.jsp-Redirected to JSP Pool

/WS1/ws.jsp-Redirected to JSP Pool

/WS1/WS.jsp-Redirected to Non-JSP Pool

/ws1/WS.jsp-Redirected to Non-JSP Pool

/WS1/ws.jsp-Redirected to JSP Pool

/ws1/ws.jsp-Redirected to Non-JSP Pool

What is the problem?

A.

The condition in the iRule is case sensitive.

B.

The 'switch' command in the iRule has been used incorrectly.

C.

The pool members of both pools need to be set up as case-insensitive members.

D.

The "Process Case-Insensitivity" option for the virtual server needs to be selected.

Full Access
Question # 5

An LTM Specialist has just captured trace /var/tmp/trace.cap for site www.example.com while listening on virtual address 10.0.0.1:443 configured on partition ApplicationA. The data payload being captured is SSL encrypted.

Which command should the LTM Specialist execute to decrypt the data payload?

A.

ssldump -Aed -nr /var/tmp/trace.cap -k /config/filestore/files_d/Common_d/certificate_d/:Common:www.example.com.crt_1

B.

ssldump -Aed -nr /var/tmp/trace.cap -k /config/filestore/files_d/Common_d/certificate_key_d/:Common:www.example.com.key_1

C.

ssldump -Aed -nr /var/tmp/trace.cap -k /config/filestore/files_d/ApplicationA_d/certificate_d/:ApplicationA:www.example.com.crt_1

D.

ssldump -Aed -nr /var/tmp/trace.cap -k /config/filestore/files_d/ApplicationA_d/certificate_key_d/:ApplicationA:www.example.com.key_1

Full Access
Question # 6

In which file would the LTM Specialist find virtual server configurations?

A.

bigip.conf

B.

bigip_sys.conf

C.

bigip_base.conf

D.

profile_base.conf

Full Access
Question # 7

-- Exhibit –

-- Exhibit --

Refer to the exhibit.

An LTM Specialist sets up AVR alerts and notifications for a specific virtual server if the server latency exceeds 50ms. The LTM Specialist simulates a fault so that the server latency is consistently exceeding the 50ms threshold; however, no alerts are being received.

Which configuration should the LTM Specialist modify to achieve the expected results?

A.

The rule should be adjusted to trigger when server latency is above 50ms.

B.

SNMP alerting should be enabled to allow e-mail to be sent to the support team.

C.

User Agents needs to be enabled to ensure the correct information is collected to trigger the alert.

D.

The metric "Page Load Time" needs to be enabled to ensure that the correct information is collected.

Full Access
Question # 8

An LTM Specialist is troubleshooting an issue with a new virtual server. When connecting through the virtual server, clients receive the message "The connection was reset" in the browser, although connections directly to the pool member show the application is functioning correctly.

ltm pool srv1_https_pool {

members {

192.168.2.1:https{

address 192.168.2.1

}

}

}

ltm virtual https_example_vs {

destination 192.168.1.155:https

ip-protocol tcp

mask 255.255.255.255

pool srv1_https_pool

profiles {

http { }

tcp { }

}

snat automap

vlans-disabled

}

How should the LTM Specialist resolve this issue?

A.

Enable HTTP monitoring on the pool.

B.

Add a ClientSSL profile to the virtual server.

C.

Disable SNAT Automap on the virtual server.

D.

Remove the HTTP profile from the virtual server.

Full Access
Question # 9

An LTM Specialist is customizing local traffic logging.

Which traffic management OS alert level provides the most detail?

A.

Alert

B.

Notice

C.

Critical

D.

Emergency

E.

Informational

Full Access
Question # 10

Which two items can be logged by the Application Visibility Reporting analytics profile? (Choose two.)

A.

User Agent

B.

HTTP version

C.

HTTP Response Codes

D.

