• Home
  • Articles
  • [Apr-2022] Updated F5 301b Dumps - PDF & Online Engine [Q36-Q57]

[Apr-2022] Updated F5 301b Dumps - PDF & Online Engine [Q36-Q57]

Share

[Apr-2022] Updated F5 301b Dumps – PDF & Online Engine

301b.pdf - Questions Answers PDF Sample Questions Reliable

NEW QUESTION 36
-- Exhibit- -- Exhibit -

Refer to the exhibit.
An LTM Specialist is troubleshooting an issue with SSL and is receiving the error shown when connecting to the virtual server. When connecting directly to the pool member, clients do NOT receive this message, and the application functions correctly. The LTM Specialist exports theappropriate certificate and key from the pool member and imports them into the LTM device. The LTM Specialist then creates the Client SSL profile and associates it with the virtual server.
What is the issue?

  • A. The SSL certificate and key have expired.
  • B. The common name on the SSL certificate does NOT match the hostname of the site.
  • C. The SSL certificate and key do NOT match.
  • D. The client CANNOT verify the certification path.

Answer: D

 

NEW QUESTION 37
-- Exhibit -

-- Exhibit --
Refer to the exhibit.
Which pool can be removed without affecting client traffic?

  • A. ftp_pool
  • B. server1_80
  • C. server_pool
  • D. http_pool

Answer: C

 

NEW QUESTION 38
-- Exhibit - -- Exhibit -Refer to the exhibit. An LTM Specialist is troubleshooting a virtual server. Both the virtual server and the pool are

showing blue squares for their statuses, and new clients report receiving "The connection was reset" through their browsers. Connections directly to the pool member are successful. What is the issue?

  • A. The node is marked as disabled.
  • B. The pool member is disabled.
  • C. The virtual server is disabled on all VLANs.
  • D. The HTTP profile has incorrect settings.

Answer: A

 

NEW QUESTION 39
-- Exhibit-

-- Exhibit -Refer to the exhibit.
An LTM Specialist is troubleshooting an HTTP monitor that is marking a pool member as down. Connecting to the pool member directly through a browser shows the application is up and functioning correctly.
ltm monitor http http_mon { defaults-from http destination *:* interval 5 recv "200 OK" send "GET /\\r\\n" time-until-up 0 timeout 16 }
What is the issue?

  • A. The request is NOT being received by the pool member.
  • B. The pool member is responding without HTTP headers.
  • C. The pool member is responding with a 404.
  • D. The HTTP headers are compressed.

Answer: B

 

NEW QUESTION 40
An LTM device has a virtual server configured as a Performance Layer 4 virtual listening on 0.0.0.0:0 to perform routing of packets to an upstream router. The client machine at IP address 192.168.0.4 is attempting to contact a host upstream of the LTM device on IP address 10.0.0.99.
The network flow is asymmetrical, and the following TCP capture displays:
# tcpdump -nnni 0.0 'host 192.168.0.4 and host 10.0.0.99'
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on 0.0, link-type EN10MB (Ethernet), capture size 96 bytes
05:07:55.499954 IP 192.168.0.4.35345 > 10.0.0.99.443: S 3205656213:3205656213(0) ack
3267995082 win 1480
05:07:55.499983 IP 10.0.0.99.443 > 192.168.0.4.35345: R 1:1(0) ack 1 win 0
05:07:56.499960 IP 192.168.0.4.35345 > 10.0.0.99.443: S 3205656213:3205656213(0) ack
3267995082 win 1480
05:07:56.499990 IP 10.0.0.99.443 > 192.168.0.4.35345: R 1:1(0) ack 1 win 0
4 packets captured
Which option within the fastL4 profile needs to be enabled by the LTM Specialist to prevent the LTM device from rejecting the flow?

