Professional Documents
Culture Documents
239q
Number: 101
Passing Score: 800
Time Limit: 120 min
https://www.gratisexam.com/
101
https://gratisexam.com/
Exam A
QUESTION 1
The Policy Builder benefits include:.
https://www.gratisexam.com/
Correct Answer: C
Section: (none)
Explanation
Explanation/Reference:
Explanation:
QUESTION 2
APM administrators can configure access policies granting users which two types of access?
A. CIFS access
B. Client/server access
C. Web application access
D. Proxy access
E. RDC access
Correct Answer: D
Section: (none)
Explanation
Explanation/Reference:
Explanation:
https://gratisexam.com/
QUESTION 3
The BIG-IP determines the lowest connection speed between the client and the server and then uses that for both connections.
A. True
B. False
Correct Answer: B
Section: (none)
Explanation
Explanation/Reference:
Explanation:
QUESTION 4
Another name for the F5 OneConnect feature is TCP multiplexing.
A. True
B. False
Correct Answer: A
Section: (none)
Explanation
Explanation/Reference:
Explanation:
QUESTION 5
LTM runs on______F5's proprietary product platform. (Fill in the correct answer)
A. ARX
B. Firepass
C. Acopia
D. TMOS
Correct Answer: D
Section: (none)
Explanation
Explanation/Reference:
https://gratisexam.com/
Explanation:
QUESTION 6
Which programming language is the basis for F5 iRules?
A. Lisp
B. C++
C. Java
D. TCL
E. AWK
Correct Answer: D
Section: (none)
Explanation
Explanation/Reference:
Explanation:
QUESTION 7
What are the two most common methods of placing a BIG-IP device into a network environment? (Choose two.)
A. Channeled configuration
B. VLAN configuration
C. NAT configuration
D. SNAT configuration
E. Asymmetric configuration
F. Routed configuration
Correct Answer: DF
Section: (none)
Explanation
Explanation/Reference:
Explanation:
QUESTION 8
Which of the following is NOT a benefit of using SSL offload?
https://gratisexam.com/
B. It enables LTM to decrypt traffic, examine the payload, and then re-encrypt before sending it to a pool member.
C. The organization requires far less SSL certificates.
D. The CPU processing load on backend servers is reduced.
E. It enables iRules to be used on traffic arriving to LTM that is encrypted.
Correct Answer: A
Section: (none)
Explanation
Explanation/Reference:
Explanation:
SSL offload:
It enables LTM to decrypt traffic, examine the payload, and then re-encrypt before sending it to a pool member.
The organization requires far less SSL certificates.
The CPU processing load on backend servers is reduced.
It enables iRules to be used on traffic arriving to LTM that is encrypted.
QUESTION 9
When using a routed configuration, the real server must point to the LTM as the ________.
https://www.gratisexam.com/
A. NTP Server
B. DNS Server
C. Virtual IP
D. WINS server
E. Default gateway
Correct Answer: E
Section: (none)
Explanation
Explanation/Reference:
Explanation:
https://gratisexam.com/
QUESTION 10
TCP Express is licensed separately from LTM
A. True
B. False
Correct Answer: B
Section: (none)
Explanation
Explanation/Reference:
Explanation:
QUESTION 11
LTM can only load balance outbound traffic by using iRules
A. True
B. False
Correct Answer: A
Section: (none)
Explanation
Explanation/Reference:
Explanation:
QUESTION 12
Using IP Geolocation, an organization can always direct a client request from France to a datacenter in Dublin.
A. True
B. False
Correct Answer: A
Section: (none)
Explanation
Explanation/Reference:
https://gratisexam.com/
Explanation:
QUESTION 13
Which three of these software modules can you layer on top of LTM on a BIG-IP device? (Choose three.)
A. Web Accelerator
B. APM
C. ARX
D. GTM
E. Firepass
F. Enterprise Manager
Explanation/Reference:
Explanation:
These software modules can you layer on top of LTM on a BIG-IP device are AAM, APM and GTM.
QUESTION 14
Customers can purchase LTM as a stand-alone product, or layer it with additional software modules to increase the functionality of the BIG-IP device.
A. True
B. False
Correct Answer: A
Section: (none)
Explanation
Explanation/Reference:
Explanation:
QUESTION 15
The least connections load balancing method functions best when all pool members share similar characteristics.
A. True
B. False
https://gratisexam.com/
Correct Answer: A
Section: (none)
Explanation
Explanation/Reference:
Explanation:
QUESTION 16
FILL BLANK
The layer 3 security feature _______ Cookies that protects against SYN floods, DoS, and DDoS attacks. (Fill in)
Explanation/Reference:
QUESTION 17
A top-level DNS zone uses a CNAME record to point to a sub-zone. Which of the following is an example of a sub-zone?
A. www.F5.com/sub
B. www.F5.com
C. www.gslb.F5.com
D. .com
E. f5.com
Correct Answer: C
Section: (none)
Explanation
Explanation/Reference:
Explanation:
QUESTION 18
FILL BLANK
https://gratisexam.com/
Correct Answer: Wide IP
Section: (none)
Explanation
Explanation/Reference:
QUESTION 19
Which three of the following must be done in order for GTM to properly communicate LTM? (Choose three.)
https://www.gratisexam.com/
Explanation/Reference:
Explanation:
https://gratisexam.com/
communicate through this port.
QUESTION 20
DNSSEC is a GTM add-on licensing feature.
A. True
B. False
Correct Answer: A
Section: (none)
Explanation
Explanation/Reference:
Explanation:
QUESTION 21
FILL BLANK
GTM uses the F5 ___________ protocol to synchronize performance metrics between GTM devices. (Fill in)
Explanation/Reference:
QUESTION 22
Which four of the monitoring methods listed below can GTM use to determine the status and performance of BIG-IP and servers? (Choose four.)
A. ping
B. Application monitors
C. Inband monitors
D. SSH
E. iQuery
F. SNMP
https://gratisexam.com/
Explanation
Explanation/Reference:
Explanation:
http://support.f5.com/kb/en-us/products/big-ip_gtm/manuals/product/gtm-concepts-11-30/1.html
Configuring
GTM to determine packet gateway health and availability
http://support.f5.com/kb/en-us/products/big-ip_gtm/manuals/product/gtm-implementations11-5-0/9.html
sol13690:
Troubleshooting BIG-IP GTM synchronization and iQuery connections (11.x)
http://support.f5.com/kb/en-us/solutions/public/13000/600/sol13690.html
QUESTION 23
What happens when the data center that GTM recommends for a client is unavailable?
Correct Answer: C
Section: (none)
Explanation
Explanation/Reference:
Explanation:
QUESTION 24
GTM can load balance to LTM in addition to non-BIG-IP hosts.
A. True
B. False
Correct Answer: A
Section: (none)
Explanation
Explanation/Reference:
https://gratisexam.com/
QUESTION 25
Which of the following is NOT included on the F5 DevCentral site?
Correct Answer: A
Section: (none)
Explanation
Explanation/Reference:
Explanation:
QUESTION 26
If LTM uses the least connections load balancing method, which pool member in the following diagram receives the next request?
https://gratisexam.com/
A. A
B. B
C. C
D. D
Correct Answer: B
Section: (none)
Explanation
Explanation/Reference:
Explanation:
QUESTION 27
https://gratisexam.com/
Why does deploying LTM into an existing network immediately improve security?
