Ltm

93 Questions | By F5LTM | Updated: Mar 21, 2022 | Attempts: 739

Questions

Settings

Create your own Quiz

Questions and Answers

1.

Where is the load-balancing mode specified?
- A.
  
  Within the pool definition
- B.
  
  Within the node definition
- C.
  
  Within the virtual server definition
- D.
  
  Within the pool member definition
2.

Assume a virtual server has a ServerSSL profile. What SSL certificates are required on the BIG-IP?
- A.
  
  No SSL certificates are required on the BIG-IP
- B.
  
  The BIG-IP's SSL certificates must only exist
- C.
  
  The BIG-IP's SSL certificates must be issued from a certificate authority
- D.
  
  The BIG-IP's SSL certificates must be created within the company hosting the BIG-IPs
3.

When upgrading a BIG-IP redundant pair, what happens when one system has been updated but the other has not?
- A.
  
  Synching should not be performed
- B.
  
  The first system to be updated will assume the Active role
- C.
  
  This is not possible since both systems are updated simultaneously
- D.
  
  The older system will issue SNMP traps indicating a communication error with the partner
4.

Assume a client's traffic is being processed only by a NAT; no SNAT or virtual server processing takes place. Also assume that the NAT definition specifies a NAT address and an origin address while all the other settings are left at their defaults. If a client were to initiate traffic to the NAT address, what changes, if any, would take place when the BIG-IP processes such packets?
- A.
  
  The source address would not change, but the destination address would be translated to the origin address
- B.
  
  The destination address would not change, but the source address would be translated to the origin address
- C.
  
  The source address would not change, but the destination address would be translated to the NAT's address
- D.
  
  The destination address would not change, but the source address would be translated to the NAT's address
5.

Which statement is true concerning SSL termination?
- A.
  
  A virtual server that has both ClientSSL and ServerSSL profiles can still support cookie persistence
- B.
  
  Decrypting traffic at the BIG-IP allows the use of iRules for traffic management, but increases the load on the pool member
- C.
  
  When any virtual server uses a ClientSSL profile, all SSL traffic sent to the BIG-IP is decrypted before it is forwarded to servers
- D.
  
  If a virtual server has both a ClientSSL and ServerSSL profile, the pool members have less SSL processing than if the virtual server had only a ClientSSL profile
6.

You have created a custom profile named TEST2. The parent profile of TEST2 is named TEST1. If additional changes are made to TEST1, what is the effect on TEST2?
- A.
  
  All changes to TEST1 are propagated to TEST2
- B.
  
  Some of the changes to TEST1 may propagate to TEST2
- C.
  
  Changes to TEST1 cannot affect TEST2 once TEST2 is saved
- D.
  
  When TEST1 is changed, the administrator is prompted and can choose whether to propagate changes to TEST2
7.

Assume a BIG-IP has no NATs or SNATs configured. Which two scenarios are possible when client traffic arrives on a BIG-IP that is NOT destined to a self-IP? (Choose two)
- A.
  
  If the destination of the traffic does not match a virtual server, the traffic will be discarded
- B.
  
  If the destination of the traffic does not match a virtual server, the traffic will be forwarded based on routing tables
- C.
  
  If the destination of the traffic matches a virtual server, the traffic will be processed per the virtual servers definition
- D.
  
  If the destination of the traffic matches a virtual server, the traffic will be forwarded, but it cannot be load-balanced since no SNAT has been configured
8.

If a client's browser does not accept cookies, what occurs when the client connects to a virtual server using cookie persistence?
- A.
  
  The connection request is not processed
- B.
  
  The connection request is sent to an apology server
- C.
  
  The connection request is load-balanced to an available pool member
- D.
  
  The connection request is refused and the client is sent a "server not available" message
9.

Assuming other fail-over settings are at their default state, what would occur if the fail-over cable where to be disconnected for five seconds and then reconnected?
- A.
  
  As long as network communication is not lost, no change will occur
- B.
  
  Nothing. Fail-over due to loss of voltage will not occur if the voltage is lost for less than ten seconds
- C.
  
  When the cable is disconnected, both systems will become active. When the voltage is restored, unit two will revert to standby mode
- D.
  
  When the cable is disconnected, both systems will become active. When the voltage is restored, both systems will maintain active mode
10.

Assuming there are open connections through an active system's virtual servers and a fail-over occurs, by default, what happens to the connections?
- A.
  
  All open connections are lost.
- B.
  
  All open connections are maintained.
- C.
  
  When persistence mirroring is enabled, open connections are maintained even if a fail-over occurs.
- D.
  
  Long-lived connections such as Telnet and FTP are maintained, but short-lived connections such as HTTP are lost.
- E.
  
  All open connections are lost, but new connections are initiated by the newly active BIG-IP, resulting in minimal client downtime.
11.

Which VLANs must be enabled for a SNAT to perform as desired (translating only desired packets)?
- A.
  
  The SNAT must be enabled for all VLANs.
- B.
  
  The SNAT must be enabled for the VLANs where desired packets leave the BIG-IP.
- C.
  
  The SNAT must be enabled for the VLANs where desired packets arrive on the BIG-IP.
- D.
  
  The SNAT must be enabled for the VLANs where desired packets arrive and leave the BIG-IP.
12.

Which three methods can be used for initial access to a BIG-IP system? (Choose three.)
- A.
  
  CLI access to the serial console port
- B.
  
