Certbus > F5 > F5-CTS LTM > 301B > 301B Online Practice Questions and Answers

301B Online Practice Questions and Answers

Questions 4

Windows PC clients are connecting to a virtual server over a high-speed, low-latency network with no packet loss. Which built-in client-side TCP profile provides the highest throughput for HTTP downloads?

A. tcp

B. tcp-legacy

C. tcp-lan-optimized

D. tcp-wan-optimized

Browse 210 Q&As
Questions 5

An LTM Specialist sees these entries in /var/log/ltm:

Oct 25 03:34:31 tmm warning tmm[7150]: 01260017:4: Connection attempt to insecure SSL server (see RFC5746) aborteD. 172.16.20.1:443 Oct 25 03:34:32 tmm warning tmm[7150]: 01260017:4: Connection attempt to insecure SSL server (see RFC5746) aborteD. 172.16.20.1:443 Oct 25 03:34:32 tmm warning tmm[7150]: 01260017:4: Connection attempt to insecure SSL server (see RFC5746) aborteD. 172.16.20.1:443 Oct 25 03:34:32 tmm warning tmm[7150]: 01260017:4: Connection attempt to insecure SSL server (see RFC5746) aborteD. 172.16.20.1:443 Oct 25 03:34:32 tmm warning tmm[7150]: 01260017:4: Connection attempt to insecure SSL server (see RFC5746) aborteD. 172.16.20.1:443 Oct 25 03:34:33 tmm warning tmm[7150]: 01260017:4: Connection attempt to insecure SSL server (see RFC5746) aborteD. 172.16.20.1:443

Assume 172.16.20.0/24 is attached to the VLAN "internal."

What should the LTM Specialist use to troubleshoot this issue?

A. curl -d - -k https://172.16.20.1

B. ssldump -i internal host 172.16.20.1

C. tcpdump -i internal host 172.16.20.1 > /shared/ssl.pcap ssldump < /shared/ssl.pcap

D. tcpdump -s 64 -i internal -w /shared/ssl.pcap host 172.16.20.1 ssldump -r /shared/ssl.pcap

Browse 210 Q&As
Questions 6

A virtual server for a set of web services is constructed on an LTM device. The LTM Specialist has created an iRule and applied this iRule to the virtual server:

when HTTP_REQUEST { switch [HTTP::uri] {

"/WS1/ws.jsp" {

log local0. "[HTTP::uri]-Redirected to JSP Pool"

pool JSP

}

default { log local0. "[HTTP::uri]-Redirected to Non-JSP Pool" pool NonJSP

} } }

However, the iRule is NOT behaving as expected. Below is a snapshot of the log:

/WS1/ws.jsp-Redirected to JSP Pool /WS1/ws.jsp-Redirected to JSP Pool /WS1/ws.jsp-Redirected to JSP Pool /WS1/WS.jsp-Redirected to Non-JSP Pool /ws1/WS.jsp-Redirected to Non-JSP Pool /WS1/ws.jsp-Redirected to JSP Pool /ws1/ws.jsp-Redirected to Non-JSP Pool

What is the problem?

A. The condition in the iRule is case sensitive.

B. The 'switch' command in the iRule has been used incorrectly.

C. The pool members of both pools need to be set up as case-insensitive members.

D. The "Process Case-Insensitivity" option for the virtual server needs to be selected.

Browse 210 Q&As
Questions 7

Users in a branch office are reporting a website is always slow. No other users are experiencing the problem. The LTM Specialist tests the website from the external VLAN along with testing the servers directly. All tests indicate normal behavior. The environment is a single HTTP virtual server on the external VLAN with a single pool containing three HTTP pool members on the internal VLAN.

Which two locations are most appropriate to collect additional protocol analyzer data? (Choose two.)

A. a user's machine

B. the switch local to the user

C. the LTM device's internal VLAN

D. the LTM device's external VLAN

E. a user's Active Directory authentication

Browse 210 Q&As
Questions 8

There are three servers in the pool: 172.16.20.1, 172.16.20.2, and 172.16.20.3, with the virtual IP address 10.0.20.88.