Correct Answer: C
Section: (none)
Explanation
Explanation/Reference:
Explanation:
QUESTION 28
You can use an HTTP class profile to forward traffic that matches which three of these types of criteria? (Choose three.)
A. Port
B. HTTP header
C. URI path
D. User name
E. Protocol
F. Host name
Explanation/Reference:
Explanation:
QUESTION 29
When an optimized TCP connection exists between LTM and the pool member, LTM can accept server responses faster than the client. What is the name of this
feature?
A. HTTP caching
B. OneConnect
https://gratisexam.com/
C. TCP connection queuing
D. Content spooling
E. Priority activation
Correct Answer: D
Section: (none)
Explanation
Explanation/Reference:
Explanation:
QUESTION 30
As a full TCP proxy, LTM acts as the termination point for both requests from the client and responses from the server.
A. True
B. False
Correct Answer: A
Section: (none)
Explanation
Explanation/Reference:
Explanation:
QUESTION 31
FastCache will NOT work with compressed objects.
A. True
B. False
Correct Answer: A
Section: (none)
Explanation
Explanation/Reference:
Explanation:
QUESTION 32
Which of the following can be accomplished using iRules?
https://gratisexam.com/
A. Track inbound and outbound traffic
B. Perform deep packet inspection
C. Inspect traffic and drop it
D. All of the above
E. Intercept traffic and redirect it
Correct Answer: D
Section: (none)
Explanation
Explanation/Reference:
Explanation:
QUESTION 33
GTM uses Auto Discovery to add virtual servers from both LTM and non-BIG-IP load balancers.
A. True
B. False
Correct Answer: B
Section: (none)
Explanation
Explanation/Reference:
Explanation:
QUESTION 34
Similar to LTM monitors, GTM monitors use both an Interval and a Timeout value.
A. True
B. False
Correct Answer: A
Section: (none)
Explanation
Explanation/Reference:
Explanation:
https://gratisexam.com/
QUESTION 35
Since F5 built GTM on the TMOS platform it can exist on the same BIGIP device as LTM:
A. True
B. False
Correct Answer: A
Section: (none)
Explanation
Explanation/Reference:
Explanation:
QUESTION 36
An administrator is adding GTM to the network infrastructure. Which of the following requirements would lead them to select an Authoritative Screening architecture
rather than Delegation?
Correct Answer: C
Section: (none)
Explanation
Explanation/Reference:
Explanation:
QUESTION 37
The BIG-IP full proxy architecture has full visibility from the client to the server and from the server to the client.
What security benefit does this provide to customers?
A. Offloads security functionality from other devices such as network firewalls and Intrusion Prevention Systems (IPS), which may experience performance
degradation when inspecting DNS queries and responses.
B. provides enhanced support for DNS servers.
C. Establishes highly detailed policies based on your customer's business in requirements, performs multiple factors of authentication, detects corporate versus
non-corporate devices, checks OS patch levels, and determines antivirus patch levels.
D. Provides industry-leading knowledge of application behavior as it travels through a network, and it applies that knowledge to security because it knows how an
https://gratisexam.com/
application behaves at any point in the reply request process
Correct Answer: D
Section: (none)
Explanation
Explanation/Reference:
Explanation:
QUESTION 38
Select the key reasons F5 is able to handle DNS DDoS attacks so effectively? Select two.
Correct Answer: CE
Section: (none)
Explanation
Explanation/Reference:
Explanation:
QUESTION 39
If a customer has an application that uses a customized protocol, what LTM feature can help optimize the traffic from the application?
A. iRules
https://www.gratisexam.com/
https://gratisexam.com/
E. Transparent virtual servers
Correct Answer: A
Section: (none)
Explanation
Explanation/Reference:
Explanation:
QUESTION 40
An LTM object represents a downstream server that hosts a secure Web site and contains the IP address and port combination 192.168.9.250:443. What is this
object?
A. Self IP
B. Virtual Server
C. Pool
D. Node
E. Pool Member
Correct Answer: E
Section: (none)
Explanation
Explanation/Reference:
Explanation:
QUESTION 41
Adding more RAM to a GTM device drastically improves query performance.
A. True
B. False
Correct Answer: B
Section: (none)
Explanation
Explanation/Reference:
Explanation:
https://gratisexam.com/
QUESTION 42
Which of the following are four of the security benefits of TMOS? (Choose four.)
Explanation/Reference:
Explanation:
QUESTION 43
The LTM "Manager" authentication role can create iRules.
A. True
B. False
Correct Answer: A
Section: (none)
Explanation
Explanation/Reference:
Explanation:
QUESTION 44
Which of the following statements about cookie persistence is NOT true?
https://gratisexam.com/
Correct Answer: D
Section: (none)
Explanation
Explanation/Reference:
Explanation:
QUESTION 45
An LTM object that represents a downstream server contains the IP address 192.168.9.250 and no port. What is this object?
A. Pool member
B. Virtual server
C. Pool
D. Self IP
E. Node
Correct Answer: E
Section: (none)
Explanation
Explanation/Reference:
Explanation:
QUESTION 46
Which three of the metrics listed below can GTM use when making load balancing decisions for a client? (Choose three.)
A. TCP payload
B. IP geolocation
C. Hop count
D. Round trip time
E. Browser user agent
Explanation/Reference:
Explanation:
https://gratisexam.com/
QUESTION 47
In order to improve GTM performance, administrators should use multiple complex monitors to ensure resources are functioning properly:
A. True
B. False
Correct Answer: B
Section: (none)
Explanation
Explanation/Reference:
Explanation:
QUESTION 48
Which three of the following are unique differentiators for F5 in the marketplace? (Choose three.)
A. VLANs
B. Load-balancing pools
C. Secure remote access
D. TMOS
E. OneConnect
F. iRules
Explanation/Reference:
Explanation:
QUESTION 49
Which three of these file types work well with HTTP compression? (Choose three.)
A. MP4 videos
B. Digital photos
C. Text files
D. Static HTML Web pages
https://gratisexam.com/
E. CD quality songs
F. Microsoft Word documents
Explanation/Reference:
Explanation:
QUESTION 50
Which two of the following LTM load balancing methods require the least amount of resources? (Choose two.)
A. Round robin
B. Ratio
C. Observed
D. Fastest
E. Predictive
F. Least connections
Correct Answer: AB
Section: (none)
Explanation
Explanation/Reference:
Explanation:
QUESTION 51
When using a redundant pair of LTMs, it is most advantageous to use them in an Active/Active scenario because this provides additional load balancing
capabilities.
A. True
B. False
Correct Answer: B
Section: (none)
Explanation
Explanation/Reference:
https://gratisexam.com/
Explanation:
QUESTION 52
Which of the following are four of the benefits of the TMOS architecture? (Choose four.)
A. User authentication
B. Server-side optimization
C. Dynamic DDoS protection
D. Web application security
E. Client-side optimization
F. Antivirus checking
Explanation/Reference:
Explanation:
QUESTION 53
In order to further accelerate applications, the external router can direct subsequent client traffic to bypass LTM and communicate directly with the server.