  • A. Loose Close
  • B. Loose Initiation
  • C. Reset on Timeout
  • D. Generate Initial Sequence Number

Answer: B

 

NEW QUESTION 41
In preparation for a maintenance task, an LTM Specialist performs a "Force to Standby" on LTM device Unit 1.
LTM device Unit 2 becomes active as expected. The maintenance task requires the reboot of Unit 1. Shortly after the reboot is complete, the LTM Specialist discovers that Unit 1 has become active and Unit 2 has returned to standby.
What would cause this behavior?

  • A. Unit 1 is set with the redundancy state preference of active in devices groups.
  • B. A device group is configured with Auto Failback, and Unit 1 is the default device.
  • C. Unit 1 is set with the redundancy state preference of active in high availability.
  • D. A traffic group is configured with Auto Failback, and Unit 1 is the default device.

Answer: D

 

NEW QUESTION 42
An LTM device is load balancing telnet and ssh applications in a client/server environment experiencing significant packet delay.
Which setting in the TCP profile should reduce the amount of packet delay?

  • A. disable Bandwidth Delay
  • B. enable Proxy Maximum Segment
  • C. disable Nagle's Algorithm
  • D. increase Maximum Segment Retransmissions

Answer: C

 

NEW QUESTION 43
An LTM Specialist receives a request to monitor the network path through a member, but NOT the member itself.
Which monitor option should the LTM Specialist enable or configure?

  • A. Time until up
  • B. Reverse
  • C. Alias address
  • D. Transparent
  • E. Up interval

Answer: D

 

NEW QUESTION 44
An LTM Specialist must perform a hot fix installation from the command line.
What is the correct procedure to ensure that the installation is successful?

  • A. import the hot fix to the /shared/images directory check the integrity of the file with an md5 checksum tmsh apply sys software hotfix volume <volume_name> <hotfix_name>.iso
  • B. import the hot fix to the /var/shared/images directory check the integrity of the file with an md5 checksum tmsh install sys software hotfix <hotfix_name>.iso volume <volume_name>
  • C. import the hot fix to the /var/shared/images directory check the integrity of the file with an md5 checksum tmsh apply sys software hotfix volume <volume_name> <hotfix_name>.iso
  • D. import the hot fix to the /shared/images directory check the integrity of the file with an md5 checksum tmsh install sys software hotfix <hotfix_name>.iso volume <volume_name>

Answer: D

 

NEW QUESTION 45
An LTM Specialist uploaded new releases .iso and .md5 files titled "BIGIP-FILENAME" via the GUI.
Which commands are run via the command line from the root directory to verify the integrity of the new .iso file?

  • A. cd /var/shared/images
    md5sum --check BIGIP-FILENAME.iso.md5
  • B. cd /shared/images
    md5sum --check BIGIP-FILENAME.iso.md5
  • C. cd /shared/images
    md5sum --check BIGIP-FILENAME.iso
  • D. cd /var/shared/images
    md5sum --check BIGIP-FILENAME.iso

Answer: B

 

NEW QUESTION 46
-- Exhibit -

-- Exhibit --
Refer to the exhibit.
An LTM Specialist is troubleshooting an issue with SSL and is receiving the error shown when connecting to the virtual server. When connecting directly to the pool member, clients do NOT receive this message, and the application functions correctly. The LTM Specialist exports the appropriate certificate and key from the pool member and imports them into the LTM device. The LTM Specialist then creates the Client SSL profile and associates it with the virtual server.
What is the issue?

  • A. The SSL certificate and key have expired.
  • B. The common name on the SSL certificate does NOT match the hostname of the site.
  • C. The SSL certificate and key do NOT match.
  • D. The client CANNOT verify the certification path.

Answer: D

 

NEW QUESTION 47
An LTM device is deployed in a one-armed topology. The virtual server, clients, and web servers are connected on the LTM device internal VLAN. A client tries to connect to the virtual server and is unable to establish a connection. A packet capture from the LTM device internal VLAN shows that the HTTP request is being forwarded to the web server.
From which two additional locations should protocol analyzer data be collected? (Choose two.)