  SSH access to the management port
- C.
  
  SSH access to any of the switch ports
- D.
  
  HTTP access to the management port
- E.
  
  HTTP access to any of the switch ports
- F.
  
  HTTPS access to the management port
- G.
  
  HTTPS access to any of the switch ports
13.

When can a single virtual server be associated with multiple profiles?
- A.
  
  Never. Each virtual server has a maximum of one profile.
- B.
  
  Often. Profiles work on different layers and combining profiles is common.
- C.
  
  Rarely. One combination, using both the TCP and HTTP profile does occur, but it is the exception.
- D.
  
  Unlimited. Profiles can work together in any combination to ensure that all traffic types are supported in a given virtual server.
14.

Which action will take place when a failover trigger is detected by the active system?
- A.
  
  The active device will take the action specified for the failure.
- B.
  
  The standby device also detects the failure and assumes the active role.
- C.
  
  The active device will wait for all connections to terminate and then fail-over.
- D.
  
  The standby device will begin processing virtual servers that have failed, but the active device will continue servicing the functional virtual servers.
15.

A virtual server at 10.10.1.100:80 has the rule listed below applied. when HTTP_REQUEST {if {[HTTP::uri] ends_with "htm" } {pool pool1}elseif {[HTTP::uri] ends_with "xt" } {pool pool2}}If a user connects to http://10.10.1.100/foo.txt which pool will receive the request?
- A.
  
  Pool1
- B.
  
  Pool2
- C.
  
  None. The request will be dropped.
- D.
  
  Unknown. The pool cannot be determined from the information provided.
16.

Which three properties can be assigned to nodes? (Choose three.)
- A.
  
  Ratio values
- B.
  
  Priority values
- C.
  
  Health monitors
- D.
  
  Connection limits
- E.
  
  Load-balancing mode
17.

Given that VLAN fail-safe is enabled on the external VLAN and the network that the active BIGIP's external VLAN is connected to has failed, which statement is always true about the results?
- A.
  
  The active system will note the failure in the HA table.
- B.
  
  The active system will reboot and the standby system will go into active mode.
- C.
  
  The active system will fail-over and the standby system will go into active mode.
- D.
  
  The active system will restart the traffic management module to eliminate the possibility that BIG-IP is the cause for the network failure.
18.

Which statement is true about the synchronization process, as performed by the Configuration Utility or by typing b config sync all?
- A.
  
  The process should always be run from the standby system
- B.
  
  The process should always be run from the system with the latest configuration.
- C.
  
  The two /config/bigip.conf configuration files are synchronized (made identical) each time the process is run.
- D.
  
  Multiple files, including /config/bigip.conf and /config/bigip_base.conf, are synchronized (made identical) each time the process is run.
19.

Under what condition must an appliance license be reactivated?
- A.
  
  Licenses only have to be reactivated for RMAs - no other situations.
- B.
  
  Licenses generally have to be reactivated during system software upgrades.
- C.
  
  Licenses only have to be reactivated when new features are added (IPv6, Routing Modules, etc) - no other situations.
- D.
  
  Never. Licenses are permanent for the platform regardless the version of software installed.
20.

A site needs a virtual server that will use an iRule to parse HTTPS traffic based on HTTP header values. Which two profile types must be associated with such a virtual server? (Choose two.)
- A.
  
  TCP
- B.
  
  HTTP
- C.
  
  HTTPS
- D.
  
  ServerSSL
21.

A virtual server is listening at 10.10.1.100:80 and has the following iRule associated with it: when HTTP_REQUEST {if {[HTTP::uri] ends_with "txt" } {pool pool1}elseif {[HTTP::uri] ends_with "php" } {pool pool2}}If a user connects to http://10.10.1.100/foo.html, which pool will receive the request?
- A.
  
  Pool1
- B.
  
  Pool2
- C.
  
  None. The request will be dropped.
- D.
  
  Unknown. The pool cannot be determined from the information provided.
22.

Which two can be a part of a virtual server's definition? (Choose two.)
- A.
  
  Rule(s)
- B.
  
  Pool(s)
- C.
  
  Monitor(s)
- D.
  
  Node address(es)
- E.
  
  Load-balancing method(s)
23.

How is MAC masquerading configured?
- A.
  
  Specify the desired MAC address for each VLAN for which you want this feature enabled.
- B.
  
  Specify the desired MAC address for each self-IP address for which you want this feature enabled.
- C.
  
  Specify the desired MAC address for each VLAN on the active system and synchronize the systems.
- D.
  
  Specify the desired MAC address for each floating self-IP address for which you want this feature enabled.
24.

The current status of a given pool member is unknown. Which condition could explain that state?
- A.
  
  The member has no monitor assigned to it.
- B.
  
  The member has a monitor assigned to it and the most recent monitor was successful.
- C.
  
  The member has a monitor assigned to it and the monitor did not succeed during the most recent timeout period.
- D.
  
  The member's node has a monitor assigned to it and the monitor did not succeed during the most recent timeout period.
25.

How is persistence configured?
- A.
  
  Persistence is an option within each pool's definition.
- B.
  
  Persistence is a profile type; an appropriate profile is created and associated with virtual server.
- C.
  
  Persistence is a global setting; once enabled, load-balancing choices are superceded by the persistence method that is specified.
- D.
  
  Persistence is an option for each pool member. When a pool is defined, each member's definition includes the option for persistence.