A. True
B. False
Correct Answer: B
Section: (none)
Explanation
Explanation/Reference:
QUESTION 54
FILL BLANK
LTM runs on________F5's proprietary product platform. (Fill in the correct answer)
https://gratisexam.com/
Explanation
Explanation/Reference:
QUESTION 55
When using only LTM in redundant pairs, a customer can load balance to multiple data centers.
A. True
B. False
Correct Answer: B
Section: (none)
Explanation
Explanation/Reference:
Explanation:
QUESTION 56
Application templates save the time it typically takes to create nodes, pools, pool members, virtual servers, and monitors.
A. True
B. False
Correct Answer: A
Section: (none)
Explanation
Explanation/Reference:
Explanation:
QUESTION 57
Which of the following TMOS feature enables BIG-IP to scale performance based to the available CPU cores?
A. Clustered multi-processing
B. OneConnect
C. HTTP class
D. Session persistence
E. Auto Last Hop
https://gratisexam.com/
Correct Answer: A
Section: (none)
Explanation
Explanation/Reference:
Explanation:
QUESTION 58
If the BIG-IP device is NOT always located between the client and the server, it will NOT provide full optimization and security.
https://www.gratisexam.com/
A. True
B. False
Correct Answer: A
Section: (none)
Explanation
Explanation/Reference:
Explanation:
QUESTION 59
TCP Express enables LTM to use different TCP settings for the connection between the client and LTM, and the connection between LTM and the pool member.
A. True
B. False
Correct Answer: A
Section: (none)
Explanation
Explanation/Reference:
Explanation:
https://gratisexam.com/
QUESTION 60
Where do you configure GTM client persistence?
Case Study Title (Case Study):
Correct Answer: B
Section: (none)
Explanation
Explanation/Reference:
Explanation:
QUESTION 61
Over the years, F5 has led the industry in which of the four following areas? (Choose three.)
A. Security
B. Acceleration
C. Application availability
D. Application scalability
E. Application design
F. Remote access
Explanation/Reference:
Explanation:
QUESTION 62
Which of the following is NOT a method that TMOS uses to improve the performance of applications?
https://gratisexam.com/
B. Optimizing the TCP connection between the client and the BIG-IP device
C. Offloading SSL decryption from downstream servers
D. Discarding unnecessary data from server responses before sending to the client
E. Compressing HTTP data
Correct Answer: D
Section: (none)
Explanation
Explanation/Reference:
Explanation:
QUESTION 63
The drawback to having BIG-IP act as a full application proxy is the decrease in application performance.
A. True
B. False
Correct Answer: B
Section: (none)
Explanation
Explanation/Reference:
Explanation:
QUESTION 64
The Policy Builder benefits include:
Correct Answer: C
Section: (none)
Explanation
Explanation/Reference:
Explanation:
https://gratisexam.com/
QUESTION 65
Information leakage is a major obstacle to achieving PCI DSS compliance.
A. True
B. False
Correct Answer: A
Section: (none)
Explanation
Explanation/Reference:
Explanation:
QUESTION 66
Requests that do not meet the ASM security policies can:
Correct Answer: C
Section: (none)
Explanation
Explanation/Reference:
Explanation:
QUESTION 67
What is NOT a benefit of using a SNAT?
Correct Answer: D
Section: (none)
https://gratisexam.com/
Explanation
Explanation/Reference:
Explanation:
QUESTION 68
The PCI compliance report is proof that a company is secure.
A. True
B. False
Correct Answer: B
Section: (none)
Explanation
Explanation/Reference:
Explanation:
QUESTION 69
ASM offers the most extensive, effective, and simplest to configure CSRF protection in the WAF market.
A. True
B. False
Correct Answer: A
Section: (none)
Explanation
Explanation/Reference:
Explanation:
QUESTION 70
The APM Dashboard enables administrators to monitor which two of these metrics? (Choose two.)
https://gratisexam.com/
Correct Answer: AB
Section: (none)
Explanation
Explanation/Reference:
Explanation:
QUESTION 71
Although APM can interoperate with LTM, it is unable to use iRules for advanced processing.
A. True
B. false
Correct Answer: B
Section: (none)
Explanation
Explanation/Reference:
Explanation:
QUESTION 72
APM provides access control lists at which two 051 layers
A. Layer 6
B. Layer 5
C. Layer 7
D. Layer 4
E. Layer 3
F. Layer 2
Correct Answer: CD
Section: (none)
Explanation
Explanation/Reference:
Explanation:
QUESTION 73
Which of the following statements about Web server offload is NOT true?
https://gratisexam.com/
A. It performs rate shaping to reduce overflow.
B. It forces the client browser to use multiple connections streams.
C. It uses OneConnect to reduce multiple TCP connections.
D. It utilizes cached content to prevent unnecessary trips for the same content.
E. It uses specialized hardware for SSL offload.
Correct Answer: B
Section: (none)
Explanation
Explanation/Reference:
Explanation:
QUESTION 74
A network administrator tells you that they do NOT need WebAccelerator because their Web application is fine. What is your best response?
Correct Answer: D
Section: (none)
Explanation
Explanation/Reference:
Explanation:
QUESTION 75
When sizing a WebAccelerator deployment, you should base the WA capacity on the LTMcapacity.
A. True
B. False
Correct Answer: B
Section: (none)
Explanation
https://gratisexam.com/
Explanation/Reference:
Explanation:
QUESTION 76
IP Enforcer blocks IP addresses that have repeatedly and regularly attacked the site.
A. True
B. False
Correct Answer: A
Section: (none)
Explanation
Explanation/Reference:
Explanation:
QUESTION 77
One reason APM beats the competition is its ability to perform both user authentication and authorization on a single device.
A. True
B. False
Correct Answer: A
Section: (none)
Explanation
Explanation/Reference:
Explanation:
QUESTION 78
Which three of these scenarios should you identify as being an APM opportunity? (Choose three.)
https://gratisexam.com/
Correct Answer: BCE
Section: (none)
Explanation
Explanation/Reference:
Explanation:
QUESTION 79
Poor Web application performance contributes to which four of these issues for businesses? (Choose four.)
Explanation/Reference:
Explanation:
QUESTION 80
Organizations are moving towards a cloud solution are good candidates for F5 WOM solutions.
A. True
B. False
Correct Answer: A
Section: (none)
Explanation
Explanation/Reference:
Explanation:
QUESTION 81
The administrator must specify APM access control entries as either L4 or L7.
https://gratisexam.com/
https://www.gratisexam.com/
A. True
B. False
Correct Answer: B
Section: (none)
Explanation
Explanation/Reference:
Explanation:
QUESTION 82
Administrators can customize APM to resemble other internal Web applications in the organization.
A. True
B. False
Correct Answer: A
Section: (none)
Explanation
Explanation/Reference:
Explanation:
QUESTION 83
The main drawback to using an APM Deployment Wizard is that it is not possible to edit the resulting objects, including the access policy.
