301b Sample Questions Answers

An LTM Specialist must perform a packet capture on a virtual server with an applied standard FastL4 profile. The virtual server 10.0.0.1:443 resides on vlan301.

Which steps should the LTM Specialist take to capture the data payload successfully while ensuring no other virtual servers are affected?

-- Exhibit –

-- Exhibit --

Refer to the exhibit.

A virtual server is set up on an LTM device as follows:

Virtual server address 78.24.213.79

Default Persistence ProfilE. source_addr, 600s.

Pool NamE. Pool1

Pool Members: 10.72.250.52:80 and 10.72.250.60:80 (both on Internal Vlan)

There are several current connections to the virtual server, and pool member 10.72.250.52:80 has been set to a "Disabled" state.

A tcpdump on the Internal Vlan shows traffic going to 10.72.250.52:80.

How soon after the persistence table query was run can existing connections be refreshed/renewed to ensure that no requests are sent to 10.72.250.52?

A OneConnect profile is applied to a virtual server. The LTM Specialist would like the client source IP addresses within the 10.10.10.0/25 range to reuse an existing server side connection.

Which OneConnect profile source mask should the LTM Specialist use?

-- Exhibit –

-- Exhibit --

Refer to the exhibit.

An LTM Specialist is troubleshooting a new HTTP monitor on a pool. The pool member is functioning correctly when accessed directly through a browser. However, the monitor is marking the member as down. The LTM Specialist captures the monitor traffic via tcpdump.

What is the issue?

-- Exhibit –

-- Exhibit --

Refer to the exhibit.

An LTM Specialist is troubleshooting an issue with an application configured on an LTM device. The application works properly when accessed directly via the servers; however, it does not work when accessed via the LTM device. The virtual server, 192.168.1.211:443, is configured to SNAT using the address 192.168.1.144 and references a pool with the member 192.168.10.80:443. The virtual server has no Client or Server SSL profiles associated.

Which configuration change will allow the application to function through the virtual server?

An LTM Specialist is customizing local traffic logging.

Which traffic management OS alert level provides the most detail?

-- Exhibit –

-- Exhibit --

Refer to the exhibit.

A user is unable to access an HTTP application via a virtual server.

What is the cause of the failure?

Which command will identify the active LTM device currently handling client traffic?

-- Exhibit –

-- Exhibit --

Refer to the exhibit.

Which step should an LTM Specialist take to utilize AVR?

An LTM Specialist is troubleshooting a problem on an eCommerce website. The user browses the online store using port 80, adding items to the shopping cart. The user then clicks the "Checkout" button on the site, which redirects the user to port 443 for the checkout process. Suddenly, the user's shopping cart is shown as empty. The shopping cart data is stored in memory on the server, and the default source address persistence profile is used on both virtual servers.

How should the LTM Specialist resolve this issue?

-- Exhibit –

-- Exhibit --

Refer to the exhibit.

An LTM Specialist configures a virtual server that balances HTTP connections to a pool of three application servers. Approximately one out of every three connections to the virtual server fails.

Which two actions will resolve the problem? (Choose two.)

-- Exhibit –

-- Exhibit --

Refer to the exhibit.

An LTM Specialist has a virtual server set up on the LTM device as per the exhibit. The LTM Specialist receives reports of intermittent issues. Some clients are connecting fine while others are failing to connect.

The LTM Specialist does a tcpdump on the relevant interfaces, with the following results extracted:

What is causing the intermittent issues?

-- Exhibit –

-- Exhibit --

Refer to the exhibit.

An LTM Specialist has created a virtual server to balance connections to a pool of application servers and offload SSL decryption. Clients connect to the application at https://www.example.com/. The virtual server is configured with a clientssl profile but no serverssl profile. The application servers are listening on ports 80 and 443. Users are unable to connect to the application through the virtual server but are able to connect directly to the application server.

What is the root cause of the error?

An LTM Specialist uploaded new releases .iso and .md5 files titled "BIGIP-FILENAME" via the GUI.

Which commands are run via the command line from the root directory to verify the integrity of the new .iso file?

What is a benefit provided by F5 Enterprise Manager?

-- Exhibit –

-- Exhibit --

Refer to the exhibits.

Users are able to access the application when connecting directly to the web server but are unsuccessful when connecting to the virtual server. Return traffic bypasses the LTM device using Layer 2 nPath routing.

Which configuration change resolves this problem?

-- Exhibit –

-- Exhibit --

Refer to the exhibits.

Which two servers are missing two frequently used URLs? (Choose two.)