A user CANNOT connect to an HTTP application. To understand the problem and find a solution, the LTM Specialist runs two concurrent traces on the LTM device, with the following results:

Trace on client side:

tcpdump: verbose output suppressed, use -v or -vv for full protocol decode

listening on 0.0, link-type EN10MB (Ethernet), capture size 96 bytes

22:22:07.423759 IP 172.16.20.100.53875 > 10.0.20.88.80: S 998346084:998346084(0) win 5840

22:22:07.424056 IP 10.0.20.88.80 > 172.16.20.100.53875: S 4671780:4671780(0) ack 998346085 win 4380

22:22:07.424776 IP 172.16.20.100.53875 > 10.0.20.88.80: . ack 1 win 365

22:22:07.424790 IP 172.16.20.100.53875 > 10.0.20.88.80: P 1:149(148) ack 1 win 365

22:22:07.424891 IP 10.0.20.88.80 > 172.16.20.100.53875: . ack 149 win 4528

22:22:12.024850 IP 10.0.20.88.80 > 172.16.20.100.53875: R 1:1(0) ack 149 win 4528

6 packets captured

6 packets received by filter

0 packets dropped by kernel

Trace on server side:

tcpdump: verbose output suppressed, use -v or -vv for full protocol decode

listening on internal, link-type EN10MB (Ethernet), capture size 96 bytes

22:22:07.424881 IP 172.16.20.100.53875 > 172.16.20.2.80: S 51116678:51116678(0) win 4380

22:22:08.424893 IP 172.16.20.100.53875 > 172.16.20.2.80: S 51116678:51116678(0) win 4380

22:22:09.625082 IP 172.16.20.100.53875 > 172.16.20.2.80: S 51116678:51116678(0) win 4380

22:22:10.825194 IP 172.16.20.100.53875 > 172.16.20.2.80: S 51116678:51116678(0) win 4380

4 packets captured

4 packets received by filter

0 packets dropped by kernel

What should the LTM Specialist do to solve the problem?

A. Edit the packet filter rules.

B. Modify the monitor of the pool.

C. Enable the virtual server.

D. Configure the virtual server to use SNAT.

Browse 210 Q&As
Questions 9

In preparation for a maintenance task, an LTM Specialist performs a "Force to Standby" on LTM device Unit 1. LTM device Unit 2 becomes active as expected. The maintenance task requires the reboot of Unit 1. Shortly after the reboot is complete, the LTM Specialist discovers that Unit 1 has become active and Unit 2 has returned to standby.

What would cause this behavior?

A. Unit 1 is set with the redundancy state preference of active in devices groups.

B. Unit 1 is set with the redundancy state preference of active in high availability.

C. A traffic group is configured with Auto Failback, and Unit 1 is the default device.

D. A device group is configured with Auto Failback, and Unit 1 is the default device.

Browse 210 Q&As
Questions 10

An LTM Specialist is troubleshooting an issue where one LTM device in a three LTM device group is failing to synchronize after a synchronize to group command is issued. The LTM Specialist verifies there are no packet filters, port lock down, or network issues preventing the connection.

What are two reasons the synchronization group is having issues? (Choose two.)

A. Certificates expired on all of the peer LTM devices.

B. Certificates stored for the device trusts on all of the peer LTM devices are corrupted.

C. Admin passwords changed on one of the peer LTM devices that are able to synchronize.

D. Admin password changed on the LTM device NOT receiving the synchronized configurations.

E. Certificates stored for the device trusts on the LTM device NOT receiving the configuration are corrupted.

Browse 210 Q&As
Questions 11

-- Exhibit

-- Exhibit -Refer to the exhibit.

Which two items can be consolidated to simplify the LTM configuration? (Choose two.)

