New Year Sale - Special 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: 70dumps

301b Questions and Answers

Question # 6

The end users of a web application need to verify that their browsers received the complete message-body from the web server.

Which HTTP header will accomplish this?

A.

Range

B.

Expect

C.

Accept-Ranges

D.

Content-Length

Full Access
Question # 7

An LTM Specialist has a OneConnect profile and HTTP profile configured on a virtual server to load balance an HTTP application.

The following HTTP headers are seen in a network trace when a client connects to the virtual server:

Clientside:

GET / HTTP/1.1

Host: 192.168.136.100

User-Agent: Mozilla/5.0

Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8

Accept-EncodinG. gzip, deflate

Connection: keep-alive

Serverside:

HTTP/1.1 200 OK

DatE. 5 Jun 1989 17:06:55 GMT

Server: Apache/2.2.14 (Ubuntu)

Vary: Accept-Encoding

Content-EncodinG. gzip

Content-LengtH. 3729

X-Cnection: close

Content-TypE. text/html

The LTM Specialist notices the OneConnect feature is working incorrectly.

Why is OneConnect functioning incorrectly?

A.

Client must support HTTP/1.0.

B.

Client must support HTTP keep-alive.

C.

Server must support HTTP/0.9.

D.

Server must support HTTP keep-alive.

Full Access
Question # 8

Which iRule statement demotes a virtual server from CMP?

A.

set ::foo 123

B.

set static::foo 123

C.

persist source_addr 1800

D.

[ class match $HTTP_CONTENT contains my_data_class ]

Full Access
Question # 9

-- Exhibit –

-- Exhibit --

Refer to the exhibit.

An LTM Specialist configures a virtual server that balances HTTP connections to a pool of three application servers. Approximately one out of every three connections to the virtual server fails.

Which two actions will resolve the problem? (Choose two.)

A.

Assign a custom HTTP monitor to the pool.

B.

Enable SNAT automap on the virtual server.

C.

Verify that port lockdown is set to allow port 80.

D.

Verify the default gateway on the application servers.

E.

Increase the TCP timeout value in the default TCP profile.

Full Access
Question # 10

An LTM Specialist is investigating reports from users that SSH connections are being terminated unexpectedly. SSH connections are load balanced through a virtual server. The users experiencing this problem are running SQL queries that take upwards of 15 minutes to return with no screen output. The virtual server is standard with a pool associated and no other customizations.

What is causing the SSH connections to terminate?

A.

UDP IP ToS

B.

TCP idle timeout

C.

The virtual server has no persistence.

D.

The pool has Reselect Retries set to 0.

Full Access
Question # 11

An LTM Specialist has configured a virtual server for www.example.com, load balancing connections to a pool of application servers that provide a shopping cart application. Cookie persistence is enabled on the virtual server. Users are able to connect to the application, but the user's shopping cart fails to update. A traffic capture shows the following:

Request:

GET /cart/updatecart.php HTTP/1.1

Host: www.example.com

Connection: keep-alive

Cache-Control: max-age=0

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_7_5) AppleWebKit/537.4 (KHTML, like Gecko) Chrome/22.0.1229.94 Safari/537.4

Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8

Accept-EncodinG. gzip,deflate,sdch

Accept-LanguagE. en-US,en;q=0.8

Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

CookiE. BIGipServerwebstore_pool=353636524.20480.0000

Response:

HTTP/1.1 200 OK

DatE. Wed, 24 Oct 2012 18:00:13 GMT

Server: Apache/2.2.22 (Ubuntu)

X-Powered-By: PHP/5.3.10-1ubuntu3.1

Set-CookiE. cartID=647A5EA6657828C69DB8188981CB5; path=/; domain=wb01.example.com

Keep-AlivE. timeout=5, max=100

Connection: Keep-Alive

Content-TypE. text/html

No changes can be made to the application.

What should the LTM Specialist do to resolve the problem?

A.

Use an iRule to rewrite the cartID cookie domain.

B.

Create a universal persistence profile on the cartID cookie.

C.

Enable source address persistence as a fallback persistence method.

D.

Create a cookie persistence profile with "match across services" enabled.

Full Access
Question # 12

An LTM device is monitoring three pool members. One pool member is being marked down.

What should the LTM Specialist enable to prevent the server from being flooded with connections once its monitor determines it is up?

