Virtual Private Server And Network Address Translation! Trivia Quiz

40 Questions | Total Attempts: 114

SettingsSettingsSettings
Please wait...
Virtual Private Server And Network Address Translation! Trivia Quiz

When it comes to computers servers is a great part of ensuring that data is stored, transferred, and retrieved whenever it is required. Organizations have been chosen to have a virtual private server which helps them to keep tabs on what happens in the network. Take up this test and get to find out what you know about creating and using virtual private servers and network address transaction.


Questions and Answers
  • 1. 
    Which three statements are true about SNATs? (Choose three.)
    • A. 

      SNATs provide bi-directional traffic initiation.

    • B. 

      SNATs support UDP, TCP and ICMP traffic

    • C. 

      SNATs provide a many-to-one mapping between IP addresses.

    • D. 

      SNAT addresses can be identical to virtual server IP addresses.

  • 2. 
    A BIG-IP has two SNATs, a pool of DNS servers and a virtual server configured to load-balance UDP traffic to the DNS servers. One SNAT's address is 64.100.130.10; this SNAT is defined for all addresses. The second SNAT's address is 64.100.130.20; this SNAT is defined for three specific addresses, 172.16.3.54, 172.16.3.55, and 172.16.3.56. The virtual server's destination is 64.100.130.30:53. The SNATs and virtual server have default VLAN associations. If a client with IP address 172.16.3.55 initiates a request to the virtual server, what is the source IP address of the packet as it reaches the chosen DNS server?
    • A. 

      64.100.130.10

    • B. 

      64.100.130.20

    • C. 

      64.100.130.30

    • D. 

      172.16.3.55

  • 3. 
    Which persistence method will always recognize a client when the client returns to the same virtual server?
    • A. 

      SSL

    • B. 

      MSRDP

    • C. 

      Source address

    • D. 

      Expression (universal)

    • E. 

      No persistence method works in all situations

  • 4. 
    Which three files/data items are included in a BIG-IP backup file? (Choose three.)
    • A. 

      The BIG-IP license

    • B. 

      The BIG-IP log files

    • C. 

      The BIG-IP host name

    • D. 

      The BIG-IP default traps

    • E. 

      The BIG-IP administrative addresses

  • 5. 
    Which statement is true regarding OneConnect processing?
    • A. 

      The virtual server must have a UDP profile.

    • B. 

      The number of client connections is reduced.

    • C. 

      Server-side requests can utilize existing client-side connections.

    • D. 

      Client-side requests can utilize existing server-side connections.

  • 6. 
    The partial configuration below includes an iRule, a virtual server, and pools. When traffic from the client at 160.10.10.10:2056 connects to the virtual server Test_VS and sends an HTTP request, what will the client's source address be translated to as the traffic is sent to the chosen pool member?pool Test_Pool {member 10.10.10.10:80member 10.10.10.11:80}snatpool lower_range {member 10.10.10.1}snatpool upper_range {member 10.10.10.2}rule Test_iRule {when CLIENT_ACCEPTED {if { [TCP::local_port] < 2024 } {snatpool lower_range}else { snatpool upper_range}}}virtual Test_VS {destination 200.10.10.1:httppool Test_Poolrule Test_iRule}
    • A. 

      10.10.10.1

    • B. 

      10.10.10.2

    • C. 

      160.10.10.10

    • D. 

      200.10.10.1

    • E. 

      It could be either 10.10.10.10 or 10.10.10.11

  • 7. 
    Which tool is used on BIG-IP systems to capture data packets?
    • A. 

      Snoop

    • B. 

      Qkview

    • C. 

      Tcpdump

    • D. 

      Ethereal

  • 8. 
    The following iRule is being used within a persistence profile on a virtual server. Assuming the following HTTP requests are made within the same timeout window, what is the maximum number of persistence records that will be created?iRule:rule Persist_Universal {when HTTP_REQUEST {persist uie [ findstr [HTTP::uri] "?" 8 3 ]}}Requests:#1 http://www.test.com/input.html?test145ABR80#2 http://www.test.com/input.html?test135PDC72#3 http://www.test.com/input.html?test125ABR76#4 http://www.test.com/input.html?test145MNO88#5 http://www.test.com/input.html?test155ABR98#6 http://www.test.com/input.html?test145PDC60#7 http://www.test.com/input.html?test175ABC50#8 http://www.test.com/input.html?test125MNO55#9 http://www.test.com/input.html?test145ABC70#10 http://www.test.com/input.html?test135PDC42
    • A. 

      0

    • B. 

      1

    • C. 

      3

    • D. 

      4

    • E. 

      5

    • F. 

      10

    • G. 

      It cannot be determined from the given data.

  • 9. 
    Which are immediate results of entering the following command: b pool PoolA { lb method predictive member 10.10.1.1:80 member 10.10.1.2:80 }
    • A. 