  • A. network interface of web server
  • B. external VLAN interface of LTM device
  • C. internal VLAN interface of LTM device
  • D. network interface of client machine
  • E. any network interface of the Internet firewall

Answer: A,D

 

NEW QUESTION 48
These log entries can have different root causes:
Jun 28 05:01:21 LTM_A notice mcpd[27545]: 0107143a:5: CMI reconnect timer: enabled
Jun 28 05:01:21 LTM_A notice mcpd[27545]: 01071431:5: Attempting to connect to CMI peer
1.1.1.2 port 6699
Jun 28 05:01:21 LTM_A notice mcpd[27545]: 01071432:5: CMI peer connection established to
1.1.1.2 port 6699
Jun 28 05:01:26 LTM_A notice mcpd[27545]: 0107143a:5: CMI reconnect timer: disabled, all peers are connected
Which two commands should be used to obtain additional information on these entries? (Choose two.)

  • A. tmsh modify /sys db log.mcpd.level value debug
  • B. tmsh show /sys mcpd
  • C. bigstart status mcpd
  • D. tmsh modify /sys db log.cmi.level value debug

Answer: A,C

 

NEW QUESTION 49
An LTM Specialist has been asked to configure a virtual server to distribute connections between a pool of two application servers with addresses 172.16.20.1 and 172.16.20.2. The application servers are listening on TCP ports 80 and 443. The application administrators have asked that clients be directed to the same node for both HTTP and HTTPS requests within the same session.
Virtual servers vs_http and vs_https have been created, listening on 1.2.3.100:80 and 1.2.3.100:443, respectively.
Which configuration option will result in the desired behavior?

  • A. Create pool http_pool with members 172.16.20.1:80 and 172.16.20.2:80 Create pool https_pool with members 172.16.20.1:443 and 172.16.20.2:443 Assign http_pool as the default pool for vs_http Assign https_pool as the default pool for vs_https Create a source address persistence profile with "match across services" enabled Assign the persistence profile to vs_http and vs_https
  • B. Create pool http_pool with members 172.16.20.1:80 and 172.16.20.2:80 Assign pool http_pool as the default pool for both vs_https and vs_https Disable port translation for vs_https Create an SSL persistence profile with "match across virtual servers" enabled Assign the persistence profile to vs_http.
  • C. Create pool app_pool with members 172.16.20.1:any and 172.16.20.2:any Assign app_pool as the default pool for both vs_http and vs_https Disable port translation for vs_http and vs_https
  • D. Create pool http_pool with members 172.16.20.1:80 and 172.16.20.2:80 Create pool https_pool with members 172.16.20.1:443 and 172.16.20.2:443 Assign http_pool as the default pool for vs_http Assign https_pool as the default pool for vs_https Create an SSL persistence profile with "match across virtual servers" enabled Assign the persistence profile to vs_http

Answer: A

 

NEW QUESTION 50
Given the iRule:
when HTTP_REQUEST { if {([HTTP::username] ne "") and ([HTTP::password] ne "") } { log local0. "client ip [IP::remote_addr] credentials provided [HTTP::username] [HTTP::password]"} else { pool old_application_pool }
} The associated virtual server has a default pool named new_application_pool.
Which functionality does the iRule provide?

  • A. Allows clients with credentials to access the old_application_pool and logs the attempted access of clients with credentials to the new_application_pool.
  • B. Allows clients with credentials to access the old_application_pool and logs the access of clients without credentials to the new_application_pool.
  • C. Allows clients without credentials to access the old_application_pool and logs the attempted access of clients without credentials to the new_application_pool.
  • D. Allows clients without credentials to access the old_application_pool and logs the access of clients with credentials to the new_application_pool.

Answer: D

 

NEW QUESTION 51
An LTM device is running BIG-IP v10.2.0 software. The LTM Specialist is tasked with upgrading the LTM device to BIG-IP v11.2.0 HF1. The LTM Specialist starts the upgrade process by selecting the uploaded Hotfix and installing to an unused volume. After 10 minutes, the LTM Specialist checks the status of the upgrade process and notices that the process is stalled at 0%.
What should the LTM Specialist verify?