A. True
B. False
Correct Answer: B
Section: (none)
Explanation
https://gratisexam.com/
Explanation/Reference:
Explanation:
QUESTION 84
Mobile device browsers typically display Web pages more slowly than PC browsers.
A. True
B. False
Correct Answer: A
Section: (none)
Explanation
Explanation/Reference:
Explanation:
QUESTION 85
Which two of the following factors are often responsible for poor Web application performance? (Choose two.)
Correct Answer: BD
Section: (none)
Explanation
Explanation/Reference:
Explanation:
QUESTION 86
ASM can detect Layer 7 DoS attacks by which four ways of monitoring: (Choose four.)
A. Monitoring for a threshold of increased number of transactions per second per URL.
B. Monitoring for a % change in transactions per second per URL.
C. Monitoring for a % change in server latency or TPS.
D. Monitoring for a threshold of increased server latency or TPS.
https://gratisexam.com/
E. Monitoring ASM policy builder performance.
F. Monitoring BIG-IP CPU utilization.
G. Deep Packet inspection.
Explanation/Reference:
Explanation:
QUESTION 87
Application trends and drivers that increase the need for application security are:
A. Intelligent Browsers
B. Webification
C. Targeted attacks
D. All the above
Correct Answer: D
Section: (none)
Explanation
Explanation/Reference:
QUESTION 88
The Rapid Deployment Policy is used to:
Correct Answer: B
Section: (none)
Explanation
Explanation/Reference:
https://gratisexam.com/
Explanation:
QUESTION 89
When using a single BIG-IP with APM, an organization can support up to 60,000 concurrent remote access users.
A. True
B. False
Correct Answer: A
Section: (none)
Explanation
Explanation/Reference:
Explanation:
QUESTION 90
An F5 customer must install WebAccelerator on top of LTM:
A. True
B. False
Correct Answer: B
Section: (none)
Explanation
Explanation/Reference:
Explanation:
QUESTION 91
Which WOM feature replaces a long byte pattern, such as "100000111000110101", with a shorter reference to the pattern?
Correct Answer: B
Section: (none)
https://gratisexam.com/
Explanation
Explanation/Reference:
Explanation:
QUESTION 92
In order to ensure that a specific file type is never moved down to a secondary file tier, the administrator should:
Correct Answer: C
Section: (none)
Explanation
Explanation/Reference:
Explanation:
QUESTION 93
How does the ARX eliminate the disruption caused by re-provisioning storage?
A. By identifying data that has not been modified and moving it to a secondary tier.
B. By reducing the time necessary to run a complete backup.
C. By allowing system administrators to apply policy to specific types data.
D. By automating capacity balancing and allowing seamless introduction of file systems into the environment after the ARX is installed.
Correct Answer: D
Section: (none)
Explanation
Explanation/Reference:
Explanation:
QUESTION 94
Which of the following statements is true about ARX's capacity balancing ability?
A. When new files are created, the ARX can determine in real time where to place each file based on the available space on each storage device
https://gratisexam.com/
B. When configuring the ARX, customers can choose to implement either an age-based policy or a capacity based policy, but are not able to run both policies at
the same time
C. All files created at approximately the same time (within 10 minutes) will be stored on the same tier of storage to minimize latency and improve the user
experience
D. The ARX balances capacity within tiers A storage, but cannot balance capacity across tiers of storage
Correct Answer: A
Section: (none)
Explanation
Explanation/Reference:
Explanation:
QUESTION 95
The Device Inventory option in Enterprise Manager can replace an organization's static Excel spreadsheet containing similar data.
A. True
B. False
Correct Answer: A
Section: (none)
Explanation
Explanation/Reference:
Explanation:
QUESTION 96
The ARX is like a mini network manager. It is able to check the health of the environment and can raise alerts when thresholds are reached.
A. True
B. False
Correct Answer: A
Section: (none)
Explanation
Explanation/Reference:
Explanation:
QUESTION 97
https://gratisexam.com/
Which two of the following are costs businesses may face in dealing with unstructured data? (Choose two.)
Correct Answer: BC
Section: (none)
Explanation
Explanation/Reference:
Explanation:
QUESTION 98
DRAG DROP
Place the following items in the order that the BIG-IP device uses when processing a packet.
https://www.gratisexam.com/
https://gratisexam.com/
Correct Answer:
https://gratisexam.com/
Section: (none)
Explanation
Explanation/Reference:
https://gratisexam.com/
QUESTION 99
In the current version of BIG-IP, what happens if the GTM does not find a wide IP that matches the DNS request?
Correct Answer: E
Section: (none)
Explanation
Explanation/Reference:
Explanation:
QUESTION 100
Using IP Geolocation, an organization can always direct a client request from France to a data enter in Dublin.
A. True
B. False
Correct Answer: A
Section: (none)
Explanation
Explanation/Reference:
Explanation:
QUESTION 101
In most cases, F5 recommends using round robin load balancing.
A. True
B. False
Correct Answer: B
Section: (none)
Explanation
https://gratisexam.com/
Explanation/Reference:
Explanation:
Using round robin load balancing is recommended when Server is not so strong and using easy WebApplication.
QUESTION 102
Which three of the following statements describe a data center object?
Correct Answer: BC
Section: (none)
Explanation
Explanation/Reference:
Explanation:
QUESTION 103
Which three are GTM server dynamic load balancing modes? (Choose three.)
A. Packet Rate
B. Virtual Server Score
C. CPU
D. Fallback IP
E. Ratio
Explanation/Reference:
Explanation:
The Global Traffic Manager supports the following dynamic load balancing modes:
https://gratisexam.com/
Completion Rate
CPU
Hops
Kilobytes/Second
Least Connections
Packet Rate
Quality of Service (QoS)
Round Trip Times (RTT)
Virtual Server Score
VS Capacity
QUESTION 104
Which four are GTM server static load balancing modes? (Choose four.)
A. Return to DNS
B. CPU
C. Packet Rate
D. Drop Packet
E. Round Robin
F. Static Persist
Explanation/Reference:
Explanation:
Global Traffic Manager supports the following static load balancing modes:
Drop Packet
Fallback IP
Global Availability
None
Ratio
Return to DNS
Round Robin
Static Persist
Topology
QUESTION 105
The F5 Application Delivery Firewall has the ability to outperform traditional and next generation firewalls during DDoS attacks by leveraging the performance and
https://gratisexam.com/
scalability of BIG-IP to hand extremely high loads, including high throughput, high connection count, and high number of connections per second.
A. True
B. False
Correct Answer: A
Section: (none)
Explanation
Explanation/Reference:
Explanation:
QUESTION 106
What is the main cause of high latency in a Web application?
Correct Answer: B
Section: (none)
Explanation
Explanation/Reference:
Explanation:
QUESTION 107
DRAG DROP
https://gratisexam.com/
Correct Answer:
https://gratisexam.com/
Section: (none)
Explanation
Explanation/Reference:
Explanation:
QUESTION 108
Network Security personnel are entirely responsible for web application security.
A. True
B. False
Correct Answer: B
Section: (none)
Explanation
Explanation/Reference:
Explanation:
https://gratisexam.com/
QUESTION 109
ASM Geolocation reporting provides information regarding:
Correct Answer: D
Section: (none)
Explanation
Explanation/Reference:
Explanation:
QUESTION 110
The Protected Workspace client-side action provides more client-side security than the Cache and Session Control action.