A.

manual resume

B.

packet shaping

C.

hold down timer

D.

slow ramp timer

E.

fastest load balance algorithm

Full Access
Question # 13

-- Exhibit –

-- Exhibit --

Refer to the exhibits.

An LTM Specialist has configured a virtual server to distribute connections to a pool of application servers and to offload SSL processing. The application fails to work as expected when connecting to the virtual server. It does work when clients connect directly to the application. Two packet captures were taken at the application server.

What is the root cause of the problem?

A.

The application servers are NOT listening on port 80.

B.

The LTM device is sending non-SSL traffic to an SSL port.

C.

The virtual server does NOT have a clientSSL profile assigned.

D.

The SSL handshake between the LTM device and the server is failing.

Full Access
Question # 14

An LTM device pair is configured for failover and connection mirroring. The LTM devices are configured with virtual servers for HTTP, HTTPS with SSL offload, and SSH. An event occurs that causes a failover. HTTP and SSH sessions active at the time of failover remain active, but HTTPS sessions are dropped.

What is the root cause of this problem?

A.

The SSL certificates on the LTM devices do NOT match.

B.

Connection mirroring is incompatible with clientssl profiles.

C.

SNAT automap was NOT enabled for the HTTPS virtual servers.

D.

Connection mirroring was NOT enabled for the HTTPS virtual servers.

Full Access
Question # 15

An LTM Specialist configures the following iRule on an LTM device:

when HTTP_REQUEST {

if {[string tolower [HTTP::uri]] contains "/URI1/" } {

pool Pool1

}

elseif {[string tolower [HTTP::uri]] contains "/URI2/" } {

pool Pool2

}

elseif {[string tolower [HTTP::uri]] contains "/URI3/" } {

pool Pool3

}

else { pool Pool4}

}

Given the following request: http://www.example.comURI1/index.html?fu=bar &pass=1234

Which pool will be selected by the iRule?

A.

Pool1

B.

Pool2

C.

Pool3

D.

Pool4

Full Access
Question # 16

An LTM Specialist has been asked to configure a virtual server to distribute connections between a pool of two application servers with addresses 172.16.20.1 and 172.16.20.2. The application servers are listening on TCP ports 80 and 443. The application administrators have asked that clients be directed to the same node for both HTTP and HTTPS requests within the same session.

Virtual servers vs_http and vs_https have been created, listening on 1.2.3.100:80 and 1.2.3.100:443, respectively.

Which configuration option will result in the desired behavior?

A.

Create pool app_pool with members 172.16.20.1:any and 172.16.20.2:any

Assign app_pool as the default pool for both vs_http and vs_https

Disable port translation for vs_http and vs_https

B.

Create pool http_pool with members 172.16.20.1:80 and 172.16.20.2:80

Assign pool http_pool as the default pool for both vs_https and vs_https

Disable port translation for vs_https

Create an SSL persistence profile with "match across virtual servers" enabled

Assign the persistence profile to vs_http.

C.

Create pool http_pool with members 172.16.20.1:80 and 172.16.20.2:80

Create pool https_pool with members 172.16.20.1:443 and 172.16.20.2:443

Assign http_pool as the default pool for vs_http

Assign https_pool as the default pool for vs_https

Create a source address persistence profile with "match across services" enabled

Assign the persistence profile to vs_http and vs_https

D.

Create pool http_pool with members 172.16.20.1:80 and 172.16.20.2:80

Create pool https_pool with members 172.16.20.1:443 and 172.16.20.2:443

Assign http_pool as the default pool for vs_http

Assign https_pool as the default pool for vs_https

Create an SSL persistence profile with "match across virtual servers" enabled

Assign the persistence profile to vs_http

Full Access
Question # 17

An LTM Specialist is setting up a monitor for an HTTP 1.1 server. The response to a GET / is:

HTTP/1.1 302 Moved Temporarily

Location: http://www.example.com/new/location.html

Which send string settings should the LTM Specialist use to force a proper response?

A.

GET / HTTP/1.0\r\nHost: host.domain.com\r\nConnection: Close\r\n\r\n

B.

GET /new/location.html HTTP/1.1\r\nHost: www.example.com\r\nConnection: Close\r\n\r\n

C.

GET / HTTP/1.1\r\nHost: www.example.com/new/location.html\r\nConnection: Close\r\n\r\n

D.