Per Virtual Server CPU Utilization

Full Access
Question # 11

An LTM Specialist configured a virtual server to load balance a custom application. The application works when it is tested from within the firewall but it fails when tested externally. The pool member address is 192.168.200.10:80. A capture from an external client shows:

GET /index.jsp HTTP/1.1

Host: 207.206.201.100

User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:15.0) Gecko/20100101 Firefox/15.0.1

Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8

Connection: keep-alive

HTTP/1.1 302 Found

DatE. Wed, 17 Oct 2012 23:09:55 GMT

Server: Apache/2.2.15 (CentOS)

Location: http://192.168.200.10/user/home.jsp

Content-LengtH. 304

Connection: close

What is the solution to this issue?

A.

Assign a SNAT pool to the virtual server.

B.

Add a Web Acceleration Profile to the virtual server.

C.

Configure redirect rewrite option in the HTTP profile.

D.

Configure a content filter on the backend web server.

Full Access
Question # 12

What is the correct command to reset an LTM device to its default settings?

A.

tmsh reset-all default

B.

tmsh set /sys config defaults

C.

tmsh load /sys config default

D.

tmsh /util bigpipe reset-factory-defaults

Full Access
Question # 13

An LTM Specialist is tasked with ensuring that the syslogs for the LTM device are sent to a remote syslog server.

The following is an extract from the config file detailing the node and monitor that the LTM device is using for the

remote syslog server:

monitor

Syslog_15002 {

defaults from udp

dest *:15002

}

node 91.223.45.231 {

monitor Syslog_15002

screen RemoteSYSLOG

}

There seem to be problems communicating with the remote syslog server. However, the pool monitor shows that the remote server is up.

The network department has confirmed that there are no firewall rules or networking issues preventing the LTM device from

communicating with the syslog server. The department responsible for the remote syslog server indicates that there may

be problems with the syslog server. The LTM Specialist checks the BIG-IP LTM logs for errors relating to the remote syslog

server. None are found. The LTM Specialist does a tcpdump:

tcpdump -nn port 15002, with the following results:

21:28:36.395543 IP 192.168.100.100.44772 > 91.223.45.231.15002: UDP, length 19

21:28:36.429073 IP 192.168.100.100.39499 > 91.223.45.231.15002: UDP, length 169

21:28:36.430714 IP 192.168.100.100.39499 > 91.223.45.231.15002: UDP, length 181

21:28:36.840524 IP 192.168.100.100.39499 > 91.223.45.231.15002: UDP, length 169

21:28:36.846547 IP 192.168.100.100.39499 > 91.223.45.231.15002: UDP, length 181

21:28:39.886343 IP 192.168.100.100.39499 > 91.223.45.231.15002: UDP, length 144

NotE. 192.168.100.100 is the self IP of the LTM device.

Why are there no errors for the remote syslog server in the log files?

A.

The -log option for tcpdump needs to be used.

B.

The monitor type used is inappropriate.

C.

The "verbose" logging option needs to be enabled for the pool.

D.

When the remote syslog sever fails, it returns to service before the timeout for the monitor has expired.

Full Access
Question # 14

Which procedure should an LTM Specialist follow to move a configuration from a 1500 to a 1600 hardware platform during an upgrade?

A.

tmsh save sys config file filename.scf

copy the file from the /var/local/scf directory from one device to the other

tmsh load sys config file filename.scf

B.

tmsh save sys backup file filename.scf

copy the file from the /var/local/scf directory from one device to the other

tmsh load sys backup file filename.scf

C.

tmsh save sys backup file filename.scf

copy the file from the /var/local/ucs directory from one device to the other

tmsh load sys backup file filename.scf

D.

tmsh save sys config file filename.scf

copy the file from the /var/local/ucs directory from one device to the other

tmsh load sys config file filename.scf

Full Access
Question # 15

-- Exhibit –

-- Exhibit --

Refer to the exhibit.

An LTM Specialist is performing an HTTP trace on the client side of the LTM device and notices there are many undesired headers being sent by the server in the response. The LTM Specialist wants to remove all response headers except "Set-Cookie" and "Location."