An LTM Specialist needs to rewrite text within an HTML response from a web server. A client is sending the following HTTP request:

GET / HTTP/1.1

Host: www.example.com

User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:16.0) Gecko/20100101 Firefox/16.0

Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8

Accept-LanguagE. en-US,en;q=0.5

Accept-EncodinG. gzip, deflate

Cache-Control: no-cache

Connection: keep-alive

CookiE. somecookie=1

HTTP/1.1 200 OK

Server: Apache/2.2.15 (Unix)

Last-ModifieD. Wed, 12 Aug 2009 00:00:30 GMT

Accept-Ranges: bytes

Content-LengtH. 1063

X-Cnection: close

Content-TypE. text/html; charset=UTF-8

Vary: Accept-Encoding

Content-EncodinG. gzip

Connection: Keep-Alive

Although a stream profile has been added to the virtual server, the content within the HTTP response is NOT being matched and therefore NOT modified.

Which header field is contributing to the issue?

An LTM Specialist has set up a custom SNMP alert.

Which command line tool should the LTM Specialist use to test the alert?

An LTM Specialist has installed a hotfix that updated the SCCP firmware package.

Which command will ensure that the host subsystem and SCCP reboot?

-- Exhibit –

-- Exhibit --

Refer to the exhibit.

A web application is configured to allow sessions to continue even after a user computer is shut down for the night. A new LTM device is configured to load balance the web application to several servers. The application owner reports that application users are logged out of the web application whenever their browser is restarted or computer is rebooted.

What is the problem?

What is the effect of an iRule error such as referencing an undefined variable?

An LTM Specialist needs to rewrite text within an HTML response from a web server. A client is sending the HTTP request below:

GET / HTTP/1.1

Host: www.f5.com

User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:16.0) Gecko/20100101 Firefox/16.0

Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8

Accept-LanguagE. en-US,en;q=0.5

Accept-EncodinG. gzip, deflate

Cache-Control: no-cache

Connection: keep-alive

CookiE. somecookie=1

Although a stream profile has been added to the virtual server, the content within the HTTP response is NOT being matched, and therefore NOT modified.

Which HTTP header should the LTM Specialist remove from the request to ensure the content can be matched and modified?

-- Exhibit –

-- Exhibit --

Refer to the exhibit.

An LTM Specialist is troubleshooting an issue with SSL and is receiving the error shown when connecting to the virtual server. When connecting directly to the pool member, clients do NOT receive this message, and the application functions correctly. The LTM Specialist exports the appropriate certificate and key from the pool member and imports them into the LTM device. The LTM Specialist then creates the Client SSL profile and associates it with the virtual server.

What is the issue?

A client is attempting to log in to a web application that requires authentication. The following HTTP headers are sent by the client:

GET /owa/ HTTP/1.1

Authorization: Basic dXNlcm5hbWU6cGFzc3dvcmQ=

User-Agent: curl/7.26.0

Host: 10.0.0.14

Accept: */*

Accept-EncodinG. gzip,deflate

The web server is responding with the following HTTP headers:

HTTP/1.1 401 Unauthorized

Content-TypE. text/html

Server: Microsoft-IIS/7.5

WWW-AuthenticatE. NTLM

DatE. Wed, 16 Aug 1977 19:12:31 GMT

Content-LengtH. 1293

The client has checked the login credentials and believes the correct details are being entered.

What is the reason the destination web server is sending an HTTP 401 response?

An LTM device pool has suddenly been marked down by a monitor. The pool consists of members 10.0.1.1:443 and 10.0.1.2:443 and are verified to be listening. The affected virtual server is 10.0.0.1:80.

Which two tools should the LTM Specialist use to troubleshoot the associated HTTPS pool monitor via the command line interface? (Choose two.)

A BIG-IP Operator has made a grave error and deleted a few virtual servers on the active LTM device fronting the web browsing proxies. The BIG-IP Operator has NOT yet performed a configuration sync.

Which command should the LTM Specialist execute on the active LTM device to force a failover to the standby node and restore web browsing?

An application is configured on an LTM device:

Virtual server: 10.0.0.1:80 (VLAN vlan301)

SNAT IP: 10.0.0.1

Pool members: 10.0.1.1:8080, 10.0.1.2:8080, 10.0.1.3:8080 (VLAN vlan302)

Which packet capture should the LTM Specialist perform on the LTM device command line interface to capture only server traffic specifically for this application?

-- Exhibit –

-- Exhibit --

Refer to the exhibits.

How should the LTM Specialist minimize the configuration?

A web developer has created a custom HTTP call to a backend application. The HTTP headers being sent by the HTTP call are:

GET / HTTP/1.1

User-Agent: MyCustomApp (v1.0)

Accept: text/html

Cache-Control: no-cache

Connection: keep-alive

CookiE. somecookie=1

The backend server is responding with the following:

HTTP/1.1 400 Bad Request

DatE. Wed, 20 Jul 2012 17:22:41 GMT

Connection: close

Why is the HTTP web server responding with a HTTP 400 Bad Request?

A web application sends information about message integrity and content life time to the client.