A. True
B. False
Correct Answer: A
Section: (none)
Explanation
Explanation/Reference:
Explanation:
QUESTION 111
Which of the following is NOT a logging option within an APM access control entry?
A. Packet
B. Verbose
C. Nominal
D. Summary
E. None
Correct Answer: C
https://gratisexam.com/
Section: (none)
Explanation
Explanation/Reference:
Explanation:
QUESTION 112
Administrators can specify an APM access profile when defining a virtual server in LTM.
A. True
B. False
Correct Answer: A
Section: (none)
Explanation
Explanation/Reference:
Explanation:
QUESTION 113
ASM provides antivirus protection by:
A. Extracting files being uploaded and sending them to an AV system via ICAP
B. Running a local antivirus program on the BIG-IP
C. None of the above
D. Using IP Penalty enforcement to block requests from hackers IPs
Correct Answer: A
Section: (none)
Explanation
Explanation/Reference:
Explanation:
https://gratisexam.com/
QUESTION 114
APM can verify which four of the following details before granting a user access to a resource? (Choose four.)
Explanation/Reference:
Explanation:
QUESTION 115
Which four of these benefits does APM provide? (Choose four.)
https://gratisexam.com/
Explanation/Reference:
Explanation:
QUESTION 116
Which four of these statements regarding object size and WebAccelerator performance are true? (Choose four.)
Explanation/Reference:
Explanation:
QUESTION 117
An administrator is planning on solving latency issues by placing the backup data center in a neighboring city to the primary data center. Why isn't this effective
solution?
Correct Answer: A
Section: (none)
Explanation
Explanation/Reference:
Explanation:
It does not provide an acceptable disaster recovery solution, it is too close in proximity
https://gratisexam.com/
QUESTION 118
Which item is NOT a function of a properly deployed and configured ASM?
A. Detects attacks
B. Stops hackers from attacking
C. Provides protection visibility
D. Provides security agility
Correct Answer: B
Section: (none)
Explanation
Explanation/Reference:
Explanation:
QUESTION 119
Learning suggestions can be the result of:
A. A false positive
B. A malicious attack
C. A change in the web site content
D. All the above
Correct Answer: D
Section: (none)
Explanation
Explanation/Reference:
Explanation:
QUESTION 120
Brute force protection will:
https://www.gratisexam.com/
https://gratisexam.com/
A. Block a user after a specified number, unsuccessful login attempts
B. Block a user after a specified number of page requests are attempted
C. None of the above
D. Block a user from downloading too much content from the site
Correct Answer: A
Section: (none)
Explanation
Explanation/Reference:
Explanation:
QUESTION 121
What technology does ARX use to create a logical abstraction of the physical storage environment?
A. Data de-duplication
B. File virtualization
C. Server virtualization
D. SSL encryption
Correct Answer: B
Section: (none)
Explanation
Explanation/Reference:
Explanation:
QUESTION 122
A customer says his business wouldn't benefit from buying ARX because it already has block based storage virtualization in place. Is he right? Why or why not?
A. Yes. Block based storage virtualization is just another name for file virtualization.
B. No. ARX allows customers to implement storage tiering benefits, but block based storage virtualization does not.
C. Yes. Block based storage virtualization offers the same functionality as ARX's file virtualization, although it uses slightly different technology.
D. No. Both technologies attempt to solve similar problems, but only the ARX allows the customer to have visibility into their data and apply business policy at the
file level. Block based virtualization has no visibility into the type of data.
Correct Answer: D
https://gratisexam.com/
Section: (none)
Explanation
Explanation/Reference:
Explanation:
QUESTION 123
Select F5 platforms have which three certifications? (Choose three.)
A. FIPS
B. SECG
C. NEBS
D. IEEE
E. Common Criteria
F. AFSSI
Explanation/Reference:
Explanation:
QUESTION 124
The ARX can see ________ when a data modification takes place and will cue that file to be migrated back to the primary tier.
A. In real time
B. Nightly
C. Weekly
D. At the time of a system scan
E. When scheduled by administrator
Correct Answer: A
Section: (none)
Explanation
Explanation/Reference:
Explanation:
https://gratisexam.com/
QUESTION 125
ARX can classify data based on all of the following EXCEPT:
A. Paths
B. File Size
C. Extensions
D. Security Level
E. File Name
Correct Answer: D
Section: (none)
Explanation
Explanation/Reference:
Explanation:
QUESTION 126
For a typical business, what percentage of data does the ARX usually move to a secondary tier?
A. 20-30%
B. 50-60%
C. 80-90%
D. 0-10%
Correct Answer: C
Section: (none)
Explanation
Explanation/Reference:
Explanation:
QUESTION 127
It is common for free storage space to exist somewhere in a business network that is not easy for storage administrators to utilize. What solution can the ARX
provide in this situation?
A. The ARX identifies the exact location of the free storage, which allows network administrators to target those locations when provisioning additional storage.
B. The ARX extends the capacity of each server by 10-15, through intelligent file virtualization.
C. The ARX uses the extra storage for transaction logs and index files.
https://gratisexam.com/
D. The ARX allows the customer to pool storage from anywhere within the enterprise and capacity balance the overflow across devices.
Correct Answer: D
Section: (none)
Explanation
Explanation/Reference:
Explanation:
QUESTION 128
What is the main business driver for bringing Enterprise Manager into the network infrastructure?
Correct Answer: D
Section: (none)
Explanation
Explanation/Reference:
Explanation:
QUESTION 129
ARX will detect any modification to a file on the second tier because all clients are being _______ by the ARX to get to the storage.
A. Moved
B. Copied
C. Proxied
D. Backed up
E. Deleted
Correct Answer: C
Section: (none)
Explanation
Explanation/Reference:
https://gratisexam.com/
Explanation:
QUESTION 130
The ARX saves customers time, money and frustration through a stub-based system that makes a slight modification to each file in order to more efficiently sort
and store end user data.
A. True
B. False
Correct Answer: B
Section: (none)
Explanation
Explanation/Reference:
Explanation:
QUESTION 131
Which two of the following statements are accurate descriptions of the ARX index? (Choose two.)
A. The ARX index stores the bulk of its data as bit arrays and answers most questions by performing bitwise logical operations on these bitmaps.
B. The ARX index contains the index keys in sorted order, with the leaf level of the index containing the pointer to the page and the row number in the data page.
C. The ARX index is the key enabler of transparent data mobility because the ARX tracks where files reside at all times, from creation through migration and
deletion.
D. The ARX index is 100% disposable and can be rebuilt at any point in time without disrupting client or application access to data.
Correct Answer: BD
Section: (none)
Explanation
Explanation/Reference:
Explanation:
QUESTION 132
When installing LTM on different VIPRION performance blades, each instance of LTM needs to be licensed separately.
A. True
B. False
Correct Answer: B
https://gratisexam.com/
Section: (none)
Explanation
Explanation/Reference:
Explanation:
QUESTION 133
Which of the following business benefits does storage tiering offer to customers?
