The editorial team at ProProfs Quizzes consists of a select group of subject experts, trivia writers, and quiz masters who have authored over 10,000 quizzes taken by more than 100 million users. This team includes our in-house seasoned quiz moderators and subject matter experts. Our editorial experts, spread across the world, are rigorously trained using our comprehensive guidelines to ensure that you receive the highest quality quizzes.
Explanation The load-balancing mode is specified within the pool definition. This means that when configuring a pool, the load-balancing mode can be set to determine how traffic will be distributed among the pool members. The load-balancing mode determines the algorithm or method used to distribute the traffic, such as round-robin, least connections, or IP hash. By specifying the load-balancing mode within the pool definition, it allows for centralized control and configuration of how traffic is balanced across the pool members.
Rate this question:
2.
Assume a virtual server has a ServerSSL profile. What SSL certificates are required on the BIG-IP?
A.
No SSL certificates are required on the BIG-IP
B.
The BIG-IP's SSL certificates must only exist
C.
The BIG-IP's SSL certificates must be issued from a certificate authority
D.
The BIG-IP's SSL certificates must be created within the company hosting the BIG-IPs
Correct Answer
A. No SSL certificates are required on the BIG-IP
Explanation The correct answer is that no SSL certificates are required on the BIG-IP. This means that the BIG-IP does not need to have its own SSL certificates installed. Instead, the SSL certificates that are required for the virtual server with the ServerSSL profile can be installed on the backend servers or obtained from a certificate authority. The BIG-IP acts as a proxy and handles the SSL connections without needing its own certificates.
Rate this question:
3.
When upgrading a BIG-IP redundant pair, what happens when one system has been updated but the other has not?
A.
Synching should not be performed
B.
The first system to be updated will assume the Active role
C.
This is not possible since both systems are updated simultaneously
D.
The older system will issue SNMP traps indicating a communication error with the partner
Correct Answer
A. Synching should not be performed
Explanation When upgrading a BIG-IP redundant pair, if one system has been updated but the other has not, synching should not be performed. This is because the systems are not in the same state and attempting to sync them could result in errors or inconsistencies. It is important to ensure that both systems are updated before performing any synchronization to maintain a stable and reliable configuration.
Rate this question:
4.
Assume a client's traffic is being processed only by a NAT; no SNAT or virtual server processing takes place. Also assume that the NAT definition specifies a NAT address and an origin address while all the other settings are left at their defaults. If a client were to initiate traffic to the NAT address, what changes, if any, would take place when the BIG-IP processes such packets?
A.
The source address would not change, but the destination address would be translated to the origin address
B.
The destination address would not change, but the source address would be translated to the origin address
C.
The source address would not change, but the destination address would be translated to the NAT's address
D.
The destination address would not change, but the source address would be translated to the NAT's address
Correct Answer
A. The source address would not change, but the destination address would be translated to the origin address
Explanation When the client initiates traffic to the NAT address, the source address of the packets would remain the same. However, the destination address would be translated to the origin address. This means that the packets would be forwarded to the intended destination, but the destination IP address would be changed to the original address specified in the NAT definition.
Rate this question:
5.
Which statement is true concerning SSL termination?
A.
A virtual server that has both ClientSSL and ServerSSL profiles can still support cookie persistence
B.
Decrypting traffic at the BIG-IP allows the use of iRules for traffic management, but increases the load on the pool member
C.
When any virtual server uses a ClientSSL profile, all SSL traffic sent to the BIG-IP is decrypted before it is forwarded to servers
D.
If a virtual server has both a ClientSSL and ServerSSL profile, the pool members have less SSL processing than if the virtual server had only a ClientSSL profile
Correct Answer
A. A virtual server that has both ClientSSL and ServerSSL profiles can still support cookie persistence
Explanation When a virtual server has both ClientSSL and ServerSSL profiles, it can still support cookie persistence. This means that even though the SSL traffic is decrypted at the BIG-IP, the virtual server can still maintain and use cookies for session persistence. This allows the virtual server to direct subsequent requests from the same client to the same pool member, ensuring a consistent user experience.
Rate this question:
6.
You have created a custom profile named TEST2. The parent profile of TEST2 is named TEST1. If additional changes are made to TEST1, what is the effect on TEST2?
A.
All changes to TEST1 are propagated to TEST2
B.
Some of the changes to TEST1 may propagate to TEST2
C.
Changes to TEST1 cannot affect TEST2 once TEST2 is saved
D.
When TEST1 is changed, the administrator is prompted and can choose whether to propagate changes to TEST2
Correct Answer
B. Some of the changes to TEST1 may propagate to TEST2
Explanation When additional changes are made to the parent profile TEST1, some of those changes may also be applied to the custom profile TEST2. However, not all changes made to TEST1 will necessarily affect TEST2.
Rate this question:
7.