A. /Common/vs1-https-redirect

B. /Common/vs2-https-redirect

C. /Common/vs3-https-redirect

D. /Common/vs4-https-redirect

E. /Common/vs5-https-redirect

Browse 210 Q&As
Questions 12

-- Exhibit

-- Exhibit -Refer to the exhibit.

Which pool can be removed without affecting client traffic?

A. ftp_pool

B. http_pool

C. server1_80

D. server_pool

Browse 210 Q&As
Questions 13

-- Exhibit

-- Exhibit -Refer to the exhibit. A client attempts to connect from a Google Chrome browser to a virtual server on a BIG-IP LTM. The virtual server is SSL Offloaded. When the client connects, the client receives an SSL error. After trying Mozilla Firefox and Internet Explorer

browsers, the client still receives the same errors.

The LTM Specialist does an ssldump on the virtual server and receives the results as per the exhibit.

What is the problem?

A. The SSL key length is incorrect.

B. The BIG-IP LTM is NOT serving a certificate.

C. The BIG-IP LTM is NOT listening on port 443.

D. The client needs to be upgraded to the appropriate cipher-suite.

Browse 210 Q&As
Questions 14

-- Exhibit

-- Exhibit -

Refer to the exhibit.

A pair of LTM devices are configured for HA. The LTM Specialist observes from a capture that there is a successful connection from a client directly to a web server and an unsuccessful connection from a client via the LTM device to the same

web server.

Which two solutions will solve the configuration problem? (Choose two.)

A. Configure SNAT on the pool.

B. Configure SNAT on the virtual server.

C. Change server default gateway to point at LTM internal self IP.

D. Change server default gateway to point at LTM internal floating IP.

Browse 210 Q&As
Questions 15

-- Exhibit

-- Exhibit -Refer to the exhibit.

A failover has just occured on BIG-IP1. BIG-IP2 is now active and manages traffic as expected. Both Bigip's are set with a gateway failsafe to check the reachability of the main border router.

Switches have performed as expected.

Where should the LTM Specialist check for potential issues?

A. Network Interface 2.1 of BIG-IP 2

B. Network Interface 2.1 of BIG-IP 1

C. Network Interface 2.2 of BIG-IP 2

D. Network Interface 2.2 of BIG-IP 1

E. Network Interface 1.1 of BIG-IP 1

F. Network Interface 1.1 of BIG-IP 2

Browse 210 Q&As
Questions 16

-- Exhibit

-- Exhibit -Refer to the exhibit.

A pair of LTM devices is configured for HA.

What happens if the pool member server with IP address 10.0.0.4 becomes totally unresponsive to the active LTM device, but is still responsive to the standby LTM device?

A. The HA-group will disable the trunk my_trunk.

B. The HTTP application will be unavailable via the LTM device.

C. The HA-group will initiate a fail-over because the threshold is set to 2.

D. The HA-group will initiate a fail-over because the HA-Group score will be zero.

Browse 210 Q&As
Questions 17

-- Exhibit

-- Exhibit -

Refer to the exhibits.

An LTM Specialist has configured a virtual server to distribute connections to a pool of application servers and to offload SSL processing. The application fails to work as expected when connecting to the virtual server. It does work when

clients connect directly to the application. Two packet captures were taken at the application server.

What is the root cause of the problem?

A. The application servers are NOT listening on port 80.

B. The LTM device is sending non-SSL traffic to an SSL port.

C. The virtual server does NOT have a clientSSL profile assigned.

D. The SSL handshake between the LTM device and the server is failing.

Browse 210 Q&As
Questions 18

-- Exhibit -- Exhibit -Refer to the exhibit.

Which URL should be reported to the server/application team as getting user-visible errors?

A. /env.cgi

B. /page14.cgi

C. /reflector.php

D. /browserspecific.html

Browse 210 Q&As
Exam Code: 301B
Exam Name: BIG-IP Local Traffic Manager (LTM) Specialist: Maintain & Troubleshoot
Last Update: Mar 19, 2024
Questions: 210 Q&As

PDF

$45.99

VCE

$49.99

PDF + VCE

$59.99