A. Reduces time for backups because data on the secondary tier can have a less time intensive backup policed applied to it.
B. All of the above.
C. Enables customers to apply a more aggressive RTO/RPO for business critical Tier-1 unstructured data.
D. Reduces money spent on storage since the majority of data can be moved to less expensive secondary tier storage.
Correct Answer: B
Section: (none)
Explanation
Explanation/Reference:
Explanation:
QUESTION 134
An age-based policy is set up on the ARX that retains only data modified in the last 3 months on tier 1 storage and moves the rest of the data to secondary storage.
What happens when the end user tries to access data that has not been touched in 6 months?
A. The end user is unaware that the data has been moved to secondary tier storage and is able to access the data without difficulty.
B. The networking mapping window appears, allowing the end user to re-establish direct access to the data even though it has been moved to secondary storage.
C. An error message appears saying "File is no longer unavailable."
D. A message appears explaining that the file has been archived, and a link to the new secondary storage tier location is provided.
Correct Answer: A
Section: (none)
Explanation
Explanation/Reference:
Explanation:
QUESTION 135
What percentage of storage in a typical environment is actively used and modified?
https://gratisexam.com/
A. 5%
B. 50%
C. 25%
D. 10%
E. 90%
Correct Answer: D
Section: (none)
Explanation
Explanation/Reference:
Explanation:
QUESTION 136
When using SNAT, which additional IP addresses will the BIG-IP system change? (Choose two.)
Correct Answer: BE
Section: (none)
Explanation
Explanation/Reference:
Explanation:
QUESTION 137
What feature of the F5 Exchange solution helps administrators to streamline implementation for added security and granular control?
A. iControl
B. Enterprise Manager
C. iApps
D. WebAccelerator
https://gratisexam.com/
Correct Answer: A
Section: (none)
Explanation
Explanation/Reference:
Explanation:
QUESTION 138
Select the key question you would use to ask your customer related to DNS attacks?
Correct Answer: D
Section: (none)
Explanation
Explanation/Reference:
Explanation:
QUESTION 139
If your customer has a policy requirement that cannot be handled in the Visual Policy Editor, what would you use to supplement the Visual Policy Editor?
A. iApps
B. TMOS
C. iControl
D. iRules
Correct Answer: D
Section: (none)
Explanation
Explanation/Reference:
Explanation:
QUESTION 140
https://gratisexam.com/
The F5 Visual Policy Editor (VPE) is unique to the F5 BIG-IP APM module; no other access management tool has this capability. Select the features that the VPE
provides. Select two.
Correct Answer: AD
Section: (none)
Explanation
Explanation/Reference:
Explanation:
QUESTION 141
Select the two best questions you would use to ask your customer about their current web access management solution. Select two.
Correct Answer: AF
Section: (none)
Explanation
Explanation/Reference:
Explanation:
QUESTION 142
Select the question you would ask your customer related to DNS attacks. Based on the material, choose the most appropriate question.
https://gratisexam.com/
C. Do you over-provision your DNS infrastructure?
D. Do you regularly update BIND or some other DNS application to the latest release?
Correct Answer: A
Section: (none)
Explanation
Explanation/Reference:
Explanation:
QUESTION 143
Why does the F5 Application Delivery Firewall solution mitigate SSL attacks more effectively than any other firewalls?
Correct Answer: B
Section: (none)
Explanation
Explanation/Reference:
Explanation:
QUESTION 144
A site wishes to perform source address translation on packets arriving from the Internet for clients sing some pools but not others. The determination is not based
on the client's IP address, but on the pool they are load balanced to. What could best accomplish this goal?
https://www.gratisexam.com/
A. A SNAT for all addresses could be defined, and then disable the SNAT processing for select pools.
B. The decision to perform source address translation is always based on VLAN. Thus, the goal cannot be achieved.
C. For each virtual server, regardless their default load balancing pools, association with SNAT pools could vary dependent upon need.
D. The decision to perform source address translation is always based on a client's address (or network). Thus, this goal cannot be achieved.
https://gratisexam.com/
Correct Answer: A
Section: (none)
Explanation
Explanation/Reference:
QUESTION 145
Which two statements are true about SNATs? (Choose two.)
Correct Answer: AC
Section: (none)
Explanation
Explanation/Reference:
QUESTION 146
Which parameters are set to the same value when a pair of BIG-IP devices are synchronized?
A. host names
B. system clocks
C. profile definitions
D. VLAN failsafe settings
E. MAC masquerade addresses
Correct Answer: C
Section: (none)
Explanation
Explanation/Reference:
https://gratisexam.com/
QUESTION 147
Which two statements are true concerning the default communication between a redundant pair of BIG-IP systems? (Choose two.)
A. Synchronization occurs via a TCP connection using ports 683 and 684.
B. Connection mirroring data is shared via a TCP connection using port 1028.
C. Persistence mirroring data is shared via a TCP connection using port 1028.
D. Connection mirroring data is shared through the serial failover cable unless network failover is enabled.
Correct Answer: BC
Section: (none)
Explanation
Explanation/Reference:
QUESTION 148
As a part of the Setup Utility, the administrator sets the host name for the BIG-IP.
What would be the result if the two systems in a redundant pair were set to the same host name?
Correct Answer: C
Section: (none)
Explanation
Explanation/Reference:
QUESTION 149
Where is connection mirroring configured?
https://gratisexam.com/
Correct Answer: D
Section: (none)
Explanation
Explanation/Reference:
QUESTION 150
Which statement is true regarding failover?
Correct Answer: B
Section: (none)
Explanation
Explanation/Reference:
QUESTION 151
Assume the bigd daemon fails on the active system. Which three are possible results? (Choose three.)
A. The active system will restart the bigd daemon and continue in active mode.
B. The active system will restart the TMM daemon and continue in active mode.
C. The active system will reboot and the standby system will go into active mode.
D. The active system will failover and the standby system will go into active mode.
E. The active system will continue in active mode but gather member and node state information from the standby system.
Explanation/Reference:
QUESTION 152
https://gratisexam.com/
Assuming there are open connections through an active system's NAT and a failover occurs, by default, what happens to those connections?
Correct Answer: B
https://gratisexam.com/
Section: (none)
Explanation
Explanation/Reference:
QUESTION 153
Which statement is correct if a TOP-based monitor is assigned to an LTM System and an HTTP-based monitor is assigned to one of that LTM System's Virtual
Servers?
Correct Answer: B
Section: (none)
Explanation
Explanation/Reference:
QUESTION 154
What is the purpose of provisioning?
Correct Answer: B
Section: (none)
Explanation
Explanation/Reference:
QUESTION 155
https://gratisexam.com/
Where is the load balancing mode specified?
Correct Answer: A
Section: (none)
Explanation
Explanation/Reference:
QUESTION 156
Assume a BIG-IP has no NATs or SNATs configured. Which two scenarios are possible when client traffic arrives on a BIG-IP that is NOT destined to a self-IP?
(Choose two.)
A. If the destination of the traffic does not match a virtual server, the traffic will be discarded.
B. If the destination of the traffic does not match a virtual server, the traffic will be forwarded based on routing tables.