      A new pool is available for association with any iRule or virtual server.

    • B. 

      The /config/bigip.conf file is updated to include a definition for the pool named PoolA.

    • C. 

      No changes will take place since the command is missing the monitor component for PoolA.

    • D. 

      Requests sent to this BIG-IP system with a destination port of 80 are load-balanced between the members of PoolA.

  • 10. 
    When a pool is created and saved to file, where is the default file and location for the pools configuration?
    • A. 

      /config/bigip.conf

    • B. 

      /config/BigDB.dat

    • C. 

      /etc/bigip_base.conf

    • D. 

      /config/bigip_base.conf

  • 11. 
    What does the Insert XForwarded For option in an HTTP profile do?
    • A. 

      The client IP addresses are inserted into an HTTP header.

    • B. 

      The client IP addresses are inserted into messages sent to remote syslog servers.

    • C. 

      A BIG-IP self-IP is inserted in the source address field on the client-side connection.

    • D. 

      A BIG-IP self-IP is inserted in the source address field on the server-side connection.

  • 12. 
    A steaming profile will do which of the following?
    • A. 

      Search and replace all occurences of a specified string only in requests processed by a virtual server.

    • B. 

      Search and replace all occurences of a specified string only in responses processed by a virtual server.

    • C. 

      Search and replace all occurences of a specified string in requests and responses processed by a virtual server.

    • D. 

      Search and replace the first occurence of a specified string in either a request or response processed by a virtual server.

  • 13. 
    A monitor has been defined with an alias port of 443. All other options are left at their defaults. The adminstrator wishes to assign it to a pool of members where the members' ports vary. Which is the result?
    • A. 

      This assignment is not allowed since the ports do not match.

    • B. 

      For each member, the monitor will test the members node at port 443.

    • C. 

      For each member, if the members port is not 443, the member will be marked down.

    • D. 

      For each member, if it is running an SSL service at the members port, the monitor may work. Otherwise, the monitor will fail and the member will be marked down.

  • 14. 
    Which is a potential result when a trunk is configured on a BIG-IP?
    • A. 

      VLAN fail-safe is not available for any VLANs associated with any trunks.

    • B. 

      Packets flowing to the VLAN could arrive on any of the interfaces in the trunk.

    • C. 

      No additional trunks can be configured since each BIG-IP is limited to one trunk.

    • D. 

      Since any VLANs associated with the trunk are necessarily associated with multiple interfaces, the VLANs using the trunk must use tagged packets.

  • 15. 
    A site is designing a virtual server, SNAT, and iRule such that all traffic using the virtual server from employee networks will have the source addresses translated to 10.10.1.30 but external customer traffic will not have it's source address translated. In either case, traffic should be load balanced to a member of the pool web_pool. Employees are from either 192.168.0.0/16 or 172.16.12.0/24 networks. Assuming a virtual server is associated with this rule and has no default pool, which iRule will fulfill these requirements?
    • A. 

      This cannot be performed with an iRule.

    • B. 

      Rule Test_iRule { when CLIENT_ACCEPTED { if { [[IP::local_addr] starts_with 192.168] or [[IP::local_addr] starts_with 172.16.12.] } { snatpool employee_snat pool web_pool } else { pool web_pool }

    • C. 

      Rule Test_iRule { when HTTP_REQUEST { if { [[IP::local_addr] starts_with 192.168] or [[IP::local_addr] starts_with 172.16.12.] } { snatpool employee_snat pool web_pool } else { pool web_pool }

    • D. 

      Rule Test_iRule { when CLIENT_ACCEPTED { if { [[IP::remote_addr] starts_with 192.168] or [[IP::remote_addr] starts_with 172.16.12.] } { snatpool employee_snat pool web_pool } else { pool web_pool }

    • E. 

      Rule Test_iRule { when CLIENT_ACCEPTED { if { [[IP::remote_addr] starts_with 192.168] or [[IP::remote_addr] starts_with 172.16.12.] } { snatpool employee_snat } else { pool web_pool }

  • 16. 
    A site wishes to use an external monitor. Other than what is coded in the monitor script, what information must be configured on the BIG-IP for the monitor to be functional? (Choose two.)
    • A. 

      BIG-IP must know the name of the program.

    • B. 

      BIG-IP must know which functions the program is going to test.

    • C. 

      BIG-IP must know the IP addresses of the devices that will be tested.

    • D. 

      BIG-IP must know which node or member the results are to be applied to.

    • E. 

      BIG-IP must know all services that are running on the system to be tested.

  • 17. 
    Which two statements are true concerning capabilities of current BIG-IP platforms? (Choose two.)
    • A. 

      The 1500 hosts more ports than the 3400.

    • B. 

      All BIG-IP platforms have an option of a second power supply.

    • C. 

