Ltm

50 Questions | Total Attempts: 349

Settings
Please wait...
Ltm

.


Questions and Answers
  • 1. 
    Where is the load-balancing mode specified?
    • A. 

      Within the pool definition

    • B. 

      Within the node definition

    • C. 

      Within the virtual server definition

    • D. 

      Within the pool member definition

  • 2. 
    Assume a virtual server has a ServerSSL profile. What SSL certificates are required on the BIG-IP?
    • A. 

      No SSL certificates are required on the BIG-IP

    • B. 

      The BIG-IP's SSL certificates must only exist

    • C. 

      The BIG-IP's SSL certificates must be issued from a certificate authority

    • D. 

      The BIG-IP's SSL certificates must be created within the company hosting the BIG-IPs

  • 3. 
    • A. 

      Synching should not be performed

    • B. 

      The first system to be updated will assume the Active role

    • C. 

      This is not possible since both systems are updated simultaneously

    • D. 

      The older system will issue SNMP traps indicating a communication error with the partner

  • 4. 
    Assume a client's traffic is being processed only by a NAT; no SNAT or virtual server processing takes place. Also assume that the NAT definition specifies a NAT address and an origin address while all the other settings are left at their defaults. If a client were to initiate traffic to the NAT address, what changes, if any, would take place when the BIG-IP processes such packets?
    • A. 

      The source address would not change, but the destination address would be translated to the origin address

    • B. 

      The destination address would not change, but the source address would be translated to the origin address

    • C. 

      The source address would not change, but the destination address would be translated to the NAT's address

    • D. 

      The destination address would not change, but the source address would be translated to the NAT's address

  • 5. 
    Which statement is true concerning SSL termination?
    • A. 

      A virtual server that has both ClientSSL and ServerSSL profiles can still support cookie persistence

    • B. 

      Decrypting traffic at the BIG-IP allows the use of iRules for traffic management, but increases the load on the pool member

    • C. 

      When any virtual server uses a ClientSSL profile, all SSL traffic sent to the BIG-IP is decrypted before it is forwarded to servers

    • D. 

      If a virtual server has both a ClientSSL and ServerSSL profile, the pool members have less SSL processing than if the virtual server had only a ClientSSL profile

  • 6. 
    You have created a custom profile named TEST2. The parent profile of TEST2 is named TEST1. If additional changes are made to TEST1, what is the effect on TEST2?
    • A. 

      All changes to TEST1 are propagated to TEST2

    • B. 

      Some of the changes to TEST1 may propagate to TEST2

    • C. 

      Changes to TEST1 cannot affect TEST2 once TEST2 is saved

    • D. 

      When TEST1 is changed, the administrator is prompted and can choose whether to propagate changes to TEST2

  • 7. 
    Assume a BIG-IP has no NATs or SNATs configured. Which two scenarios are possible when client traffic arrives on a BIG-IP that is NOT destined to a self-IP? (Choose two)
    • A. 

      If the destination of the traffic does not match a virtual server, the traffic will be discarded

    • B. 

      If the destination of the traffic does not match a virtual server, the traffic will be forwarded based on routing tables

    • C. 

      If the destination of the traffic matches a virtual server, the traffic will be processed per the virtual servers definition

    • D. 

      If the destination of the traffic matches a virtual server, the traffic will be forwarded, but it cannot be load-balanced since no SNAT has been configured

  • 8. 
    If a client's browser does not accept cookies, what occurs when the client connects to a virtual server using cookie persistence?
    • A. 

      The connection request is not processed

    • B. 

      The connection request is sent to an apology server

    • C. 

      The connection request is load-balanced to an available pool member

    • D. 

      The connection request is refused and the client is sent a "server not available" message

  • 9. 
    Assuming other fail-over settings are at their default state, what would occur if the fail-over cable where to be disconnected for five seconds and then reconnected?
    • A. 

      As long as network communication is not lost, no change will occur

    • B. 

      Nothing. Fail-over due to loss of voltage will not occur if the voltage is lost for less than ten seconds

    • C. 

      When the cable is disconnected, both systems will become active. When the voltage is restored, unit two will revert to standby mode

    • D. 