GET /new/location.html HTTP/1.1\r\nHost: host.domain.com/new/locations.html\r\nConnection: Close\r\n\r\n

Full Access
Question # 18

An LTM Specialist configured a virtual server to load balance a custom application. The application works when it is tested from within the firewall but it fails when tested externally. The pool member address is 192.168.200.10:80. A capture from an external client shows:

GET /index.jsp HTTP/1.1

Host: 207.206.201.100

User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:15.0) Gecko/20100101 Firefox/15.0.1

Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8

Connection: keep-alive

HTTP/1.1 302 Found

DatE. Wed, 17 Oct 2012 23:09:55 GMT

Server: Apache/2.2.15 (CentOS)

Location: http://192.168.200.10/user/home.jsp

Content-LengtH. 304

Connection: close

What is the solution to this issue?

A.

Assign a SNAT pool to the virtual server.

B.

Add a Web Acceleration Profile to the virtual server.

C.

Configure redirect rewrite option in the HTTP profile.

D.

Configure a content filter on the backend web server.

Full Access
Question # 19

-- Exhibit –

-- Exhibit --

Refer to the exhibits.

Users are able to access the application when connecting to the virtual server but are unsuccessful when connecting directly to the application servers. The LTM Specialist wants to allow direct access to the application servers.

Why are users unable to connect directly to the application servers?

A.

The router does NOT have a route to the server subnet.

B.

The web server does NOT have a correct default gateway.

C.

The LTM device does NOT have a SNAT on the External VLAN.

D.

The LTM device does NOT have an IP Forwarding virtual server on the Internal VLAN.

E.

The LTM device does NOT have an IP Forwarding virtual server on the External VLAN.

Full Access
Question # 20

An LTM Specialist configures an HTTP monitor as follows:

ltm monitor http stats_http_monitor {

defaults-from http

destination *:*

interval 5

recv "Health check: OK"

send "GET /stats/stats.html HTTP/1.1\\r\\nHost: www.example.com\\r\\nAccept-EncodinG. gzip, deflate\\r\\nConnection: close\\r\\n\\r\\n"

time-until-up 0

timeout 16

}

The monitor is marking all nodes as down. A trace of the HTTP conversation shows the following:

GET /stats/stats.html HTTP/1.1

Host: www.example.com

Accept-EncodinG. gzip, deflate

Connection: close

HTTP/1.1 401 Authorization Required

DatE. Tue, 23 Oct 2012 19:38:56 GMT

Server: Apache/2.2.15 (Unix)

WWW-AuthenticatE. Basic realm="Please enter your credentials"

Content-LengtH. 480

Connection: close

Content-TypE. text/html; charset=iso-8859-1

Which action will resolve the problem?

A.

Add an NTLM profile to the virtual server.

B.

Add a valid username and password to the monitor.

C.

Use an HTTPS monitor with a valid certificate instead.

D.

Add a backslash before the colon in the receive string.

Full Access
Question # 21

-- Exhibit –

-- Exhibit --

Refer to the exhibit.

An LTM Specialist is troubleshooting an issue with SSL and is receiving the error shown when connecting to the virtual server. When connecting directly to the pool member, clients do NOT receive this message, and the application functions correctly. The LTM Specialist exports the appropriate certificate and key from the pool member and imports them into the LTM device. The LTM Specialist then creates the Client SSL profile and associates it with the virtual server.

What is the issue?

A.

The SSL certificate and key have expired.

B.

The SSL certificate and key do NOT match.

C.

The client CANNOT verify the certification path.

D.

The common name on the SSL certificate does NOT match the hostname of the site.

Full Access
Question # 22

When re-licensing an LTM device from the command line interface, which tmsh command should the LTM Specialist use to generate the required information to provide on the F5 licensing portal?

A.

tmsh run /util get-dossier

B.

tmsh generate /sys dossier

C.

tmsh list /sys registration-key

D.

tmsh install /sys license registration-key

Full Access
Question # 23

-- Exhibit –

-- Exhibit --

Refer to the exhibit.

An LTM Specialist configures a virtual server to load balance to a pool of FTP servers. File transfers are failing. The virtual server is configured as follows:

ltm virtual ftp_vs {

destination 10.10.1.103:ftp

ip-protocol tcp

mask 255.255.255.255

pool ftp_pool

profiles {

tcp { }

}

vlans-disabled

}

Which change will resolve the problem?

A.

Add an FTP monitor to the pool.

B.

Add an FTP profile to the virtual server.