      All BIG-IP platforms use both an ASIC and CPU(s) to process traffic.

    • D. 

      All BIG-IP platforms have tri-speed Ethernet ports (10 / 100 / 1000 Mbit/sec).

    • E. 

      All BIG-IP platforms have capacity to perform bulk encryption / decryption of SSL traffic independent of the CPU.

  • 18. 
    When defining a load-balancing pool using the command line, if the load-balancing method is not specified, what is the result?
    • A. 

      The default load-balancing method would be used.

    • B. 

      The load-balancing method of the previous pool would be used.

    • C. 

      The system would prompt the user for a load-balancing method.

    • D. 

      An error would be displayed since no load-balancing method was specified.

  • 19. 
    Which statement concerning virtual servers is true?
    • A. 

      Virtual servers can keep idle server connections open indefinitely.

    • B. 

      Virtual servers can compress data between the BIG-IP and servers.

    • C. 

      Virtual servers cannot perform load balancing without performing address translation.

    • D. 

      Virtual servers can reuse connections between the BIG-IP and server for multiple HTTP GETs.

    • E. 

      Virtual server processing always translates the virtual server address to the address of the choosen pool member.

  • 20. 
    A monitor has been defined using the HTTP monitor template. The send and receive strings were customized, but all other settings were left at their defaults. Which resources can the monitor be assigned to?
    • A. 

      Most pools

    • B. 

      Most nodes

    • C. 

      Most virtual servers

    • D. 

      Only specific pool members

  • 21. 
    Which statement is true concerning SNATs using SNAT pools and SNATs using automap?
    • A. 

      A SNAT pool can contain virtual server addresses.

    • B. 

      SNATs using automap preferentially translate source addresses to non-floating self-IP addresses.

    • C. 

      SNATs using a SNAT pool translate source addresses randomly to any of the addresses in the SNAT pool.

    • D. 

      SNATs using automap translate source addresses randomly to any of the BIG-IP's floating self-IP addresses.

  • 22. 
    Why would an administrator capture monitor traffic between a BIG-IP and servers?
    • A. 

      Only client traffic may be captured; monitor traffic may not be captured.

    • B. 

      Viewing monitor traffic could help the administrator to define a more robust monitor.

    • C. 

      If client traffic to the servers was failing, viewing and analyzing monitor traffic would determine the reason.

    • D. 

      If a client were having difficulty logging into a load-balanced SSH server, viewing and analyzing the connection process would determine the reason.

  • 23. 
    Which three processes are involved when BIG-IP systems issue traps? (Choose three.)
    • A. 

      Bigd

    • B. 

      Alertd

    • C. 

      Smtpd

    • D. 

      Snmpd

    • E. 

      Syslog-ng

  • 24. 
    Which statement describes bigpipe shell access correctly?
    • A. 

      All users can be given bigpipe shell access.

    • B. 

      Users with bigpipe shell access can only enable and disable LTM objects within a given partition.

    • C. 

      Users with bigpipe shell access can change, add, or delete LTM objects, but only within a single partition.

    • D. 

      Users with bigpipe shell access are limited to enabling and disabling LTM objects, but can always do so in all partitions.

  • 25. 
    Which is the result when multiple monitors are assigned to a pool member?
    • A. 

      The member is marked as unavailable if any of the monitors fails.

    • B. 

      The member is marked as available if any of the monitors succeeds.

    • C. 

      The member is marked available if all monitors succeed, and as marginal if one or more monitors fail(s).

    • D. 

      The member is marked available if sufficient monitors succeed, and as unavailable if insufficient monitors succeed.

  • 26. 
    What occurs when a b load command is issued?
    • A. 

      The running configuration is loaded into files for storage.

    • B. 

      The running configuration is replaced by the configuration in the files, but only if they are syntactically correct.

    • C. 

      The running configuration is replaced by the any portions of the configuration files that are syntactically correct.

    • D. 

      The running configuration is compared to the configuration in files and, when changes are noted, the version in the files is loaded over what is in memory.

  • 27. 
    Which three parameters could be used to determine whether a connection request will have the source address translated as the request is processed? (Choose three.)
    • A. 

      The client's TCP port

    • B. 

      The client's IP address

    • C. 

      The client's IP netmask

    • D. 

      The client's IP fragment offset

    • E. 

      The client's router's IP address

    • F. 

      The client's browser's preferred language

  • 28. 
    Which action CANNOT be performed by an iRule?
    • A. 

      Change the virtual server's default pool.

    • B. 

      Direct a connection request to a specific pool.

    • C. 

      Discard a client before connecting to a server.

    • D. 

      Limit a given client to a set amount of bandwidth.

    • E. 

      Substitute a server's response with alternate data.

    • F. 

      Direct a client's request to a pool based on the client's browser's language.