Assume a BIG-IP has no NATs or SNATs configured. Which two scenarios are possible when client traffic arrives on a BIG-IP that is NOT destined to a self-IP? (Choose two)
A.
If the destination of the traffic does not match a virtual server, the traffic will be discarded
B.
If the destination of the traffic does not match a virtual server, the traffic will be forwarded based on routing tables
C.
If the destination of the traffic matches a virtual server, the traffic will be processed per the virtual servers definition
D.
If the destination of the traffic matches a virtual server, the traffic will be forwarded, but it cannot be load-balanced since no SNAT has been configured
Correct Answer(s)
A. If the destination of the traffic does not match a virtual server, the traffic will be discarded C. If the destination of the traffic matches a virtual server, the traffic will be processed per the virtual servers definition
Explanation If a BIG-IP has no NATs or SNATs configured, there are two possible scenarios when client traffic arrives that is not destined to a self-IP. Firstly, if the destination of the traffic does not match a virtual server, the traffic will be discarded. This means that if there is no specific virtual server configured to handle the incoming traffic, it will be dropped. Secondly, if the destination of the traffic matches a virtual server, the traffic will be processed per the virtual server's definition. This means that if there is a virtual server configured that matches the destination of the traffic, the traffic will be handled according to the settings and rules defined for that virtual server.
Rate this question:
8.
If a client's browser does not accept cookies, what occurs when the client connects to a virtual server using cookie persistence?
A.
The connection request is not processed
B.
The connection request is sent to an apology server
C.
The connection request is load-balanced to an available pool member
D.
The connection request is refused and the client is sent a "server not available" message
Correct Answer
C. The connection request is load-balanced to an available pool member
Explanation When a client's browser does not accept cookies, the virtual server will still be able to load-balance the connection request to an available pool member. This means that the client's request will be directed to one of the servers in the pool that is currently able to handle the request. This allows the client to establish a connection and receive a response from the server, even without the use of cookies.
Rate this question:
9.
Assuming other fail-over settings are at their default state, what would occur if the fail-over cable where to be disconnected for five seconds and then reconnected?
A.
As long as network communication is not lost, no change will occur
B.
Nothing. Fail-over due to loss of voltage will not occur if the voltage is lost for less than ten seconds
C.
When the cable is disconnected, both systems will become active. When the voltage is restored, unit two will revert to standby mode
D.
When the cable is disconnected, both systems will become active. When the voltage is restored, both systems will maintain active mode
Correct Answer
C. When the cable is disconnected, both systems will become active. When the voltage is restored, unit two will revert to standby mode
Explanation When the fail-over cable is disconnected, both systems will become active because they are no longer able to communicate with each other. However, when the voltage is restored, unit two will revert to standby mode because it is designed to be the standby system in case of a fail-over event. This ensures that there is always a backup system ready to take over in case of a failure.
Rate this question:
10.
Assuming there are open connections through an active system's virtual servers and a fail-over occurs, by default, what happens to the connections?
A.
All open connections are lost.
B.
All open connections are maintained.
C.
When persistence mirroring is enabled, open connections are maintained even if a fail-over occurs.
D.
Long-lived connections such as Telnet and FTP are maintained, but short-lived connections such as HTTP are lost.
E.
All open connections are lost, but new connections are initiated by the newly active BIG-IP, resulting in minimal client downtime.
Correct Answer
A. All open connections are lost.
Explanation When a fail-over occurs in an active system's virtual servers, all open connections are lost. This means that any ongoing communication or data transfer between the clients and the servers will be abruptly terminated. The fail-over process involves switching to a backup system or server, which does not have the knowledge or memory of the previous connections. Therefore, the clients will need to establish new connections with the newly active system, resulting in downtime for the clients.
Rate this question:
11.
Which VLANs must be enabled for a SNAT to perform as desired (translating only desired packets)?
A.
The SNAT must be enabled for all VLANs.
B.
The SNAT must be enabled for the VLANs where desired packets leave the BIG-IP.
C.
The SNAT must be enabled for the VLANs where desired packets arrive on the BIG-IP.
D.
The SNAT must be enabled for the VLANs where desired packets arrive and leave the BIG-IP.
Correct Answer
C. The SNAT must be enabled for the VLANs where desired packets arrive on the BIG-IP.
Explanation The correct answer is that the SNAT must be enabled for the VLANs where desired packets arrive on the BIG-IP. This means that the SNAT will only translate packets that are coming into the BIG-IP on those specific VLANs. Enabling the SNAT for all VLANs or only the VLANs where desired packets leave the BIG-IP would not achieve the desired result of translating only the desired packets.
Rate this question:
12.
Which three methods can be used for initial access to a BIG-IP system? (Choose three.)
A.
CLI access to the serial console port
B.
SSH access to the management port
C.
SSH access to any of the switch ports
D.
HTTP access to the management port
E.
HTTP access to any of the switch ports
F.
HTTPS access to the management port
G.
