303 BIG-IP ASM Specialist Question and Answers

Refer to the exhibit.

A BIG-IP Administrator creates a new Virtual Server to load balance SSH traffic. Users are unable to log on to the servers.

What should the BIG-IP Administrator do to resolve the issue?

The LTM Specialist is writing a custom HTTP monitor for a web application and has viewed the content by accessing the site directly via their browser. The monitor continually fails. The monitor configuration is:

ltm monitor http /Common/exampleComMonitor {

defaults-from /Common/http

destination *:*

interval 5

recv "Recent Searches"

send "GET /app/feed/current\?uid=20145 HTTP/1.1\\r\\nHost: www.example.com\\r\\nAccept-EncodinG. gzip, deflate\\r\\nConnection: close\\r\\n\\r\\n"

time-until-up 0

timeout 16

}

A trace shows the following request and response:

Request:

GET /app/feed/current?uid=20145 HTTP/1.1

Host www.example.com

Accept-Encoding gzip, deflate

Connection: close

Response:

HTTP/1.1 302 Moved Temporarily

Date Wed, 17 Oct 2012 18:45:52 GMT

Server Apache

Location https://example.com/login.jsp

Content-Encoding gzip

Content-Type text/html;charset=UTF-8

Set-CookiE. JSESSIONID=261EFFBDA8EC3036FBCC22D991AC6835; Path=/app/feed/current?uid=20145

What is the problem?

An LTM device receives a response string containing "error"

Which monitor type and parameter will mark the HTTP server as down?

An LTM Specialist is receiving reports from customers about multiple applications failing to work properly. The LTM Specialist looks at the services running and notices that the bigd process has NOT started.

How are monitored LTM device objects marked when the bigd process is stopped?

A Virtual Server uses an iRule to send traffic to pool members depending on the URI. The BIG-IP

Administrator needs to modify the pool member in the iRule.

Which event declaration does the BIG-IP Administrator need to change to accomplish this?

A BIG-IP Administrator needs to have a BIG-IP linked to two upstream switches for resilience of the external network. The network engineer who is going to configure the switch instructs the BIG-IP Administrator to configure interface binding with LACP. Which configuration should the administrator use?

A pool of four servers has been partially upgraded for two new servers with more memory and CPU capacity. The BIG-IP Administrator must change the load balance method to consider more connections for the two new servers. Which load balancing method considers pool member CPU and memory load?

A user is having issues with connectivity to an HTTPS virtual server. The virtual server is on the LTM device's external vlan, and the pools associated with the virtual server are on the internal vlan. An LTM Specialist does a tcpdump on the external interface and notices that the host header is incomplete.

In which location should the LTM Specialist put a traffic analyzer to gather the most pertinent data?

-- Exhibit –

-- Exhibit --

Refer to the exhibits.

Users are able to access the application when connecting to the virtual server but are unsuccessful when connecting directly to the application servers. The LTM Specialist wants to allow direct access to the application servers.

Why are users unable to connect directly to the application servers?

Refer to the exhibit.

How many nodes are represented on the network map shown?

Refer to the exhibit.

A BIG-IP Administrator needs to deploy an application on the BIG-IP system to perform SSL offload and

re-encrypt the traffic to pool members.

During testing, users are unable to connect to the application.

What must the BIG-IP Administrator do to resolve the issue?

An IT support engineer needs to access and modify Virtual Servers in three partitions (Common /Banking and Dev) daily on a BIG-IP device. The company operates a Least Privilege access policy. What level of access does the IT support engineer need to ensure completion of daily roles?

What should the LT'M Specialist add to the virtual server?

A BIG-IP Administrator finds the following log entry after a report of user issues connecting to a virtual server:

01010201: 2: Inet port exhaustion on 10.70.110.112 to 192.28.123.250:80 (proto 6)

How should the BIG-IP Administrator modify the SNAT pool that is associated with the virtual server?

Refer to the exhibit.