  • 29. 
    A BIG-IP has the following objects configured: A SNAT pool with 2 members: 150.10.33.33 and 10.10.1.33A load-balancing pool with 5 members: 10.10.1.1-10.10.1.5:80The BIG-IP has two self-IP addresses: 150.10.10.10 and 10.10.1.10A virtual server at 150.10.30.30:80 that is associated with both the SNAT pool and the loadbalancing pool. If a client at IP address 200.10.10.10 initiates a connection to the virtual server, what will the source IP address be in the packets sent to the chosen pool member?
    • A. 

      10.10.1.10

    • B. 

      10.10.1.33

    • C. 

      150.10.30.30

    • D. 

      150.10.33.33

    • E. 

      200.10.10.10

    • F. 

      It could be any of the addresses of the members of the load-balancing pool.

  • 30. 
    Which statement is true concerning packet filters?
    • A. 

      Filters cannot prevent access to the management port.

    • B. 

      Filters cannot prevent the BIG-IP synching process from taking place.

    • C. 

      The order of filters does not affect which traffic is accepted or denied.

    • D. 

      In addition to administrator-created filters, there always exists a "deny all" filter that processes traffic last.

  • 31. 
    Which statement is true concerning iRule context?
    • A. 

      The context must be explicitly declared.

    • B. 

      The iRule command determines the context.

    • C. 

      The iRule event declaration determines the context.

    • D. 

      The results of the iRule's conditional statement determines the context.

  • 32. 
    When a virtual server has an HTTP profile with compression enabled, which traffic is compressed by the BIG-IP?
    • A. 

      All client-side traffic for that virtual server

    • B. 

      All server-side traffic for that virtual server

    • C. 

      Selected traffic from the BIG-IP to the clients

    • D. 

      Selected traffic from the pool member to the BIG-IP

  • 33. 
    Why is the context of an event significant in iRule processing?
    • A. 

      The context has no impact on events.

    • B. 

      The context determines which pools are available for load balancing.

    • C. 

      The context determines which events are available for iRule processing.

    • D. 

      The context determines the values of commands that vary between client and server.

  • 34. 
    What is the expected difference between two source address persistence profiles if profile A has a mask of 255.255.255.0 and profile B has a mask of 255.255.0.0?
    • A. 

      There are no detectable differences.

    • B. 

      Profile B has a greater potential number of persistence records.

    • C. 

      Profile B will have fewer persistence records for the same client base.

    • D. 

      Profile A will have more clients matching existing persistence records.

  • 35. 
    What occurs when a b save command is issued?
    • A. 

      The current configuration files are backed up.

    • B. 

      The current configuration files are loaded into memory.

    • C. 

      The current configuration files are saved into an archive format.

    • D. 

      The current configuration files are verified for syntax, then the running configuration is installed in memory.

  • 36. 
    How is traffic flow through transparent virtual servers different from typical virtual servers?
    • A. 

      Traffic flow through transparent virtual servers is not load balanced.

    • B. 

      Traffic flow through transparent virtual servers does not have IP address translation performed.

    • C. 

      Traffic flow through transparent virtual servers must be forwarded through a single routing device.

    • D. 

      Traffic flow through transparent virtual servers is bridged (leave IP and MAC addresses intact) rather than routed (leave IP address intact but change the MAC addresses).

  • 37. 
    Which statement describes advanced shell access correctly?
    • A. 

      All users can be given advanced shell access.

    • B. 

      Users with advanced shell access can always change, add, or delete LTM objects in all partitions.

    • C. 

      Users with advanced shell access are limited to changing, adding, or deleting LTM objects in any single partition.

    • D. 

      Users with advanced shell access have the same rights as those with bigpipe shell access, but the rights extend to all partitions rather than to a single partition.

  • 38. 
    After editing and saving changes to the configuration file containing virtual servers, what is the immediate result?
    • A. 

      The new configuration is verified.

    • B. 

      The new configuration is verified and loaded.

    • C. 

      The new configuration is loaded but not verified.

    • D. 

      The new configuration is verified but not loaded.

    • E. 

      The new configuration is neither verified nor loaded.

    • F. 

      The new configuration is verified and loaded if is it syntactially correct.

  • 39. 
    Could an iRule perform persistence based on a cookie?
    • A. 

      No. iRules cannot affect persistence

    • B. 

      No. Cookie persistence is only based on a cookie persistence profile.

    • C. 

      Yes. An iRule could be designed to persist based on the contents of a cookie.

    • D. 

      Yes. An iRule could be designed to persist based on the contents of a cookie as long as the cookie is set by the server.

  • 40. 
    Which two data points can be used to persist using an expression (universal persistence)? (Choose two.)
    • A. 

      An IP address

    • B. 

      Any text string within a cookie

    • C. 

      The value in the tcp acknowledgement field

    • D. 

      Any bytes within the initial client request packet