How should the LTM Specialist modify the HTTP profile to remove undesired headers from the HTTP response?

A.

Enter the desired header names in the 'Request Header Insert' field.

B.

Enter the undesired header names in the 'Request Header Erase' field.

C.

Enter the undesired header names in the 'Response Header Erase' field.

D.

Enter the desired header names in the 'Response Headers Allowed' field.

Full Access
Question # 16

In preparation for a maintenance task, an LTM Specialist performs a "Force to Standby" on LTM device Unit 1. LTM device Unit 2 becomes active as expected. The maintenance task requires the reboot of Unit 1. Shortly after the reboot is complete, the LTM Specialist discovers that Unit 1 has become active and Unit 2 has returned to standby.

What would cause this behavior?

A.

Unit 1 is set with the redundancy state preference of active in devices groups.

B.

Unit 1 is set with the redundancy state preference of active in high availability.

C.

A traffic group is configured with Auto Failback, and Unit 1 is the default device.

D.

A device group is configured with Auto Failback, and Unit 1 is the default device.

Full Access
Question # 17

-- Exhibit –

-- Exhibit --

Refer to the exhibit.

A client attempts to connect from a Google Chrome browser to a virtual server on a BIG-IP LTM. The virtual server is SSL Offloaded. When the client connects, the client receives an SSL error. After trying Mozilla Firefox and Internet Explorer browsers, the client still receives the same errors.

The LTM Specialist does an ssldump on the virtual server and receives the results as per the exhibit.

What is the problem?

A.

The SSL key length is incorrect.

B.

The BIG-IP LTM is NOT serving a certificate.

C.

The BIG-IP LTM is NOT listening on port 443.

D.

The client needs to be upgraded to the appropriate cipher-suite.

Full Access
Question # 18

-- Exhibit –

-- Exhibit --

Refer to the exhibit.

Which profile could be removed or changed on this virtual server to reduce CPU load on the LTM device without increasing server side bandwidth usage?

A.

tcp

B.

http

C.

httpcompression

D.

optimized-caching

Full Access
Question # 19

An LTM Specialist wants to allow access to the Always On Management (AOM) from the network.

Which two methods should the LTM Specialist use to configure the AOM interface? (Choose two.)

A.

Configure the AOM IP from the front panel buttons and LCD.

B.

Choose the network configurator in the AOM menu on the serial port.

C.

Configure the AOM network address in the GUI under System>Platform.

D.

Log in to the Host via ssh, "ssh aom", and modify the network configuration file.

Full Access
Question # 20

Given the log entry:

011f0005:3: HTTP header (32800) exceeded maximum allowed size of 32768 (Client sidE. vip=/Common/VS_web profile=http pool=/Common/POOL_web client_ip=10.0.0.1)

Which HTTP profile setting can be modified temporarily to resolve the issue?

A.

Increase Maximum Requests

B.

Decrease Maximum Requests

C.

Increase Maximum Header Count

D.

Decrease Maximum Header Count

E.

Increase Maximum Header size

F.

Decrease Maximum Header size

Full Access
Question # 21

Which iRule statement demotes a virtual server from CMP?

A.

set ::foo 123

B.

set static::foo 123

C.

persist source_addr 1800

D.

[ class match $HTTP_CONTENT contains my_data_class ]

Full Access
Question # 22

-- Exhibit –

-- Exhibit --

Refer to the exhibit.

Users receive an error when attempting to connect to the website https://website.com. The website has a DNS record of 195.56.67.90. The upstream ISP has confirmed that there is nothing wrong with the routing between the user and the LTM device.