The pool shown isconfigured with four pool members in a variety of states. The application is receiving a large number of request. The LTM Specialist needs to make changes to make sure that all members receive the same levels of traffic.

Which changes need to be made?

An LTM Specialist needs to modify the logging level for tcpdump execution events. Checking the BigDB Key, the following is currently configured:

sys db log.tcpdump.level {

value "Notice"

}

Which command should the LTM Specialist execute on the LTM device to change the logging level to informational?

A new web application is being deployed Mutual SSL authentication must be used to authenticate clients.

Which of the following two tasks must be completed to meet therequirements? (Choose two)

An LTM Specialist is troubleshooting an issue with a new virtual server. When connecting through the virtual server, clients receive the message "Unable to connect" in the browser, although connections directly to the pool member show the application is functioning correctly. The LTM device configuration is:

ltm virtual /Common/vs_https {

destination /Common/10.10.1.110:443

ip-protocol udp

mask 255.255.255.255

pool /Common/pool_https

profiles {

/Common/udp { }

}

translate-address enabled

translate-port enabled

vlans-disabled

}

ltm pool /Common/pool_https {

members {

/Common/172.16.20.1:443 {

address 172.16.20.1

}

}

}

What issue is the LTM Specialist experiencing?

An LTM device is load balancing SIP traffic. An LTM Specialist notices that sometimes the SIP request is being load balanced to the same server as the initial connection.

Which setting in the UDP profile will make the LTM device more evenly distribute the SIP traffic?

A BIG-IP Administrator needs to view the CPU utilization of a particular Virtual Server. Which section of the Configuration Utility should the administrator use for this purpose?

Refer to the exhibit.

A BIG-IP Administrator creates a new Virtual Server. The end user is unable to access the page. During

troubleshooting, the administrator learns that the connection between the BIG-IP system and server is

NOT set up correctly.

What should the administrator do to solve this issue?

Refer to the exhibit.

An LTMSpecialist configures the two syslog destination Syslog destination #1 can receive messages but the syslog destination #2 can NOT receive messages.

Which command sill correct the issue?

Interface 1.2 on a BIG-IP VE has a status of UNINITIALIZED. What is the reason for this status?

An LTM Specialist has installed a hotfix that updated the SCCP firmware package.

Which command will ensure that the host subsystem and SCCP reboot?

An LTM device is monitoring pool members on port 80. The LTM device is using an HTTP monitor with a send string of GET / and a blank receive string.

What would cause the pool members to be marked down?

A node is assigned two monitors as seen in this configuration.

What is the status of a member that runs on that node and listens on port 443?

-- Exhibit –

-- Exhibit --

Refer to the exhibit.

An LTM Specialist creates a virtual server to load balance traffic to a pool of HTTPS servers. The servers use client certificates for user authentication. The virtual server has clientssl, serverssl, and http profiles enabled. Clients are unable to connect to the application through the virtual server, but they are able to connect to the application servers directly.

Which change to the LTM device configuration will resolve the problem?

Refer to the exhibit. The BIG-IP Administrator needs to avoid overloading any of the Pool Members with

connections, when they become active.

What should the BIG-IP Administrator configure to meet this requirement?

A BIG-IP Administrator needs to check the memory utilization on a BIG-IP system. Which two methods can the UIG IP Administrator use? (Choose two.)

Refer to the exhibit.

A user attempts to connect to 10.10.10.1.80 using FTP over SSL with an FTPS client. Which virtual server will match and attempt to process the request?

What should the 816-IP Administrator provide when opening a new ticket with F5 Support?

A BIG-IP Administrator needs to collect HTTP status code and HTTP method for traffic flowing through a

virtual server.

Which default profile provides this information?

A web developer needs a virtual server configured for an application.

The application details are asfollows:

Application is accessed on port 443.

The application traffic is encrypted by the server.

HTTP is not being used. No data manipulation is necessary.

Throughput is critical.

NO connections are terminated on the LTM.

Which configuration provides thebest performance?

A)

B)

C)

D)

One of the two members of a device group has been decommissioned. The BIG-IP Administrator tries to

delete the device group, but is unsuccessful.