HTTPS access to any of the switch ports
Correct Answer(s)
A. CLI access to the serial console port B. SSH access to the management port F. HTTPS access to the management port
Explanation The three methods that can be used for initial access to a BIG-IP system are CLI access to the serial console port, SSH access to the management port, and HTTPS access to the management port. These methods allow administrators to connect to the system and perform initial configuration and setup. SSH and HTTPS access provide secure remote access to the management port, while CLI access to the serial console port allows direct access to the system for initial configuration. Access through any of the switch ports or HTTP access is not mentioned as a valid method for initial access.
Rate this question:
13.
When can a single virtual server be associated with multiple profiles?
A.
Never. Each virtual server has a maximum of one profile.
B.
Often. Profiles work on different layers and combining profiles is common.
C.
Rarely. One combination, using both the TCP and HTTP profile does occur, but it is the exception.
D.
Unlimited. Profiles can work together in any combination to ensure that all traffic types are supported in a given virtual server.
Correct Answer
B. Often. Profiles work on different layers and combining profiles is common.
Explanation A single virtual server can be associated with multiple profiles because profiles work on different layers and combining profiles is a common practice. This allows for more flexibility and customization in managing and optimizing traffic on the virtual server.
Rate this question:
14.
Which action will take place when a failover trigger is detected by the active system?
A.
The active device will take the action specified for the failure.
B.
The standby device also detects the failure and assumes the active role.
C.
The active device will wait for all connections to terminate and then fail-over.
D.
The standby device will begin processing virtual servers that have failed, but the active device will continue servicing the functional virtual servers.
Correct Answer
A. The active device will take the action specified for the failure.
Explanation When a failover trigger is detected by the active system, it will take the action specified for the failure. This means that the active device will initiate the necessary steps to address the failure and mitigate its impact. It may involve switching to a backup system, redirecting traffic, or implementing other measures to ensure service continuity. The standby device will also detect the failure and assume the active role, but the active device will be responsible for initiating the appropriate actions.
Rate this question:
15.
In the F5 Local Traffic Manager (LTM), which of the following features allows for the translation of client IP addresses to ensure proper routing and access control?
A.
Load Balancing
B.
SSL Offloading
C.
SNAT (Secure Network Address Translation)
D.
IRules
Correct Answer
C. SNAT (Secure Network Address Translation)
Explanation SNAT (Secure Network Address Translation) in the F5 Local Traffic Manager (LTM) allows for the translation of client IP addresses to a different IP address, ensuring proper routing and access control. This feature is essential for managing connections and maintaining network security, especially in environments where direct routing of client IP addresses may not be feasible or secure.
Rate this question:
16.
Which three properties can be assigned to nodes? (Choose three.)
A.
Ratio values
B.
Priority values
C.
Health monitors
D.
Connection limits
E.
Load-balancing mode
Correct Answer(s)
A. Ratio values C. Health monitors D. Connection limits
Explanation Nodes in a network can be assigned three properties: ratio values, health monitors, and connection limits. Ratio values determine the proportion of traffic that should be directed to a specific node. Health monitors are used to check the availability and performance of a node, allowing for efficient load balancing. Connection limits define the maximum number of connections that can be established with a node, ensuring optimal resource allocation. These properties are essential in managing and optimizing the performance and reliability of a network.
Rate this question:
17.
Given that VLAN fail-safe is enabled on the external VLAN and the network that the active BIGIP's external VLAN is connected to has failed, which statement is always true about the results?
A.
The active system will note the failure in the HA table.
B.
The active system will reboot and the standby system will go into active mode.
C.
The active system will fail-over and the standby system will go into active mode.
D.
The active system will restart the traffic management module to eliminate the possibility that BIG-IP is the cause for the network failure.
Correct Answer
A. The active system will note the failure in the HA table.
Explanation If VLAN fail-safe is enabled on the external VLAN and the network that the active BIGIP's external VLAN is connected to fails, the active system will note the failure in the HA table. This means that the active system will be aware of the network failure and can take appropriate actions based on this information.
Rate this question:
18.
Which statement is true about the synchronization process, as performed by the Configuration Utility or by typing b config sync all?
A.
The process should always be run from the standby system
B.
The process should always be run from the system with the latest configuration.
C.
The two /config/bigip.conf configuration files are synchronized (made identical) each time the process is run.
D.
Multiple files, including /config/bigip.conf and /config/bigip_base.conf, are synchronized (made identical) each time the process is run.
Correct Answer
C. The two /config/bigip.conf configuration files are synchronized (made identical) each time the process is run.
Explanation The correct answer is that the two /config/bigip.conf configuration files are synchronized (made identical) each time the process is run. This means that any changes made to one of the files will be mirrored in the other file, ensuring that both files have the same configuration. This synchronization process can be performed using the Configuration Utility or by typing b config sync all. It is important to note that this process does not necessarily have to be run from the standby system or the system with the latest configuration.