The following tcpdump outputs have been captured:

External Vlan, filtered on IP 168.210.232.5

00:25:07.598519 IP 168.210.232.5.33159 > 195.56.67.90.https: S 1920647964:1920647964(0) win 8192

00:25:07.598537 IP 195.56.67.90.https > 168.210.232.5.33159: S 2690691360:2690691360(0) ack 1920647965 win 4350

00:25:07.598851 IP 168.210.232.5.33160 > 195.56.67.90.https: S 2763858764:2763858764(0) win 8192

00:25:07.598858 IP 195.56.67.90.https > 168.210.232.5.33160: S 1905576176:1905576176(0) ack 2763858765 win 4350

Internal Vlan, filtered on IP 168.210.232.5

00:31:46.171124 IP 168.210.232.5.33202 > 192.168.100.20.http: S 2389057240:2389057240(0) win 4380

What is the problem?

A.

The filters on the tcpdumps are incorrect.

B.

The DNS entry for website.com is incorrect.

C.

The virtual server 'WEBSERVICES1' is listening on the incorrect port.

D.

The firewall is dropping the connection coming from the pool members returned to the client.

E.

The subnet masks of the pool members of pool WebServices1 and the f5 'Internal' Vlan are incorrect.

Full Access
Question # 23

An LTM Specialist has set up a custom SNMP alert.

Which command line tool should the LTM Specialist use to test the alert?

A.

logger

B.

logtest

C.

testlog

D.

snmptest

Full Access
Question # 24

-- Exhibit –

-- Exhibit --

Refer to the exhibit.

A server administrator notices that one server is intermittently NOT being sent any HTTP requests. The server logs display no issues. The LTM Specialist notices log entries stating the node (172.16.20.1) status cycling between down and up. The pool associated with the virtual server (10.10.1.100) has a custom HTTP monitor applied.

Which tcpdump filter will help trace the monitor?

A.

tcpdump -i internal port 80 and host 172.16.1.31

B.

tcpdump -i external port 80 and host 10.10.1.100

C.

tcpdump -i internal port 80 and host 172.16.1.33

D.

tcpdump -i external port 80 and host 172.16.20.1

Full Access
Question # 25

These log entries can have different root causes:

Jun 28 05:01:21 LTM_A notice mcpd[27545]: 0107143a:5: CMI reconnect timer: enabled

Jun 28 05:01:21 LTM_A notice mcpd[27545]: 01071431:5: Attempting to connect to CMI peer 1.1.1.2 port 6699

Jun 28 05:01:21 LTM_A notice mcpd[27545]: 01071432:5: CMI peer connection established to 1.1.1.2 port 6699

Jun 28 05:01:26 LTM_A notice mcpd[27545]: 0107143a:5: CMI reconnect timer: disabled, all peers are connected

Which two commands should be used to obtain additional information on these entries? (Choose two.)

A.

tmsh show /sys mcpd

B.

bigstart status mcpd

C.

tmsh modify /sys db log.mcpd.level value debug

D.

tmsh modify /sys db log.cmi.level value debug

Full Access
Question # 26

A virtual server for a set of web services is constructed on an LTM device. The LTM Specialist has created an iRule and applied this iRule to the virtual server:

when HTTP_REQUEST {

switch [HTTP::uri] {

"/ws1/ws.jsp" {

log local0. "[HTTP::uri]-Redirected to JSP Pool"

pool JSP

}

default { log local0. "[HTTP::uri]-Redirected to Non-JSP Pool"

pool NonJSP

}

}

}

However, the iRule is NOT behaving as expected. Below is a snapshot of the log:

/WS1/ws.jsp-Redirected to JSP Pool

/WS1/ws.jsp-Redirected to JSP Pool

/WS1/ws.jsp-Redirected to JSP Pool

/WS1/WS.jsp-Redirected to Non-JSP Pool

/ws1/WS.jsp-Redirected to Non-JSP Pool

/WS1/ws.jsp-Redirected to JSP Pool

/ws1/ws.jsp-Redirected to Non-JSP Pool

What should the LTM Specialist do to resolve this?

A.

Use the followinG.switch -lc [HTTP::uri]

B.

Use the followinG.switch [string tolower [HTTP::uri]]

C.

Set the "Case Sensitivity" option of each member to "None".