Prior to removing the device group, which action should be performed?

-- Exhibit –

-- Exhibit --

Refer to the exhibit.

Based on the output of the tmsh interface show command, what is the issue?

An LTM Specialist has recently taken over administration or an LTM devicethat has experienced resource availability issues. The LTM device will need to be solely used for load balancing and SSL offload. Previously, the LTM device was also used to provide statistical analysis of application traffic. However, that functionality has been moved to a third party solution.

Based on the output below, which configuration change should be made to ensure the LTM module receives the most amount of resources?

Refer to the exhibit.

The LTM devices LTM3 and LTM2 have four Traffic Groups defined with approximately the sar of failover objects defined in each group.

- Traffic Groups A and C have Default Device set to LTM1

- Traffic Groups Band D have Default Device set to LTM2.

- Traffic Groups B and C do NOT have Auto Failback enabled. TrafficGroups A and D have Auto Failback enabled with a timeout value of 60 seconds.

- Traffic Groups A and D have Auto Fallback enabled with a timeout value of 60 seconds.

Both LTM devices are healthy and able to pass traffic for any Traffic Group.

LTM1 loses connectivity on interface 1.4. The LTM Specialists notified 60 seconds after the interface goes down.

What is the state of the Traffic Groups on each LTM device?

An LTM Specialist is tasked with ensuring that the syslogs for the LTM device are sent to a remote syslog server.

The following is an extract from the config file detailing the node and monitor that the LTM device is using for the

remote syslog server:

monitor

Syslog_15002 {

defaults from udp

dest *:15002

}

node 91.223.45.231 {

monitor Syslog_15002

screen RemoteSYSLOG

}

There seem to be problems communicating with the remote syslog server. However, the pool monitor shows that the remote server is up.

The network department has confirmed that there are no firewall rules or networking issues preventing the LTM device from

communicating with the syslog server. The department responsible for the remote syslog server indicates that there may

be problems with the syslog server. The LTM Specialist checks the BIG-IP LTM logs for errors relating to the remote syslog

server. None are found. The LTM Specialist does a tcpdump:

tcpdump -nn port 15002, with the following results:

21:28:36.395543 IP 192.168.100.100.44772 > 91.223.45.231.15002: UDP, length 19

21:28:36.429073 IP 192.168.100.100.39499 > 91.223.45.231.15002: UDP, length 169

21:28:36.430714 IP 192.168.100.100.39499 > 91.223.45.231.15002: UDP, length 181

21:28:36.840524 IP 192.168.100.100.39499 > 91.223.45.231.15002: UDP, length 169

21:28:36.846547 IP 192.168.100.100.39499 > 91.223.45.231.15002: UDP, length 181

21:28:39.886343 IP 192.168.100.100.39499 > 91.223.45.231.15002: UDP, length 144

NotE. 192.168.100.100 is the self IP of the LTM device.

Why are there no errors for the remote syslog server in the log files?

The BIG-IP Administrator needs to ensure the correct health monitor is being used lor a new HTTP pool

named P_example.

Where should the BIG-IP Administrator validate these settings in the Configuration Utility?

A OneConnect profile is applied to a virtual server. The LTM Specialist would like the client source IP addresses within the 10.10.10.0/25 range to reuse an existing server side connection.

Which OneConnect profile source mask should the LTM Specialist use?

-- Exhibit –

-- Exhibit --

Refer to the exhibit.

Which profile could be removed or changed on this virtual server to reduce CPU load on the LTM device without increasing server side bandwidth usage?

An LTM Specialist configured a virtual server to load balance a custom application. The application works when it is tested from within the firewall but it fails when tested externally. The pool member address is 192.168.200.10:80. A capture from an external client shows:

GET /index.jsp HTTP/1.1

Host: 207.206.201.100

User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:15.0) Gecko/20100101 Firefox/15.0.1

Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8

Connection: keep-alive

HTTP/1.1 302 Found

DatE. Wed, 17 Oct 2012 23:09:55 GMT

Server: Apache/2.2.15 (CentOS)

Location: http://192.168.200.10/user/home.jsp

Content-LengtH. 304

Connection: close

What is the solution to this issue?