Rate this question:
19.
Under what condition must an appliance license be reactivated?
A.
Licenses only have to be reactivated for RMAs - no other situations.
B.
Licenses generally have to be reactivated during system software upgrades.
C.
Licenses only have to be reactivated when new features are added (IPv6, Routing Modules, etc) - no other situations.
D.
Never. Licenses are permanent for the platform regardless the version of software installed.
Correct Answer
B. Licenses generally have to be reactivated during system software upgrades.
20.
A site needs a virtual server that will use an iRule to parse HTTPS traffic based on HTTP header values. Which two profile types must be associated with such a virtual server? (Choose two.)
A.
TCP
B.
HTTP
C.
HTTPS
D.
ServerSSL
Correct Answer(s)
A. TCP B. HTTP
Explanation To parse HTTPS traffic based on HTTP header values, the virtual server needs to have two profile types associated with it: TCP and HTTP. The TCP profile is necessary to handle the underlying TCP connection for the HTTPS traffic. The HTTP profile is needed to parse the HTTP headers and extract the required values for further processing. Together, these two profile types enable the virtual server to effectively handle and manipulate the HTTPS traffic based on the HTTP header values.
Rate this question:
21.
A virtual server is listening at 10.10.1.100:80 and has the following iRule associated with it:
when HTTP_REQUEST {if {[HTTP::uri] ends_with "txt" } {pool pool1}elseif {[HTTP::uri] ends_with "php" } {pool pool2}}If a user connects to http://10.10.1.100/foo.html, which pool will receive the request?
A.
Pool1
B.
Pool2
C.
None. The request will be dropped.
D.
Unknown. The pool cannot be determined from the information provided.
Correct Answer
D. Unknown. The pool cannot be determined from the information provided.
Explanation The iRule associated with the virtual server checks if the URI of the HTTP request ends with "txt" or "php". However, in the given scenario, the URI is "/foo.html" which does not end with either "txt" or "php". Therefore, the iRule conditions will not be met, and neither pool1 nor pool2 will be selected. Hence, it is not possible to determine which pool will receive the request based on the information provided.
Rate this question:
22.
Which two can be a part of a virtual server's definition? (Choose two.)
A.
Rule(s)
B.
Pool(s)
C.
Monitor(s)
D.
Node address(es)
E.
Load-balancing method(s)
Correct Answer(s)
A. Rule(s) B. Pool(s)
Explanation A virtual server's definition can include rules, which determine how traffic is routed to the virtual server, and pools, which contain the actual servers that handle the traffic. Rules help in deciding which pool should handle the incoming requests based on specific conditions. Pools, on the other hand, consist of one or more servers that share the same functionality and can handle the incoming traffic.
Rate this question:
23.
How is MAC masquerading configured?
A.
Specify the desired MAC address for each VLAN for which you want this feature enabled.
B.
Specify the desired MAC address for each self-IP address for which you want this feature enabled.
C.
Specify the desired MAC address for each VLAN on the active system and synchronize the systems.
D.
Specify the desired MAC address for each floating self-IP address for which you want this feature enabled.
Correct Answer
A. Specify the desired MAC address for each VLAN for which you want this feature enabled.
24.
The current status of a given pool member is unknown. Which condition could explain that state?
A.
The member has no monitor assigned to it.
B.
The member has a monitor assigned to it and the most recent monitor was successful.
C.
The member has a monitor assigned to it and the monitor did not succeed during the most recent timeout period.
D.
The member's node has a monitor assigned to it and the monitor did not succeed during the most recent timeout period.
Correct Answer
A. The member has no monitor assigned to it.
Explanation The correct answer is that the member has no monitor assigned to it. This means that there is no mechanism in place to check the status or availability of the member. Without a monitor, the system is unable to determine if the member is functioning properly or not.
Rate this question:
25.
How is persistence configured?
A.
Persistence is an option within each pool's definition.
B.
Persistence is a profile type; an appropriate profile is created and associated with virtual server.
C.
Persistence is a global setting; once enabled, load-balancing choices are superceded by the persistence method that is specified.
D.
Persistence is an option for each pool member. When a pool is defined, each member's definition includes the option for persistence.
Correct Answer
B. Persistence is a profile type; an appropriate profile is created and associated with virtual server.
26.
When configuring a pool member's monitor, which three association options are available? (Choose three.)
A.
Inherit the pool's monitor
B.
Inherit the node's monitor
C.
Configure a default monitor
D.
Assign a monitor to the specific member
E.
Do not assign any monitor to the specific member
Correct Answer(s)
A. Inherit the pool's monitor D. Assign a monitor to the specific member E. Do not assign any monitor to the specific member
Explanation The three available association options when configuring a pool member's monitor are: 1) Inherit the pool's monitor, which means the pool member will use the same monitor as the pool. 2) Assign a monitor to the specific member, which allows a specific monitor to be assigned to the pool member. 3) Do not assign any monitor to the specific member, which means the pool member will not have a monitor associated with it.