C. If the destination of the traffic matches a virtual server, the traffic will be processed per the virtual server definition. If the destination of the traffic matches a
virtual server, the traffic will be processed per the virtual server. definition.
D. If the destination of the traffic matches a virtual server, the traffic will be forwarded, but it cannot be load balanced since no SNAT has been configured.
Correct Answer: AC
Section: (none)
Explanation
Explanation/Reference:
QUESTION 157
When configuring a pool member's monitor, which three association options are available? (Choose three.)
https://gratisexam.com/
E. do not assign any monitor to the specific member
Explanation/Reference:
QUESTION 158
Generally speaking, should the monitor templates be used as production monitors or should they be customized prior to use?
A. Most templates, such as HTTP and TCP, are as effective as customized monitors.
B. Monitor template customization is only a matter of preference, not an issue of effectiveness or performance.
C. Most templates, such as https, should have the receive rule customized to make the monitor more robust.
D. While some templates, such as ftp, must be customized, those that can be used without modification are not improved by specific changes.
Correct Answer: C
Section: (none)
Explanation
Explanation/Reference:
QUESTION 159
A site needs a virtual server that will use an iRule to parse HTTPS traffic based on HTTP header values. Which two profile types must be associated with such a
virtual server?
(Choose two.)
A. TCP
B. HTTP
C. HTTPS
D. ServerSSL
Correct Answer: AB
Section: (none)
Explanation
Explanation/Reference:
https://gratisexam.com/
QUESTION 160
How is persistence configured?
Correct Answer: B
Section: (none)
Explanation
Explanation/Reference:
QUESTION 161
Assume a virtual server has a ServerSSL profile. What SSL certificates are required on the BIG-IP?
Correct Answer: A
Section: (none)
Explanation
Explanation/Reference:
QUESTION 162
Assume a virtual server is configured with a ClientSSL profile. What would the result be if the virtual server's destination port was not 443?
A. SSL termination could not be performed if the virtual server's port was not port 443.
B. Virtual servers with a ClientSSL profile are always configured with a destination port of 443.
C. As long as client traffic was directed to the alternate port, the virtual server would work as intended.
D. Since the virtual server is associated with a ClientSSL profile, it will always process traffic sent to port 443.
https://gratisexam.com/
Correct Answer: C
Section: (none)
Explanation
Explanation/Reference:
QUESTION 163
Which statement is true concerning SSL termination.
A. A virtual server that has both ClientSSL and ServerSSL profiles can still support cookie persistence.
B. Decrypting traffic at the BIG-IP allows the use of iRules for traffic management, but increases the load on the pool member.
C. When any virtual server uses a ClientSSL profile, all SSL traffic sent to the BIG-IP is decrypted before it is forwarded to servers.
D. If a virtual server has both a ClientSSL and ServerSSL profile, the pool members have less SSL processing than if the virtual server had only a ClientSSL
profile.
Correct Answer: A
Section: (none)
Explanation
Explanation/Reference:
QUESTION 164
A standard virtual server is defined with a pool and a SNAT using automap. All other settings for the virtual server are at defaults. When client traffic is processed by
the BIG-IP, what will occur to the IP addresses?
A. Traffic initiated by the pool members will have the source address translated to a self-IP address but the destination address will not be changed.
B. Traffic initiated to the virtual server will have the destination address translated to a pool member address and the source address. Traffic initiated to the virtual
server will have the destination address translated to a pool member. address and the source address translated to a self-IP address.
C. Traffic initiated by selected clients, based on their IP address, will have the source address translated to a self-IP address but the destination will only be
translated if the traffic is destined to the virtual server.
D. Traffic initiated to the virtual server will have the destination address translated to a pool member address and the source address. Traffic initiated to the virtual
server will have the destination address translated to a pool member. address and the source address translated to a self-IP address. Traffic arriving destined to
other destinations will have the source translated to a self-IP address only.
Correct Answer: B
Section: (none)
Explanation
https://gratisexam.com/
Explanation/Reference:
QUESTION 165
Which IP address will the client address be changed to when SNAT automap is specified within a Virtual Server configuration?
A. The floating self IP address on the VLAN where the packetleaves the system.
B. The floating self IP address on the VLAN where the packet arrives on the system.
C. It will alternate between the floating and nonfloating self IP address on the VLAN where the packet leaves the system so that port exhaustion is avoided.
D. It will alternate between the floating and nonfloating self IP address on the VLAN where the packet arrives on the system so that port exhaustion is avoided.
Correct Answer: A
Section: (none)
Explanation
Explanation/Reference:
QUESTION 166
Which event is always triggered when a client initially connects to a virtual server configured with an HTTP profile?
A. HTTP_DATA
B. CLIENT_DATA
C. HTTP_REQUEST
D. CLIENT_ACCEPTED
Correct Answer: D
Section: (none)
Explanation
Explanation/Reference:
QUESTION 167
Which statement is true concerning the default communication between a redundant pair of BIG-IP devices?
https://gratisexam.com/
C. Regardless of the configuration, some data is communicated between the systems at regular intervals.
D. Connection mirroring data is shared through the serial failover cable unless network failover is enabled.
Correct Answer: B
Section: (none)
Explanation
Explanation/Reference:
QUESTION 168
When using the setup utility to configure a redundant pair, you are asked to provide a "Failover Peer IP". Which address is this?
Correct Answer: B
Section: (none)
Explanation
Explanation/Reference:
QUESTION 169
Assuming there are open connections through an active system's virtual servers and a failover occurs, by default, what happens to the connections?
Correct Answer: A
Section: (none)
Explanation
Explanation/Reference:
https://gratisexam.com/
QUESTION 170
Which action will take place when a failover trigger is detected by the active system?
A. The active device will take the action specified for the failure.
B. The standby device also detects the failure and assumes the active role.
C. The active device will wait for all connections to terminate and then failover.
D. The standby device will begin processing virtual servers that have failed, but the active device will continue servicing the functional virtual servers.
Correct Answer: A
Section: (none)
Explanation
Explanation/Reference:
QUESTION 171
Which statement is true concerning SNATs using SNAT pools and SNATs using automap?
A. SNAT s using automap preferentially translate source addresses to nonfloating self-IP addresses.
B. SNAT s using a SNAT pool translate source addresses randomly to any of the addresses in the SNAT pool.
C. SNAT s using automap translate source addresses randomly to any of the BIG-IP's floating self-IP addresses.
D. A SNAT pool can contain virtual server addresses.
Correct Answer: A
Section: (none)
Explanation
Explanation/Reference:
QUESTION 172
When a pool is created and saved to file, where is the default file and location for the pool configuration? When a pool is created and saved to file, where is the
default file and location for the pool configuration?
A. /config/BIG-IP_base.conf
B. lconfig/BIG-IP.conf
C. /etc/BIG-IP_base.conf
https://gratisexam.com/
D. /config/BigDB.dat
Correct Answer: B
Section: (none)
Explanation
Explanation/Reference:
QUESTION 173
Which action CANNOT be performed by an iRule?