A new web application is hosted at www.example.net, but some clients are still pointing to the legacy web application at www.example.com.

Which iRule will allow clients referencing www.example.com to access the new application?

-- Exhibit –

-- Exhibit --

Refer to the exhibits.

Users are able to access the application when connecting to the virtual server but are unsuccessful when connecting directly to the application servers. The LTM Specialist wants to allow direct access to the application servers.

Which configuration change resolves this problem?

An F5 LTM Specialist needs to perform an LTM device configuration backup prior to RMA swap.

Which command should be executed on the command line interface to create a backup?

An LTM Specialist needs to configures virtual server that uses PVA or OPVA Which virtual server type should be used?

A pool with a default connection limit is configured to use Round Robin as the load balancing method. An LTM Specialist needs to ensure that the LTM device selects a serverwith the fewest number of connections when new clients connect. Another pool is using the same set of backend servers.

Which load balancing-method should the pool be changed to?

An HA pair of LTM devices that load balance multiple HTTPS applications utilizes highly customized RAM Cache and compression profiles on each virtual server. The LTM Specialist who is administering the HA pair regularly observes entines in the log similar to the following:

tmm tmm I708S1 011e0002.4. sweeper_update: aggressive mode activated (117504/138240 pages)

No DoS attacks arc occurring. No user problems have been reported. Which step should the LTM Specialist take to help mitigate the issue?

Which process can be eliminated by terminating SSL communication on the LTM device rather than the backend pool members?

An application owner claims an LTM device is delaying delivery of an HTTP application. The LTM device has two VLANs, an internal and an external. The application servers reside on the internal VLAN. The virtual server and clients reside on the external VLAN.

With appropriate filters applied, which solution is most efficient for obtaining packet captures in order to investigate the claim of delayed delivery?

A design requires the LTM device to become HA standby when the one of the two physical interface on the External trunk is down the Externaltrunk is an interface on the External VLAN

Which TMOS command enables this behavior?

Refer to the exhibit.

Which two pool members should be chosen for a new connection? (Choose two.)

An LTM Specialist is troubleshooting a problem on an eCommerce website. The user browses the online store using port 80, adding items to the shopping cart. The user then clicks the "Checkout" button on the site, which redirects the user to port 443 for the checkout process. Suddenly, the user's shopping cart is shown as empty. The shopping cart data is stored in memory on the server, and the default source address persistence profile is used on both virtual servers.

What is the issue?

Traffic to a pool of SFTP servers that share storage must be balanced by an LTM device.

What are therequired profile and persistence settings for a standard virtual server?

A BIG-IP Administrator wants to add a new Self IP to the BIG-IP device. Which item should be assigned to the new Self IP being configured?

Refer to the exhibit.

During a planned upgrade lo a BIG-IP HA pair running Active/Standby, an outage to application traffic is reported shortly after the Active unit is forced to Standby Reverting the flower resolves the outage. What should the BIG-IP Administrator modify to avoid an outage during the next for over event?

-- Exhibit –

-- Exhibit --

Refer to the exhibit.

An LTM Specialist is reviewing the 'test' partition.

Which objects, in order, can be removed from the partition?

AN LTM Specialist needs to determine the delay between anLTM device and the internal web server for a specific client.

Which two AVR reporting options should the LTM Specialist enable to measure the delay? (Choose two.)

In an iApp, which configuration protects against accidental changes to an application Services configuration?

-- Exhibit –

-- Exhibit --

Refer to the exhibits.

A customer requests to offload SSL for an internal website. The front page of the website loads correctly; however, selecting links on the page fails.

How should the LTM Specialist fix the issue?

An LTM Specialist configures a new virtual server with a single pool member. The LTM Specialist has NOT defined a health monitor for the pool, pool member or node.

What is the status of the virtual server?