Rate this question:
27.
Assuming that systems are synchronized, which action could take place if the fail-over cable is connected correctly and working properly, but the systems cannot communicate over the network due to external network problems?
A.
If network fail-over is enabled, the standby system will assume the active mode.
B.
Whether or not network fail-over is enabled, the standby system will stay in standby mode.
C.
Whether or not network fail-over is enabled, the standby system will assume the active mode.
D.
If network fail-over is enabled, the standby system will go into active mode but only until the network recovers.
Correct Answer
B. Whether or not network fail-over is enabled, the standby system will stay in standby mode.
Explanation If the fail-over cable is connected correctly and working properly, but the systems cannot communicate over the network due to external network problems, the standby system will stay in standby mode regardless of whether or not network fail-over is enabled. This means that the standby system will not assume the active mode and will continue to wait for communication to be restored.
Rate this question:
28.
The ICMP monitor has been assigned to all nodes. In addition, all pools have been assigned custom monitors. If a pool web is marked available (green) which situation is sufficient to cause this?
A.
All of the web pools members nodes are responding to the ICMP monitor as expected.
B.
Less than 50% of the web pools members nodes responded to the ICMP echo request.
C.
All of the members of the web pool have had their content updated recently and their responses no longer match the monitors receive rule.
D.
Over 25% of the web pools members have had their content updated and it no longer matches the receive rule of the custom monitor. The others respond as expected.
Correct Answer
D. Over 25% of the web pools members have had their content updated and it no longer matches the receive rule of the custom monitor. The others respond as expected.
Explanation If over 25% of the web pool's members have had their content updated and it no longer matches the receive rule of the custom monitor, it would cause the pool web to be marked as available (green). This is because the custom monitor is checking the responses of the members, and if their content has been updated and no longer matches the receive rule, the monitor will consider them as available. The fact that the others respond as expected indicates that they are still matching the receive rule and are also marked as available.
Rate this question:
29.
Which four methods are available for remote authentication of those who are allowed to administer a BIG-IP system through the Configuration Utility? (Choose four.)
A.
LDAP
B.
OCSP
C.
RADIUS
D.
TACACS+
E.
Active Directory
Correct Answer(s)
A. LDAP C. RADIUS D. TACACS+ E. Active Directory
Explanation The four methods available for remote authentication of those who are allowed to administer a BIG-IP system through the Configuration Utility are LDAP, RADIUS, TACACS+, and Active Directory. LDAP (Lightweight Directory Access Protocol) is a protocol used for accessing and maintaining distributed directory information services. RADIUS (Remote Authentication Dial-In User Service) is a networking protocol that provides centralized authentication, authorization, and accounting management for users who connect and use a network service. TACACS+ (Terminal Access Controller Access-Control System Plus) is a protocol that provides centralized authentication, authorization, and accounting services. Active Directory is a directory service developed by Microsoft for Windows domain networks.
Rate this question:
30.
Generally speaking, should the monitor templates be used as production monitors or should they be customized prior to use?
A.
Most templates, such as http and tcp, are as effective as customized monitors.
B.
Monitor template customization is only a matter of preference, not an issue of effectiveness or performance.
C.
Most templates, such as https, should have the receive rule customized to make the monitor more robust.
D.
While some templates, such as ftp, must be customized, those that can be used without modification are not improved by specific changes.
Correct Answer
C. Most templates, such as https, should have the receive rule customized to make the monitor more robust.
Explanation The answer suggests that most templates, including https, should have the receive rule customized in order to enhance the effectiveness and robustness of the monitor. This implies that using the monitor templates as they are may not be sufficient for optimal performance and customization is recommended.
Rate this question:
31.
Which statement accurately describes the difference between two load-balancing modes specified as "member" and "node"?
A.
There is no difference; the two terms are referenced for backward compatibility purposes.
B.
When the load-balancing choice references "node", priority group activation is unavailable.
C.
Load-balancing options referencing "nodes" are available only when the pool members are defined for the "any" port.
D.
When the load-balancing choice references "node", the addresses' parameters are used to make the load-balancing choice rather than the member's parameters.
Correct Answer
D. When the load-balancing choice references "node", the addresses' parameters are used to make the load-balancing choice rather than the member's parameters.
Explanation The correct answer is when the load-balancing choice references "node", the addresses' parameters are used to make the load-balancing choice rather than the member's parameters. This means that instead of considering the individual members of the load-balancing pool, the load-balancer will make the choice based on the addresses' parameters. This allows for more flexibility in load-balancing decisions and can be useful in certain scenarios.
Rate this question:
32.
Where is persistence mirroring configured?
A.
It is always enabled.
B.
It is part of a pool definition.
C.
It is part of a profile definition.
D.