  • A. the base software version exists on the LTM device
  • B. the LTM device has an available Internet connection via the management interface
  • C. the selected volume has sufficient space available
  • D. the LTM device has been restarted into maintenance mode

Answer: A

 

NEW QUESTION 52
The LTM device is configured to provide load balancing to a set of web servers that implement access control lists (ACL) based on the source IP address of the client. The ACL is at the network level and the web server is configured to send a TCP reset back to the client if it is NOT permitted to connect.
The virtual server is configured with the default OneConnect profile.
The ACL is defined on the web server as:
Permit: 192.168.136.0/24
Deny: 192.168.116.0/24
The packet capture is taken of two individual client flows to a virtual server with IP address 192.168.136.100.
Client A - Src IP 192.168.136.1 - Virtual Server 192.168.136.100:
Clientside:
09:35:11.073623 IP 192.168.136.1.55684 > 192.168.136.100.80: S 869998901:869998901(0) win 8192 <mss
1460,nop,wscale 2,nop,nop,sackOK>
09:35:11.073931 IP 192.168.136.100.80 > 192.168.136.1.55684: S 2273668949:2273668949(0) ack
869998902 win 4380 <mss 1460,nop,wscale 0,sackOK,eol>
09:35:11.074928 IP 192.168.136.1.55684 > 192.168.136.100.80: . ack 1 win 16425
09:35:11.080936 IP 192.168.136.1.55684 > 192.168.136.100.80: P 1:299(298) ack 1 win 16425
09:35:11.081029 IP 192.168.136.100.80 > 192.168.136.1.55684: . ack 299 win 4678 Serverside:
09:35:11.081022 IP 192.168.136.1.55684 > 192.168.116.128.80: S 685865802:685865802(0) win 4380 <mss
1460,nop,wscale 0,sackOK,eol>
09:35:11.081928 IP 192.168.116.128.80 > 192.168.136.1.55684: S 4193259095:4193259095(0) ack
685865803 win 5840 <mss 1460,nop,nop,sackOK,nop,wscale 6>
09:35:11.081943 IP 192.168.136.1.55684 > 192.168.116.128.80: . ack 1 win 4380
09:35:11.081955 IP 192.168.136.1.55684 > 192.168.116.128.80: P 1:299(298) ack 1 win 4380
09:35:11.083765 IP 192.168.116.128.80 > 192.168.136.1.55684: . ack 299 win 108 Client B - Src IP 192.168.116.1 - Virtual Server 192.168.136.100:
Clientside:
09:36:11.244040 IP 192.168.116.1.55769 > 192.168.136.100.80: S 3320618938:3320618938(0) win 8192
<mss 1460,nop,wscale 2,nop,nop,sackOK>
09:36:11.244152 IP 192.168.136.100.80 > 192.168.116.1.55769: S 3878120666:3878120666(0) ack
3320618939 win 4380 <mss 1460,nop,wscale 0,sackOK,eol>
09:36:11.244839 IP 192.168.116.1.55769 > 192.168.136.100.80: . ack 1 win 16425
09:36:11.245830 IP 192.168.116.1.55769 > 192.168.136.100.80: P 1:299(298) ack 1 win 16425
09:36:11.245922 IP 192.168.136.100.80 > 192.168.116.1.55769: . ack 299 win 4678 Serverside:
09:36:11.245940 IP 192.168.136.1.55684 > 192.168.116.128.80: P 599:897(298) ack 4525 win 8904
09:36:11.247847 IP 192.168.116.128.80 > 192.168.136.1.55684: P 4525:5001(476) ack 897 win 142 Why was the second client flow permitted by the web server?

  • A. A global SNAT is defined.
  • B. SNAT automap was enabled on the virtual server.
  • C. The idle TCP session from the first client was re-used.
  • D. A source address persistence profile is assigned to the virtual server.