A BIG-IP Administrator notices that one of the servers that runs an application is NOT receiving any traffic. The BIG-IP Administrator examines the configuration status of the application and observes the displayed monitor configuration and affected Pool Member status. What is the possible cause of this issue?

What is a benefit provided by F5 Enterprise Manager?

An LTM Specialist sees these entries in /var/log/ltm:

Oct 25 03:34:31 tmm warning tmm[7150]: 01260017:4: Connection attempt to insecure SSL server (see RFC5746) aborteD. 172.16.20.1:443

Oct 25 03:34:32 tmm warning tmm[7150]: 01260017:4: Connection attempt to insecure SSL server (see RFC5746) aborteD. 172.16.20.1:443

Oct 25 03:34:32 tmm warning tmm[7150]: 01260017:4: Connection attempt to insecure SSL server (see RFC5746) aborteD. 172.16.20.1:443

Oct 25 03:34:32 tmm warning tmm[7150]: 01260017:4: Connection attempt to insecure SSL server (see RFC5746) aborteD. 172.16.20.1:443

Oct 25 03:34:32 tmm warning tmm[7150]: 01260017:4: Connection attempt to insecure SSL server (see RFC5746) aborteD. 172.16.20.1:443

Oct 25 03:34:33 tmm warning tmm[7150]: 01260017:4: Connection attempt to insecure SSL server (see RFC5746) aborteD. 172.16.20.1:443

Assume 172.16.20.0/24 is attached to the VLAN "internal."

What should the LTM Specialist use to troubleshoot this issue?

An application is configured so that the same pool member must be used for an entire session, as well as for HTTP and FTP traffic.

A user reports that a session has terminated, and the user must restart the session. The BIG-IP Administrator determines that the active BIG-IP device failed over to the standby BIG-IP device. Which configuration settings should the BIG-IP Administrator verify to ensure proper behaviour when BIG-IP failover occurs?

A custom HTTP monitor is failing to a pool member 10.10.3.75:8080 that serves up www.example.com.

A ping works to the pool member address.

The SEND string that the monitor is using is: GET/HTTP/l.l/r/n/Host.www.example.com/r/n/Connection

Close/r/n/r/n

Which CLI tool syntax will show that the web server returns the correct HTTP response?

Windows PC clients are connecting to a virtual server over a high-speed, low-latency network with no packet loss.

Which built-in client-side TCP profile provides the highest throughput for HTTP downloads?

An LTM device is load balancing telnet and ssh applications in a client/server environment experiencing significant packet delay.

Which setting in the TCP profile should reduce the amount of packet delay?

A BIG-IP Administrator must determine if a Virtual Address is configured to fail over to the standby member of a device group in which area of the Configuration Utility can this be confirmed?

A virtual serverconfiguration for traffic destined to a server is as shown:

HTTP traffic is destined to the 10 10.20.1 server from the source

Based on precedence, which virtual server accepts this traffic?

An IT administrator wants to log which server is being load balanced to by a user with IP address 10.10.10.25.

Which iRule should the LTM Specialist use to fulfill the request?

-- Exhibit –

-- Exhibit --

Refer to the exhibit.

An LTM Specialist has created a virtual server to balance connections to a pool of application servers and offload SSL decryption. Clients connect to the application at https://www.example.com/. The virtual server is configured with a clientssl profile but no serverssl profile. The application servers are listening on ports 80 and 443. Users are unable to connect to the application through the virtual server but are able to connect directly to the application server.

What is the root cause of the error?

An LTM device supports two power supplies. The value of the BigDB key "platform.powersupplymonitor" is equal to enable.

Where would the error message be visible if one of the power supplies fails or is NOT plugged in?

All pool members are online. All other virtual server settings are at default What might after the load balancing behavior?

An LTM device configured with a management IP address and route and a series of self-IPs and TMM routes.Both management and TMM have a routing entry for 101 10/24 Application traffic is being load balanced and sent to pool member 10.1.1.123 with SNAT Automap and configured.

Which route will the LTM device use?