      When the cable is disconnected, both systems will become active. When the voltage is restored, both systems will maintain active mode

  • 10. 
    Assuming there are open connections through an active system's virtual servers and a fail-over occurs, by default, what happens to the connections?
    • A. 

      All open connections are lost.

    • B. 

      All open connections are maintained.

    • C. 

      When persistence mirroring is enabled, open connections are maintained even if a fail-over occurs.

    • D. 

      Long-lived connections such as Telnet and FTP are maintained, but short-lived connections such as HTTP are lost.

    • E. 

      All open connections are lost, but new connections are initiated by the newly active BIG-IP, resulting in minimal client downtime.

  • 11. 
    • A. 

      The SNAT must be enabled for all VLANs.

    • B. 

      The SNAT must be enabled for the VLANs where desired packets leave the BIG-IP.

    • C. 

      The SNAT must be enabled for the VLANs where desired packets arrive on the BIG-IP.

    • D. 

      The SNAT must be enabled for the VLANs where desired packets arrive and leave the BIG-IP.

  • 12. 
    Which three methods can be used for initial access to a BIG-IP system? (Choose three.)
    • A. 

      CLI access to the serial console port

    • B. 

      SSH access to the management port

    • C. 

      SSH access to any of the switch ports

    • D. 

      HTTP access to the management port

    • E. 

      HTTP access to any of the switch ports

    • F. 

      HTTPS access to the management port

    • G. 

      HTTPS access to any of the switch ports

  • 13. 
    When can a single virtual server be associated with multiple profiles?
    • A. 

      Never. Each virtual server has a maximum of one profile.

    • B. 

      Often. Profiles work on different layers and combining profiles is common.

    • C. 

      Rarely. One combination, using both the TCP and HTTP profile does occur, but it is the exception.

    • D. 

      Unlimited. Profiles can work together in any combination to ensure that all traffic types are supported in a given virtual server.

  • 14. 
    • A. 

      The active device will take the action specified for the failure.

    • B. 

      The standby device also detects the failure and assumes the active role.

    • C. 

      The active device will wait for all connections to terminate and then fail-over.

    • D. 

      The standby device will begin processing virtual servers that have failed, but the active device will continue servicing the functional virtual servers.

  • 15. 
    • A. 

      Pool1

    • B. 

      Pool2

    • C. 

      None. The request will be dropped.

    • D. 

      Unknown. The pool cannot be determined from the information provided.

  • 16. 
    Which three properties can be assigned to nodes? (Choose three.)
    • A. 

      Ratio values

    • B. 

      Priority values

    • C. 

      Health monitors

    • D. 

      Connection limits

    • E. 

      Load-balancing mode

  • 17. 
    Given that VLAN fail-safe is enabled on the external VLAN and the network that the active BIGIP's external VLAN is connected to has failed, which statement is always true about the results?
    • A. 

      The active system will note the failure in the HA table.

    • B. 

      The active system will reboot and the standby system will go into active mode.

    • C. 

      The active system will fail-over and the standby system will go into active mode.

    • D. 

      The active system will restart the traffic management module to eliminate the possibility that BIG-IP is the cause for the network failure.

  • 18. 
    Which statement is true about the synchronization process, as performed by the Configuration Utility or by typing b config sync all?
    • A. 

      The process should always be run from the standby system

    • B. 

      The process should always be run from the system with the latest configuration.

    • C. 

      The two /config/bigip.conf configuration files are synchronized (made identical) each time the process is run.

    • D. 

      Multiple files, including /config/bigip.conf and /config/bigip_base.conf, are synchronized (made identical) each time the process is run.

  • 19. 
    Under what condition must an appliance license be reactivated?
    • A. 

      Licenses only have to be reactivated for RMAs - no other situations.

    • B. 

      Licenses generally have to be reactivated during system software upgrades.

    • C. 

      Licenses only have to be reactivated when new features are added (IPv6, Routing Modules, etc) - no other situations.

    • D. 

      Never. Licenses are permanent for the platform regardless the version of software installed.

  • 20. 
    A site needs a virtual server that will use an iRule to parse HTTPS traffic based on HTTP header values. Which two profile types must be associated with such a virtual server? (Choose two.)
    • A. 

      TCP

    • B. 

      HTTP

    • C. 

      HTTPS

    • D. 