Answer: C

 

NEW QUESTION 53
-- Exhibit- -- Exhibit -

Refer to the exhibit.
An LTM Specialist is troubleshooting a virtual server. Both the virtual server and the pool are showing blue squares for their statuses, and new clients report receiving "The connection was reset" through their browsers. Connections directly to the pool member are successful.
What is the issue?

  • A. The node is marked as disabled.
  • B. The pool member is disabled.
  • C. The virtual server is disabled on all VLANs.
  • D. The HTTP profile has incorrect settings.

Answer: A

 

NEW QUESTION 54
-- Exhibit -


-- Exhibit -
Refer to the exhibits.
How should the LTM Specialist minimize the configuration?

  • A. Create a single monitor, apply it to the pool, and remove the pool member level monitors.
  • B. The configuration is as minimized as possible.
  • C. Create a single monitor and apply it to each pool member.
  • D. Remove the pool member level monitors.

Answer: A

 

NEW QUESTION 55
-- Exhibit - -- Exhibit -


Refer to the exhibits.
A customer requests to offload SSL for an internal website. The front page of the website loads correctly; however, selecting links on the page fails.
How should the LTM Specialist fix the issue?

  • A. Create a new Server SSL profile.
    Enable Proxy SSL.
    Add the Server SSL profile to the VS.
  • B. Create a new HTTP profile.
    Enable redirect rewrite.
    Add the new HTTP profile to the VS.
  • C. Create a new SNAT pool.
    Add internal network IPs to the SNAT pool.
    Add the SNAT pool to the VS.
  • D. Create a new HTTP profile.
    Enable Insert X-Forwarded-For.
    Add the new HTTP profile to the VS.

Answer: B

 

NEW QUESTION 56
A failover event is recorded in the log messages:
Jan 01 00:00:50 BIG-IP notice sod[5855]: 01140029:5: HA proc_running tmm fails action is go offline and down links.
Jan 01 00:00:50 BIG-IP notice sod[5855]: 010c0050:5: Sod requests links down. Jan 01 00:00:50 BIG-IP notice sod[5855]: 010c0054:5: Offline for traffic group /Common/traffic-group-1.
Jan 01 00:00:50 BIG-IP notice sod[5855]: 010c003e:5: Offline
Jan 01 00:00:50 BIG-IP notice logger: /usr/bin/tmipsecd --tmmcount 4 ==> /usr/bin/bigstart stop racoon Jan 01 00:00:50 BIG-IP info lacpd[5502]: 01160016:6: Failover event detected.
(Switchboard failsafe disabled while offline)
Jan 01 00:00:51 BIG-IP err bcm56xxd[5296]: 012c0010:3: Failover event detected. Marking external interfaces down. bsx.c(3633) Jan 01 00:00:51 BIG-IP info bcm56xxd[5296]: 012c0015:6: Link: 1.1 is DOWN Jan 01 00:00:56 BIG-IP notice mcpd[5318]: 0107143c:5: Connection to CMI peer 10.0.0.3
has been removed
Jan 01 00:00:56 BIG-IP notice mcpd[5318]: 0107143a:5: CMI reconnect timer: enabled
Jan 01 00:00:56 BIG-IP notice mcpd[5318]: 01071431:5: Attempting to connect to CMI peer 10.0.0.3 port 6699
What is the cause of the failover?

  • A. A switchboard failure caused system fail-safe to initiate the failover.
  • B. Loss of connection to CMI peer 10.0.0.3 initiated the failover.
  • C. TMM failed, and VLAN fail-safe initiated the failover.
  • D. TMM failed, and system fail-safe initiated the failover.

Answer: D

 

NEW QUESTION 57
......

F5 301b Dumps PDF Are going to be The Best Score: https://pass4sure.actualpdf.com/301b-real-questions.html

Related Articles

more
F5 301b Certification Practice Exam