C.

Enable loose initiation in the TCP profile.

D.

Increase the TCP timeout value in the TCP profile.

Full Access
Question # 24

-- Exhibit –

-- Exhibit --

Refer to the exhibit.

An LTM Specialist has a virtual server set up on the LTM device as per the exhibit. The LTM Specialist receives reports of intermittent issues. Some clients are connecting fine while others are failing to connect.

The LTM Specialist does a tcpdump on the relevant interfaces, with the following results extracted:

What is causing the intermittent issues?

A.

The firewall is dropping the packets from WS1.

B.

The default gateway is inaccessible from WS1.

C.

The load balancing (LB) method is inappropriate.

D.

The pool members have been set up as an active/standby pair, with WS1 as the standby.

Full Access
Question # 25

An LTM Specialist has installed a hotfix that updated the SCCP firmware package.

Which command will ensure that the host subsystem and SCCP reboot?

A.

reboot

B.

full_box_reboot

C.

shutdown -r now

D.

The reboot should be initiated via the HTTPS administration GUI.

Full Access
Question # 26

An LTM Specialist is troubleshooting a problem on an eCommerce website. The user browses the online store using port 80, adding items to the shopping cart. The user then clicks the "Checkout" button on the site, which redirects the user to port 443 for the checkout process. Suddenly, the user's shopping cart is shown as empty. The shopping cart data is stored in memory on the server, and the default source address persistence profile is used on both virtual servers.

How should the LTM Specialist resolve this issue?

A.

Add an HTTP profile to both virtual servers.

B.

Enable SNAT Automap on both virtual servers.

C.

Create a custom persistence profile and enable "Map Proxies."

D.

Create a custom persistence profile and enable "Match Across Services."

Full Access
Question # 27

An IT administrator wants to log which server is being load balanced to by a user with IP address 10.10.10.25.

Which iRule should the LTM Specialist use to fulfill the request?

A.

when SERVER_CONNECTED {

if { [IP::addr [IP::remote_addr]] equals 10.10.10.25]} {

log local0. "client 10.10.10.25 connected to pool member [IP::addr [LB::server addr]]" }

}

B.

when CLIENT_ACCEPTED {

if { [IP::addr [clientside [IP::remote_addr]] equals 10.10.10.25]} {

log local0. "client 10.10.10.25 connected to pool member [IP::addr [LB::server addr]]" }

}

C.

when SERVER_CONNECTED {

if { [IP::addr [clientside [IP::remote_addr]] equals 10.10.10.25]} {

log local0. "client 10.10.10.25 connected to pool member [IP::addr [LB::server addr]]" }

}

D.

when CLIENT_ACCEPTED {

if { [IP::addr [IP::remote_addr] equals 10.10.10.25]} {

log local0. "client 10.10.10.25 connected to pool member [IP::addr [LB::server addr]]" }

}

Full Access
Question # 28

-- Exhibit –

-- Exhibit --

Refer to the exhibit.

An LTM Specialist has created a virtual server to load balance traffic to a pool of HTTPS servers. The servers use client certificates for user authentication. The virtual server has clientssl, serverssl, and http profiles enabled. Clients are unable to connect to the application through the virtual server. Clients are able to connect to the application servers directly.

What is the root cause of the problem?

A.

The application server does NOT support 2048-bit keys.

B.

The clientssl profile is NOT set to require a client certificate.

C.

The LTM device does NOT trust the issuing CA of the client certificate.

D.

The application server does NOT see the client certificate due to SSL offload.

Full Access
Question # 29

A web application requires the client to provide the destination server and service identification.

Which HTTP header will supply this information?

A.

Host

B.

From

C.

Expect

D.

Connection

Full Access
Question # 30

Which command will identify the active LTM device currently handling client traffic?

A.

b ha table show

B.

tmsh list /sys ha-status

C.

tmsh show /cm traffic-group

D.

tmsh run /sys failover standby

E.

tmsh show /sys ha-status all-properties

Full Access
Question # 31

The LTM device is configured for RADIUS authentication. Remote logins are failing and the LTM Specialist must verify the RADIUS configuration.

How should the LTM Specialist check the RADIUS server and shared secret configured on the LTM device?

A.

tmsh show running-config /auth radius

B.

tmsh show running-config /sys auth radius

C.

tmsh show running-config /auth configuration

D.

tmsh show running-config /sys auth radius-server

Full Access