Which two HTTP headers should be used in sending the client information? (Choose two.)

An LTM device has been configured to log the reasons for generating TCP RST packets.

The following log entry occurs:

"01230140:3: RST sent from 192.168.1.100:80 to 192.168.1.124:39272, [0x112d82a:1721] {peer} TCP RST from remote system."

Which condition will trigger this log entry?

An LTM device is serving an FTP virtual server that has three pool members. The FTP pool members are monitored via TCP port 21. Customers are reporting that they are able to log in, but are sometimes unable to upload files to the server.

Which monitor should the LTM Specialist configure to verify that the servers can handle file uploads?

-- Exhibit –

-- Exhibit --

Refer to the exhibits.

After upgrading LTM from v10 to v11, users are unable to connect to an application. The virtual server is using a client SSL profile for re-terminating SSL for payload inspection, but a server SSL profile is being used to re-encrypt the request.

A client side ssldump did NOT show any differences between the traffic going directly to the server and the traffic being processed by the LTM device. However, packet capture was done on the server, and differences were noted.

Which modification will allow the LTM device to process the traffic correctly?

An LTM Specialist loads a UCS file generated on a different LTM device and receives the following error message:

"mcpd[2395]: 01070608:0: License is not operational (expired or digital signature does not match contents)"

Which command should the LTM Specialist use to prevent the error?

-- Exhibit –

-- Exhibit --

Refer to the exhibit.

Based on the output of the tmsh interface show command, what is the issue?

An LTM Specialist is troubleshooting an issue with a new virtual server. When connecting through the virtual server, clients receive the message "The connection was reset" in the browser, although connections directly to the pool member show the application is functioning correctly.

ltm pool srv1_https_pool {

members {

192.168.2.1:https{

address 192.168.2.1

}

}

}

ltm virtual https_example_vs {

destination 192.168.1.155:https

ip-protocol tcp

mask 255.255.255.255

pool srv1_https_pool

profiles {

http { }

tcp { }

}

snat automap

vlans-disabled

}

How should the LTM Specialist resolve this issue?

Which iRule statement demotes a virtual server from CMP?

-- Exhibit –

-- Exhibit --

Refer to the exhibit.

An LTM Specialist is working on an LTM 11.0.0 installation and has identified a security vulnerability as shown in the exhibit. The LTM Specialist is tasked with applying the latest available hotfix to resolve the problem.

Which procedure resolves the problem?

An LTM Specialist has just manually failed the active LTM device over to the standby LTM device. The LTM Specialist notices the newly active LTM device is NOT currently receiving traffic. The LTM Specialist verifies the newly active device is responding to ARP but still no traffic is hitting the virtual servers. The LTM Specialist also notices that the virtual servers eventually start responding.

What should be added to the configuration to resolve the problem?

-- Exhibit –

-- Exhibit --

Refer to the exhibit.

An LTM Specialist is investigating intermittent page load issues being reported by users.

What should the LTM Specialist do to resolve the issue?

-- Exhibit –

-- Exhibit --

Refer to the exhibit.

Which URL should be reported to the server/application team as getting user-visible errors?

Which iRule will instruct the client's browser to avoid caching HTML server responses?

Which two subsystems could the LTM Specialist utilize to access an LTM device with lost management interface connectivity? (Choose two.)

An LTM Specialist is creating a custom EAV monitor.

In which directory should the LTM Specialist upload the script?

-- Exhibit –

-- Exhibit --

Refer to the exhibit.

An LTM Specialist is troubleshooting a virtual server. Both the virtual server and the pool are showing blue squares for their statuses, and new clients report receiving "The connection was reset" through their browsers. Connections directly to the pool member are successful.

What is the issue?

-- Exhibit –

-- Exhibit --

Refer to the exhibit.

An administrator created a monitor to a pool member web server, which resulted in a pool member that is marked red. The administrator knows the web server is working when it is accessed from another computer.

What should the administrator do to correct the problem?

-- Exhibit –

-- Exhibit --

Refer to the exhibits.

An LTM Specialist uses the information in the logs to determine the cause of a failover event in a high-availability (HA) pair.

What caused the failover?

-- Exhibit –

-- Exhibit --

Refer to the exhibit.

A pair of LTM devices is configured for HA.

What happens if the pool member server with IP address 10.0.0.4 becomes totally unresponsive to the active LTM device, but is still responsive to the standby LTM device?

A failover event is recorded in the log messages:

Jan 01 00:00:50 BIG-IP notice sod[5855]: 01140029:5: HA proc_running tmm fails action is go offline and down links.

Jan 01 00:00:50 BIG-IP notice sod[5855]: 010c0050:5: Sod requests links down.

Jan 01 00:00:50 BIG-IP notice sod[5855]: 010c0054:5: Offline for traffic group /Common/traffic-group-1.