      ServerSSL

  • 21. 
    A virtual server is listening at 10.10.1.100:80 and has the following iRule associated with it: when HTTP_REQUEST {if {[HTTP::uri] ends_with "txt" } {pool pool1}elseif {[HTTP::uri] ends_with "php" } {pool pool2}}If a user connects to http://10.10.1.100/foo.html, which pool will receive the request?
    • A. 

      Pool1

    • B. 

      Pool2

    • C. 

      None. The request will be dropped.

    • D. 

      Unknown. The pool cannot be determined from the information provided.

  • 22. 
    Which two can be a part of a virtual server's definition? (Choose two.)
    • A. 

      Rule(s)

    • B. 

      Pool(s)

    • C. 

      Monitor(s)

    • D. 

      Node address(es)

    • E. 

      Load-balancing method(s)

  • 23. 
    How is MAC masquerading configured?
    • A. 

      Specify the desired MAC address for each VLAN for which you want this feature enabled.

    • B. 

      Specify the desired MAC address for each self-IP address for which you want this feature enabled.

    • C. 

      Specify the desired MAC address for each VLAN on the active system and synchronize the systems.

    • D. 

      Specify the desired MAC address for each floating self-IP address for which you want this feature enabled.

  • 24. 
    The current status of a given pool member is unknown. Which condition could explain that state?
    • A. 

      The member has no monitor assigned to it.

    • B. 

      The member has a monitor assigned to it and the most recent monitor was successful.

    • C. 

      The member has a monitor assigned to it and the monitor did not succeed during the most recent timeout period.

    • D. 

      The member's node has a monitor assigned to it and the monitor did not succeed during the most recent timeout period.

  • 25. 
    How is persistence configured?
    • A. 

      Persistence is an option within each pool's definition.

    • B. 

      Persistence is a profile type; an appropriate profile is created and associated with virtual server.

    • C. 

      Persistence is a global setting; once enabled, load-balancing choices are superceded by the persistence method that is specified.

    • D. 

      Persistence is an option for each pool member. When a pool is defined, each member's definition includes the option for persistence.

  • 26. 
    When configuring a pool member's monitor, which three association options are available?  (Choose three.)
    • A. 

      Inherit the pool's monitor

    • B. 

      Inherit the node's monitor

    • C. 

      Configure a default monitor

    • D. 

      Assign a monitor to the specific member

    • E. 

      Do not assign any monitor to the specific member

  • 27. 
    Assuming that systems are synchronized, which action could take place if the fail-over cable is connected correctly and working properly, but the systems cannot communicate over the network due to external network problems?
    • A. 

      If network fail-over is enabled, the standby system will assume the active mode.

    • B. 

      Whether or not network fail-over is enabled, the standby system will stay in standby mode.

    • C. 

      Whether or not network fail-over is enabled, the standby system will assume the active mode.

    • D. 

      If network fail-over is enabled, the standby system will go into active mode but only until the network recovers.

  • 28. 
    The ICMP monitor has been assigned to all nodes. In addition, all pools have been assigned custom monitors. If a pool web is marked available (green) which situation is sufficient to cause this?
    • A. 

      All of the web pools members nodes are responding to the ICMP monitor as expected.

    • B. 

      Less than 50% of the web pools members nodes responded to the ICMP echo request.

    • C. 

      All of the members of the web pool have had their content updated recently and their responses no longer match the monitors receive rule.

    • D. 

      Over 25% of the web pools members have had their content updated and it no longer matches the receive rule of the custom monitor. The others respond as expected.

  • 29. 
    Which four methods are available for remote authentication of those who are allowed to administer a BIG-IP system through the Configuration Utility? (Choose four.)
    • A. 

      LDAP

    • B. 

      OCSP

    • C. 

      RADIUS

    • D. 

      TACACS+

    • E. 

      Active Directory

  • 30. 
    Generally speaking, should the monitor templates be used as production monitors or should they be customized prior to use?
    • A. 

      Most templates, such as http and tcp, are as effective as customized monitors.

    • B. 

      Monitor template customization is only a matter of preference, not an issue of effectiveness or performance.

    • C. 

      Most templates, such as https, should have the receive rule customized to make the monitor more robust.

    • D. 

      While some templates, such as ftp, must be customized, those that can be used without modification are not improved by specific changes.