It is part of a virtual server definition.
Correct Answer
C. It is part of a profile definition.
Explanation Persistence mirroring is a feature that allows the persistence of client connections to be mirrored across multiple devices in a load balancing system. This ensures that if one device fails, the client connection can still be maintained by another device. Persistence mirroring is configured as part of a profile definition, which is a configuration template that contains settings and parameters for specific types of traffic. By configuring persistence mirroring in a profile definition, it can be applied to multiple virtual servers, providing consistent and reliable persistence across the load balancing system.
Rate this question:
33.
In the F5 Local Traffic Manager (LTM), what is the primary function of an iRule?
A.
To perform load balancing
B.
To rewrite HTTP headers
C.
To manage SSL offloading
D.
To create custom traffic management logic
Correct Answer
D. To create custom traffic management logic
Explanation iRules in the F5 Local Traffic Manager (LTM) are scripts written in a TCL-based language that allow administrators to create custom traffic management logic. iRules can inspect, modify, and route network traffic based on user-defined criteria, providing granular control over how traffic is handled by the LTM. While load balancing, rewriting HTTP headers, and SSL offloading are important functions of the LTM, iRules specifically enable custom traffic management logic.
Rate this question:
34.
Which three iRule events are likely to be seen in iRules designed to select a pool for load balancing? (Choose 3)
A.
CLIENT_DATA
B.
SERVER_DATA
C.
HTTP_REQUEST
D.
HTTP_RESPONSE
E.
CLIENT_ACCEPTED
F.
SERVER_SELECTED
G.
SERVER_CONNECTED
Correct Answer(s)
A. CLIENT_DATA C. HTTP_REQUEST E. CLIENT_ACCEPTED
Explanation iRules are used in load balancing to determine which pool should be selected for a client request. The CLIENT_DATA event is likely to be seen in iRules as it occurs when the client sends data to the server. The HTTP_REQUEST event is also likely to be seen as it occurs when the client sends an HTTP request to the server. Finally, the CLIENT_ACCEPTED event is likely to be seen as it occurs when a client connection is accepted by the server. These three events are essential in determining the appropriate pool for load balancing.
Rate this question:
35.
Which statement is true concerning the default communication between a redundant pair of BIGIP devices?
A.
Communication between the systems cannot be effected by port lockdown settings.
B.
Data for both connection and persistence mirroring are shared through the same TCP connection.
C.
Regardless of the configuration, some data is communicated between the systems at regular intervals.
D.
Connection mirroring data is shared through the serial fail-over cable unless network fail-over is enabled.
Correct Answer
B. Data for both connection and persistence mirroring are shared through the same TCP connection.
Explanation The statement that is true concerning the default communication between a redundant pair of BIGIP devices is that data for both connection and persistence mirroring are shared through the same TCP connection. This means that both connection and persistence mirroring data are transmitted over the same TCP connection, allowing for efficient and synchronized communication between the redundant devices.
Rate this question:
36.
Which event is always triggered when a client initially connects to a virtual server configured with an HTTP profile?
A.
HTTP_DATA
B.
CLIENT_DATA
C.
HTTP_REQUEST
D.
CLIENT_ACCEPTED
Correct Answer
D. CLIENT_ACCEPTED
Explanation When a client initially connects to a virtual server configured with an HTTP profile, the event that is always triggered is CLIENT_ACCEPTED. This event is triggered when the server accepts the client's connection request and establishes a connection. It marks the beginning of the client-server interaction and allows the server to start processing the client's request.
Rate this question:
37.
Which IP address will the client address be changed to when SNAT automap is specified within a Virtual Server configuration?
A.
The floating self IP address on the VLAN where the packet leaves the system.
B.
The floating self IP address on the VLAN where the packet arrives on the system.
C.
It will alternate between the floating and non-floating self IP address on the VLAN where the packet leaves the system so that port exhaustion is avoided.
D.
It will alternate between the floating and non-floating self IP address on the VLAN where the packet arrives on the system so that port exhaustion is avoided..
Correct Answer
A. The floating self IP address on the VLAN where the packet leaves the system.
Explanation When SNAT automap is specified within a Virtual Server configuration, the client address will be changed to the floating self IP address on the VLAN where the packet leaves the system. This means that the source IP address of the packet will be replaced with the floating self IP address of the system before it is sent out. This allows for better load balancing and ensures that the response packets are sent back to the correct system.
Rate this question:
38.
Which statement is true concerning iRule events?
A.
All iRule events relate to HTTP processes.
B.
All client traffic has data that could be used to trigger iRule events.
C.
All iRule events are appropriate at any point in the client-server communication.
D.
If an iRule references an event that doesn't occur during the client's communication, the client's connection will be terminated prematurely.