Jan 01 00:00:50 BIG-IP notice sod[5855]: 010c003e:5: Offline

Jan 01 00:00:50 BIG-IP notice logger: /usr/bin/tmipsecd --tmmcount 4 ==> /usr/bin/bigstart stop racoon

Jan 01 00:00:50 BIG-IP info lacpd[5502]: 01160016:6: Failover event detected. (Switchboard failsafe disabled while offline)

Jan 01 00:00:51 BIG-IP err bcm56xxd[5296]: 012c0010:3: Failover event detected. Marking external interfaces down. bsx.c(3633)

Jan 01 00:00:51 BIG-IP info bcm56xxd[5296]: 012c0015:6: Link: 1.1 is DOWN

Jan 01 00:00:56 BIG-IP notice mcpd[5318]: 0107143c:5: Connection to CMI peer 10.0.0.3 has been removed

Jan 01 00:00:56 BIG-IP notice mcpd[5318]: 0107143a:5: CMI reconnect timer: enabled

Jan 01 00:00:56 BIG-IP notice mcpd[5318]: 01071431:5: Attempting to connect to CMI peer 10.0.0.3 port 6699

What is the cause of the failover?

Which procedure should an LTM Specialist follow to move a configuration from a 1500 to a 1600 hardware platform during an upgrade?

An LTM Specialist has configured a virtual server for www.example.com, load balancing connections to a pool of application servers that provide a shopping cart application. Cookie persistence is enabled on the virtual server. Users are able to connect to the application, but the user's shopping cart fails to update. A traffic capture shows the following:

Request:

GET /cart/updatecart.php HTTP/1.1

Host: www.example.com

Connection: keep-alive

Cache-Control: max-age=0

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_7_5) AppleWebKit/537.4 (KHTML, like Gecko) Chrome/22.0.1229.94 Safari/537.4

Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8

Accept-EncodinG. gzip,deflate,sdch

Accept-LanguagE. en-US,en;q=0.8

Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

CookiE. BIGipServerwebstore_pool=353636524.20480.0000

Response:

HTTP/1.1 200 OK

DatE. Wed, 24 Oct 2012 18:00:13 GMT

Server: Apache/2.2.22 (Ubuntu)

X-Powered-By: PHP/5.3.10-1ubuntu3.1

Set-CookiE. cartID=647A5EA6657828C69DB8188981CB5; path=/; domain=wb01.example.com

Keep-AlivE. timeout=5, max=100

Connection: Keep-Alive

Content-TypE. text/html

No changes can be made to the application.

What should the LTM Specialist do to resolve the problem?

-- Exhibit –

-- Exhibit --

Refer to the exhibit.

A pair of LTM devices are deployed in a high-availability (HA) pair as the diagram shows. After inserting a new rule on the firewalls, the LTM devices become Standby. The rule drops all outbound sessions to the Internet. Only inbound connections are allowed from the Internet. There are no other changes to the environment.

What triggered the LTM device failover?

An application owner claims an LTM device is delaying delivery of an HTTP application. The LTM device has two VLANs, an internal and an external. The application servers reside on the internal VLAN. The virtual server and clients reside on the external VLAN.

With appropriate filters applied, which solution is most efficient for obtaining packet captures in order to investigate the claim of delayed delivery?

Which iRule will reject any connection originating from a 10.0.0.0/8 network?

A device on the network is configured with the same IP address as the management address of the active LTM device, causing the management GUI to be inaccessible.

Which two methods should the LTM Specialist use to access the LTM device in order to change the management IP address? (Choose two.)

-- Exhibit –

-- Exhibit --

Refer to the exhibit.

An LTM device is used to load balance web content over a secure channel.

The developers of the web content have done a trace using an HTTP profiler application. They believe that allowing the LTM device to compress traffic to the client will improve performance. The client can utilize GZIP or deflate compression algorithms.

An LTM Specialist must implement the compression.

The LTM Specialist has completed the following actions:

1. Create the relevant profile.

2. Apply the relevant profile to the virtual server (VS).

After applying the relevant profile, the LTM device is failing to compress the traffic. Instead, the traffic is being served with an error.

What is the problem?

The output of a tmsh command is: ------------------------------------------------------------ Net::Interface Name Status Bits Bits Errs Errs Drops Drops Colli In Out In Out In Out sions ------------------------------------------------------------ 1.1 down 0 0 0 0 0 0 0 1.2 up 191.4K 0 0 0 374 0 0 1.3 down 0 0 0 0 0 0 0 1.4 up 22.5K 0 0 0 44 0 0 2.1 miss 0 0 0 0 0 0 0 2.2 miss 0 0 0 0 0 0 0 mgmt up 43.2G 160.0G 0 0 0 0 0

Which command was executed on the LTM device to show the output?

What is the correct command to reset an LTM device to its default settings?