  • 31. 
    Which statement accurately describes the difference between two load-balancing modes specified as "member" and "node"?
    • A. 

      There is no difference; the two terms are referenced for backward compatibility purposes.

    • B. 

      When the load-balancing choice references "node", priority group activation is unavailable.

    • C. 

      Load-balancing options referencing "nodes" are available only when the pool members are defined for the "any" port.

    • D. 

      When the load-balancing choice references "node", the addresses' parameters are used to make the load-balancing choice rather than the member's parameters.

  • 32. 
    Where is persistence mirroring configured?
    • A. 

      It is always enabled.

    • B. 

      It is part of a pool definition.

    • C. 

      It is part of a profile definition.

    • D. 

      It is part of a virtual server definition.

  • 33. 
    • A. 

      The following request would be sent to pool2: http://www.xyz.com/i.htm?users=ca5678state=wa

    • B. 

      The following request would be sent to pool2: http://www.xyz.com/i.htm?userid=ca5678state=wa

    • C. 

      The following request would be sent to pool2: http://www.xyz.com/i.htm?ctrycd=ca5678user=ca5678

    • D. 

      The following request would be discarded: http://www.xyz.com/i.htm?users=ca5678state=wa

    • E. 

      The following request would be discarded: http://www.xyz.com/i.htm?userid=ca5678state=wa

    • F. 

      The following request would be discarded: http://www.xyz.com/i.htm?ctrycd=ca5678user=ca5678

  • 34. 
    Which three iRule events are likely to be seen in iRules designed to select a pool for load balancing? (Choose 3)
    • A. 

      CLIENT_DATA

    • B. 

      SERVER_DATA

    • C. 

      HTTP_REQUEST

    • D. 

      HTTP_RESPONSE

    • E. 

      CLIENT_ACCEPTED

    • F. 

      SERVER_SELECTED

    • G. 

      SERVER_CONNECTED

  • 35. 
    Which statement is true concerning the default communication between a redundant pair of BIGIP devices?
    • A. 

      Communication between the systems cannot be effected by port lockdown settings.

    • B. 

      Data for both connection and persistence mirroring are shared through the same TCP connection.

    • C. 

      Regardless of the configuration, some data is communicated between the systems at regular intervals.

    • D. 

      Connection mirroring data is shared through the serial fail-over cable unless network fail-over is enabled.

  • 36. 
    Which event is always triggered when a client initially connects to a virtual server configured with an HTTP profile?
    • A. 

      HTTP_DATA

    • B. 

      CLIENT_DATA

    • C. 

      HTTP_REQUEST

    • D. 

      CLIENT_ACCEPTED

  • 37. 
    Which IP address will the client address be changed to when SNAT automap is specified within a Virtual Server configuration?
    • A. 

      The floating self IP address on the VLAN where the packet leaves the system.

    • B. 

      The floating self IP address on the VLAN where the packet arrives on the system.

    • C. 

      It will alternate between the floating and non-floating self IP address on the VLAN where the packet leaves the system so that port exhaustion is avoided.

    • D. 

      It will alternate between the floating and non-floating self IP address on the VLAN where the packet arrives on the system so that port exhaustion is avoided..

  • 38. 
    Which statement is true concerning iRule events?
    • A. 

      All iRule events relate to HTTP processes.

    • B. 

      All client traffic has data that could be used to trigger iRule events.

    • C. 

      All iRule events are appropriate at any point in the client-server communication.

    • D. 

      If an iRule references an event that doesn't occur during the client's communication, the client's connection will be terminated prematurely.

  • 39. 
    A standard virtual server is defined with a pool and a SNAT using automap. All other settings for the virtual server are at defaults. When client traffic is processed by the BIG-IP, what will occur to the IP addresses?
    • A. 

      Traffic initiated by the pool members will have the source address translated to a self-IP address but the destination address will not be changed.

    • B. 

      Traffic initiated to the virtual server will have the destination address translated to a pool members address and the source address translated to a self-IP address.

    • C. 

      Traffic initiated by selected clients, based on their IP address, will have the source address translated to a self-IP address but the destination will only be translated if the traffic is destined to the virtual server.

    • D. 

      Traffic initiated to the virtual server will have the destination address translated to a pool members address and the source address translated to a self-IP address. Traffic arriving destined to other destinations will have the source translated to a self-IP address only.