Correct Answer
B. All client traffic has data that could be used to trigger iRule events.
Explanation All client traffic has data that could be used to trigger iRule events. This means that iRule events can be triggered based on any data present in the client's traffic, regardless of the specific HTTP process being performed. It suggests that iRule events are not limited to a specific stage or phase of the client-server communication, and can be applied at any point. However, it does not imply that if an iRule references an event that doesn't occur during the client's communication, the client's connection will be terminated prematurely.
Rate this question:
39.
A standard virtual server is defined with a pool and a SNAT using automap. All other settings for the virtual server are at defaults. When client traffic is processed by the BIG-IP, what will occur to the IP addresses?
A.
Traffic initiated by the pool members will have the source address translated to a self-IP address but the destination address will not be changed.
B.
Traffic initiated to the virtual server will have the destination address translated to a pool members address and the source address translated to a self-IP address.
C.
Traffic initiated by selected clients, based on their IP address, will have the source address translated to a self-IP address but the destination will only be translated if the traffic is destined to the virtual server.
D.
Traffic initiated to the virtual server will have the destination address translated to a pool members address and the source address translated to a self-IP address. Traffic arriving destined to other destinations will have the source translated to a self-IP address only.
Correct Answer
B. Traffic initiated to the virtual server will have the destination address translated to a pool members address and the source address translated to a self-IP address.
Explanation When client traffic is processed by the BIG-IP, the IP addresses will be translated. Specifically, traffic initiated to the virtual server will have the destination address translated to a pool members address and the source address translated to a self-IP address. This means that the client's original IP address will be replaced with the self-IP address of the BIG-IP, and the destination address will be changed to one of the pool members' addresses. This allows the BIG-IP to route the traffic properly and ensure that it reaches the correct pool member for processing.
Rate this question:
40.
Which two can be a part of a pool's definition? (Choose two.)
A.
Rule(s)
B.
Profile(s)
C.
Monitor(s)
D.
Persistence type
E.
Load-balancing mode
Correct Answer(s)
C. Monitor(s) E. Load-balancing mode
Explanation A pool's definition can include the use of monitors to check the health and availability of the pool members. Monitors are used to periodically send requests to the pool members and based on the responses received, the load balancer determines if a member is healthy or not. Load-balancing mode is also a part of a pool's definition as it determines how the load balancer distributes traffic among the pool members. Different load-balancing modes, such as round-robin or least connections, can be configured to suit specific requirements.
Rate this question:
41.
Which two statements describe differences between the active and standby systems? (Choose two.)
A.
Monitors are performed only by the active system.
B.
Fail-over triggers only cause changes on the active system.
C.
Virtual server addresses are hosted only by the active system.
D.
Configuration changes can only be made on the active system.
E.
Floating self-IP addresses are hosted only by the active system.
Correct Answer(s)
C. Virtual server addresses are hosted only by the active system. E. Floating self-IP addresses are hosted only by the active system.
Explanation The active system hosts virtual server addresses and floating self-IP addresses exclusively, while the standby system does not. Monitors, fail-over triggers, and configuration changes can be performed on both the active and standby systems.
Rate this question:
42.
When network fail-over is enabled, which of the following is true?
A.
The fail-over cable status is ignored. Fail-over is determined by the network status only.
B.
Either a network failure or loss of voltage across the fail-over cable will cause a fail-over.
C.
A network failure will not cause a fail-over as long as there is a voltage across the fail-over cable.
D.
The presence or absence of voltage over the fail-over cable takes precedence over network fail-over.
Correct Answer
C. A network failure will not cause a fail-over as long as there is a voltage across the fail-over cable.
43.
What is the purpose of MAC masquerading?
A.
To prevent ARP cache errors
B.
To minimize ARP entries on routers
C.
To minimize connection loss due to ARP cache refresh delays
D.
To allow both BIG-IP devices to simultaneously use the same MAC address
Correct Answer
C. To minimize connection loss due to ARP cache refresh delays
Explanation MAC masquerading is used to minimize connection loss due to ARP cache refresh delays. ARP (Address Resolution Protocol) is responsible for mapping IP addresses to MAC addresses on a local network. However, the ARP cache needs to be periodically refreshed to ensure accurate mapping. During this refresh process, there can be a delay in establishing connections, resulting in connection loss. MAC masquerading helps to minimize this connection loss by efficiently managing the ARP cache refresh process, ensuring smooth and uninterrupted communication between devices on the network.
Rate this question:
44.
Assume a client's traffic is being processed only by a NAT; no SNAT or virtual server processing takes place. Also assume that the NAT definition specifies a NAT address and an origin address while all other settings are left at their defaults. If the origin server were to initiate traffic via the BIG-IP, what changes, if any, would take place when the BIG-IP processes such packets?
A.
The BIG-IP would drop the request since the traffic didnt arrive destined to the NAT address.
B.
The source address would not change, but the destination address would be changed to the NAT address.
C.
The source address would be changed to the NAT address and destination address would be left unchanged.
D.