D.

Select the "Process Case-Insensitivity" option for the virtual server.

Full Access
Question # 27

An LTM Specialist connects to an LTM device via the serial console cable and receives unreadable output. The LTM Specialist is using the appropriate cable and connecting it to the correct serial port.

Which command should the LTM Specialist run through ssh to verify that the baud rate settings for the serial port are correct on the LTM device?

A.

tmsh list /sys console

B.

tmsh edit /sys console

C.

tmsh show /sys console

D.

tmsh show /ltm console

Full Access
Question # 28

There is a fault with an LTM device load balanced trading application that resides on directly connected VLAN vlan-301. The application virtual server is 10.0.0.1:80 with trading application backend servers on subnet 192.168.0.0/25. The LTM Specialist wants to save a packet capture with complete payload for external analysis.

Which command should the LTM Specialist execute on the LTM device command line interface?

A.

tcpdump -vvv -w /var/tmp/trace.cap 'net 192.168.0.0/25'

B.

tcpdump -vvv -s 0 -w /var/tmp/trace.cap 'net 192.168.0.0/25'

C.

tcpdump -vvv -nni vlan-301 -w /var/tmp/trace.cap 'net 192.168.0.0/25'

D.

tcpdump -vvv -s 0 -nni vlan-301 -w /var/tmp/trace.cap 'net 192.168.0.0/25'

Full Access
Question # 29

-- Exhibit –

-- Exhibit --

Refer to the exhibit.

An LTM Specialist is troubleshooting an issue with an application configured on an LTM device. The application works properly when accessed directly via the servers; however, it does not work when accessed via the LTM device. The virtual server, 192.168.1.211:443, is configured to SNAT using the address 192.168.1.144 and references a pool with the member 192.168.10.80:443. The virtual server has no Client or Server SSL profiles associated.

Which configuration change will allow the application to function through the virtual server?

A.

Change pool member port to 8443.

B.

Change virtual server port to 8443.

C.

Add SSL off-loading to the pool member.

D.

Add Client and Server SSL profiles to the virtual server.

Full Access
Question # 30

Which iRule will instruct the client's browser to avoid caching HTML server responses?

A.

when HTTP_REQUEST {

if {[HTTP::header Content-Type] equals "html"} {

HTTP::header insert Pragma "no-cache"

HTTP::header insert Expires "Fri, 01 Jan 1990 00:00:00 GMT"

HTTP::header replace Cache-Control "no-cache,no-store,must-revalidate"

}

}

B.

when HTTP_REQUEST {

if {[HTTP::header Content-Type] contains "html"} {

HTTP::header insert Pragma "no-cache"

HTTP::header insert Expires "Fri, 01 Jan 1990 00:00:00 GMT"

HTTP::header replace Cache-Control "no-cache,no-store,must-revalidate"

}

}

C.

when HTTP_RESPONSE {

if {[HTTP::header Content-Type] contains "html"} {

HTTP::header insert Pragma "no-cache"

HTTP::header insert Expires "Fri, 01 Jan 1990 00:00:00 GMT"

HTTP::header replace Cache-Control "no-cache,no-store,must-revalidate"

}

}

D.

when HTTP_RESPONSE {

if {[HTTP::header Content-Type] equals "html"} {

HTTP::header insert Pragma "no-cache"

HTTP::header insert Expires "Fri, 01 Jan 1990 00:00:00 GMT"

HTTP::header replace Cache-Control "no-cache,no-store,must-revalidate"

}

}

Full Access
Question # 31

-- Exhibit –

-- Exhibit --

Refer to the exhibit.

An LTM Specialist is investigating reports that users are unable to perform some commands through an FTP virtual server. The LTM Specialist performs a capture on the server side of the LTM device.

What is the issue with the application?

A.

data connection failing

B.

LIST command disallowed

C.

PORT command disallowed

D.

command connection failing

Full Access
Copyright myexamcollection.com. All Right Reserved.