  • 40. 
    Which two can be a part of a pool's definition? (Choose two.)
    • A. 

      Rule(s)

    • B. 

      Profile(s)

    • C. 

      Monitor(s)

    • D. 

      Persistence type

    • E. 

      Load-balancing mode

  • 41. 
    Which two statements describe differences between the active and standby systems? (Choose two.)
    • A. 

      Monitors are performed only by the active system.

    • B. 

      Fail-over triggers only cause changes on the active system.

    • C. 

      Virtual server addresses are hosted only by the active system.

    • D. 

      Configuration changes can only be made on the active system.

    • E. 

      Floating self-IP addresses are hosted only by the active system.

  • 42. 
    When network fail-over is enabled, which of the following is true?
    • A. 

      The fail-over cable status is ignored. Fail-over is determined by the network status only.

    • B. 

      Either a network failure or loss of voltage across the fail-over cable will cause a fail-over.

    • C. 

      A network failure will not cause a fail-over as long as there is a voltage across the fail-over cable.

    • D. 

      The presence or absence of voltage over the fail-over cable takes precedence over network fail-over.

  • 43. 
    What is the purpose of MAC masquerading?
    • A. 

      To prevent ARP cache errors

    • B. 

      To minimize ARP entries on routers

    • C. 

      To minimize connection loss due to ARP cache refresh delays

    • D. 

      To allow both BIG-IP devices to simultaneously use the same MAC address

  • 44. 
    • A. 

      The BIG-IP would drop the request since the traffic didnt arrive destined to the NAT address.

    • B. 

      The source address would not change, but the destination address would be changed to the NAT address.

    • C. 

      The source address would be changed to the NAT address and destination address would be left unchanged.

    • D. 

      The source address would not change, but the destination address would be changed to a self-IP of the BIG-IP.

  • 45. 
    Which statement is true regarding fail-over?
    • A. 

      Hardware fail-over is disabled by default.

    • B. 

      Hardware fail-over can be used in conjunction with network failover.

    • C. 

      If the hardware fail-over cable is disconnected, both BIG-IP devices will always assume the active role.

    • D. 

      By default, hardware fail-over detects voltage across the fail-over cable and monitors traffic across the internal VLAN.

  • 46. 
    When configuring a Virtual Server to use an iRule with an HTTP_REQUEST event, which lists required steps in a proper order to create all necessary objects?
    • A. 

      Create profiles, create the iRule, create required pools, create the Virtual Server

    • B. 

      Create the Virtual Server, create required pools, create the iRule, edit the Virtual Server

    • C. 

      Create a custom HTTP profile, create required pools, create the Virtual Server, create the iRule

    • D. 

      Create required pools, create a custom HTTP profile, create the iRule, create the Virtual Server

  • 47. 
    A virtual server is listening at 10.10.1.100:80 and has the following iRule associated with it: when HTTP_REQUEST {if { [HTTP::header User-Agent] contains "MSIE" } {pool MSIE_pool} else {pool Mozilla_pool}} If a user connects to http://10.10.1.100/foo.html and their browser does not specify a User-Agent, which pool will receive the request?
    • A. 

      MSIE_pool

    • B. 

      Mozilla_pool

    • C. 

      None. The request will be dropped.

    • D. 

      Unknown. The pool cannot be determined from the information provided.

  • 48. 
    When BIG-IP administrators are authenticating remotely, which two parameters are configured on the remote authentication system? (Choose two.)
    • A. 

      UserID

    • B. 

      Password

    • C. 

      Administrator Role

    • D. 

      Valid Access Times

  • 49. 
    What is required for a virtual server to support clients whose traffic arrives on the internal VLAN and pool members whose traffic arrives on the external VLAN?
    • A. 

      That support is never available.

    • B. 

      The virtual server must be enabled for both VLANs.

    • C. 

      The virtual server must be enabled on the internal VLAN.

    • D. 

      The virtual server must be enabled on the external VLAN.

  • 50. 
    Which process or system can be monitored by the BIG-IP system and used as a fail-over trigger in a redundant pair configuration?
    • A. 

      Bandwidth utilization

    • B. 

      Duplicate IP address

    • C. 

      CPU utilization percentage

    • D. 

      VLAN communication ability