The source address would not change, but the destination address would be changed to a self-IP of the BIG-IP.
Correct Answer
C. The source address would be changed to the NAT address and destination address would be left unchanged.
Explanation When the origin server initiates traffic via the BIG-IP, the source address would be changed to the NAT address, while the destination address would remain unchanged. This means that the packets from the origin server would appear to be coming from the NAT address when they reach their destination. This is because the NAT definition specifies the NAT address and origin address, and the BIG-IP applies these settings to the traffic it processes.
Rate this question:
45.
Which statement is true regarding fail-over?
A.
Hardware fail-over is disabled by default.
B.
Hardware fail-over can be used in conjunction with network failover.
C.
If the hardware fail-over cable is disconnected, both BIG-IP devices will always assume the active role.
D.
By default, hardware fail-over detects voltage across the fail-over cable and monitors traffic across the internal VLAN.
Correct Answer
B. Hardware fail-over can be used in conjunction with network failover.
Explanation Hardware fail-over can be used in conjunction with network failover. This means that in a fail-over scenario, where one device fails, the network traffic can be seamlessly transferred to another device through the combination of hardware fail-over and network failover. This ensures continuous availability and uninterrupted service for the network.
Rate this question:
46.
When configuring a Virtual Server to use an iRule with an HTTP_REQUEST event, which lists required steps in a proper order to create all necessary objects?
A.
Create profiles, create the iRule, create required pools, create the Virtual Server
B.
Create the Virtual Server, create required pools, create the iRule, edit the Virtual Server
C.
Create a custom HTTP profile, create required pools, create the Virtual Server, create the iRule
D.
Create required pools, create a custom HTTP profile, create the iRule, create the Virtual Server
Correct Answer
B. Create the Virtual Server, create required pools, create the iRule, edit the Virtual Server
47.
A virtual server is listening at 10.10.1.100:80 and has the following iRule associated with it:
when HTTP_REQUEST {
if { [HTTP::header User-Agent] contains "MSIE" } {
pool MSIE_pool
} else {
pool Mozilla_pool
}
}
If a user connects to http://10.10.1.100/foo.html and their browser does not specify a User-Agent, which pool will receive the request?
A.
MSIE_pool
B.
Mozilla_pool
C.
None. The request will be dropped.
D.
Unknown. The pool cannot be determined from the information provided.
Correct Answer
B. Mozilla_pool
Explanation If a user connects to http://10.10.1.100/foo.html and their browser does not specify a User-Agent, the request will be directed to the Mozilla_pool. This is because the iRule checks if the User-Agent header contains "MSIE". If it does not contain "MSIE" (which is the case when the User-Agent is not specified), the request will be directed to the Mozilla_pool.
Rate this question:
48.
When BIG-IP administrators are authenticating remotely, which two parameters are configured on the remote authentication system? (Choose two.)
A.
UserID
B.
Password
C.
Administrator Role
D.
Valid Access Times
Correct Answer(s)
A. UserID B. Password
Explanation When BIG-IP administrators are authenticating remotely, the remote authentication system needs to be configured with the UserID and Password parameters. These parameters are necessary to verify the identity of the administrators and ensure that only authorized individuals are granted access to the system. The UserID is used to identify the specific user, while the Password is used to authenticate and verify their credentials. By configuring these parameters on the remote authentication system, administrators can securely access the BIG-IP system remotely.
Rate this question:
49.
What is required for a virtual server to support clients whose traffic arrives on the internal VLAN and pool members whose traffic arrives on the external VLAN?
A.
That support is never available.
B.
The virtual server must be enabled for both VLANs.
C.
The virtual server must be enabled on the internal VLAN.
D.
The virtual server must be enabled on the external VLAN.
Correct Answer
C. The virtual server must be enabled on the internal VLAN.
Explanation The virtual server must be enabled on the internal VLAN because it needs to support clients whose traffic arrives on that VLAN. It is not necessary for the virtual server to be enabled on the external VLAN because it is not specified that it needs to support pool members whose traffic arrives on that VLAN. Therefore, the correct answer is that the virtual server must be enabled on the internal VLAN.
Rate this question:
50.
Which process or system can be monitored by the BIG-IP system and used as a fail-over trigger in a redundant pair configuration?
A.
Bandwidth utilization
B.
Duplicate IP address
C.
CPU utilization percentage
D.
VLAN communication ability
Correct Answer
D. VLAN communication ability
Explanation The correct answer is VLAN communication ability. In a redundant pair configuration, the BIG-IP system can monitor the VLAN communication ability as a fail-over trigger. If the VLAN communication fails, it indicates a problem with the network connectivity, and the BIG-IP system can initiate fail-over to the redundant pair to ensure continuous availability of the system.
Rate this question:
Quiz Review Timeline +
Our quizzes are rigorously reviewed, monitored and continuously updated by our expert board to maintain accuracy, relevance, and timeliness.