Correct Answer: C
Section: (none)
Explanation
Explanation/Reference:
QUESTION 174
Which are immediate results of entering the following command:
A. A. Requests sent to this BIG-IP system with a destination port of 80 are load balanced between the members of PoolA.
B. No changes will take place since the command is missing the monitor component for PoolA.
C. The /config/BIG-IP.cinf file is updated to include a definition for the pool named PoolA.
D. A new pool is available for association with any iRule or virtual server.
https://gratisexam.com/
Correct Answer: D
Section: (none)
Explanation
Explanation/Reference:
QUESTION 175
Which three statements are true about SNATs? (Choose three.)
Correct Answer: BC
Section: (none)
Explanation
Explanation/Reference:
QUESTION 176
When a virtual server has an HTTP profile with compression enabled, which traffic is compressed by the BIG-IP?
Correct Answer: A
Section: (none)
Explanation
Explanation/Reference:
QUESTION 177
https://gratisexam.com/
Which three parameters could be used to determine whether a connection request will have the source address translated as the request is processed? (Choose
three.)
Explanation/Reference:
QUESTION 178
When defining a load balancing pool using the command line, if the load balancing method is not specified, what is the result?
Correct Answer: A
Section: (none)
Explanation
Explanation/Reference:
QUESTION 179
Click the Exhibit Button an LTM has the 3 virtual servers, a SNAT defined, four self IP addresses defined and the networks shown in the exhibit. Selected options
for each object are shown below. Settings not shown are at their defaults.
https://gratisexam.com/
A connection attempt is made with a source IP and port of 10.20.100.50:80 and a destination IP and port of 10.10.2.10:80. When the request is processed, what will
be the source and destination IP addresses?
https://gratisexam.com/
A. The request will be dropped.
B. Source IP: Either 172.16.20.50 or 192.168.10.50; Destination IP: 10.10.2010
C. Source IP: 10.20.100.50; Destination IP: 10.10.2.10
D. Source IP: 10.10.2.1; Destination IP: 10.10.2.10
Correct Answer: B
Section: (none)
Explanation
Explanation/Reference:
QUESTION 180
Which two statements are true concerning capabilities of current BIG-IP platforms? (Choose two.)
https://www.gratisexam.com/
Correct Answer: BE
Section: (none)
Explanation
Explanation/Reference:
QUESTION 181
An LTM has the 3 virtual servers, four self IP addresses defined and the networks shown in the exhibit. Selected options for each object are shown below. Settings
not shown are at their defaults.
https://gratisexam.com/
A connection attempt is made with a source IP and port of 10.20.100.50:2222 and a destination IP and port of 10.10.2.102:80.
When the request is processed, what will be the destination IP address?
https://gratisexam.com/
A. Destination IP: 10.10.2.102
B. The request will be dropped.
C. Destination IP: pool member in the 192.168/16 network
D. Destination IP: pool member in the 172.16/16 network
Correct Answer: C
Section: (none)
Explanation
Explanation/Reference:
QUESTION 182
Which statement describes advanced shell access correctly?
A. Users with advanced shell access can always change, add, or delete LTM objects in all partition.
B. Users with advance shell access are limited to changing, adding, or deleting LTM object in any single partition.
C. Users with advance shell access have the same right as those with mesh access, but right extend to all partition rather than to a single partition.
D. All Users can be given advanced shell access.
Correct Answer: A
Section: (none)
Explanation
Explanation/Reference:
https://gratisexam.com/
QUESTION 183
A, steaming profile will do which of the following?
A. Search and replace all occurrences of a specified string only is responses processed by a virtual server.
B. Search and replace all occurrences of a specified string only in request processed by a virtual server.
C. Search and replace all occurrences of a specified string in requests and responses processed by a virtual server.
D. Search and replace the first occurrence of a specified of a specified string in either a request or response processed by a virtual server.
Correct Answer: C
Section: (none)
Explanation
Explanation/Reference:
QUESTION 184
Which three can be a part of a pool's definition? (Choose three.)
A. Link
B. Monitors
C. Wide IPs
D. Persistence
E. Data Centers
F. Virtual Servers
Explanation/Reference:
QUESTION 185
Which two ports must be enabled to establish communication between GTM Systems and other BIG IP Systems? (Choose two.)
A. 22
B. 53
https://gratisexam.com/
C. 443
D. 4353
E. 4354
Correct Answer: AD
Section: (none)
Explanation
Explanation/Reference:
QUESTION 186
When probing LDNSs, which protocol is used by default?
A. TCP
B. ICMP
C. DNS_REV
D. DNS_DOT
Correct Answer: B
Section: (none)
Explanation
Explanation/Reference:
QUESTION 187
Use a proprietary syntax language. Must contain at least one event declaration. Must contain at least one conditional statement. Must contain at least one pool
assignment statement. What must be sent to the license server to generate a new license?
Correct Answer: A
Section: (none)
Explanation
https://gratisexam.com/
Explanation/Reference:
QUESTION 188
What is the difference between primary and secondary DNS servers?
Correct Answer: B
Section: (none)
Explanation
Explanation/Reference:
QUESTION 189
A site wishes to delegate the name .wmysite.com to a GTM System. Which entry would be appropriate in their current DNS servers?
A. vww.mysite.com. IN A 132.26.33.15
B. 15.33.addrin.arpa.com IN PRT .wiw.mysite.com.
C. iw.mysite.com. IN CNAME wwip.mysite.com.
D. wwmysite.com. IN DEL wiwGTM.mysite.com.
Correct Answer: C
Section: (none)
Explanation
Explanation/Reference:
QUESTION 190
Which statement about root DNS servers is true?
https://gratisexam.com/
D. Root servers have databases of commonly accessed sites. They also cache entries for additional servers as requests are made.
Correct Answer: B
Section: (none)
Explanation
Explanation/Reference:
QUESTION 191
What is the advantage of specifying three load balancing methods when load balancing within pools?
A. Specifying three methods allows the GTM System to use all three methods simultaneously.
B. Specifying three methods allows the GTM System to choose the optimal method for each name resolution.
C. Specifying three methods allows the GTM System alternate methods if insufficient data is available for other methods.
D. Specifying three methods allows the GTM System to rotate between the three methods so that no one method is used too often.
Correct Answer: C
Section: (none)
Explanation
Explanation/Reference:
QUESTION 192
A pool is using Global Availability as its load balancing method (Alternate:Round Robin; Fallback: Return to DNS). The last five resolutions have been C, D, C, D, C.
Given the current conditions shown in the table, which address will be used for the next resolution?
A. A
B. B
C. C
D. D
Correct Answer: B
Section: (none)
Explanation
Explanation/Reference:
https://gratisexam.com/
QUESTION 193
What are two advantages of the Quality of Service (QoS) load balancing method? (Choose two.)
A. It resolves requests to the site with the highest QoS value in the IP header.
B. It combines multiple load balancing metric values in a single load balancing method.
C. It allows the GTM administrator to place relative values on each metric used to determine the optimum site.
D. It allows the GTM System to select the optimum virtual server based on all available path and server metrics.
Correct Answer: BC
Section: (none)
Explanation
Explanation/Reference:
QUESTION 194
When is a Virtual Server hosted by an LTM System defined with two IP addresses?
A. Two addresses are used to define the Virtual Server when it is managed by redundant LTM Systems.
B. Two addresses are used to define some Virtual Servers so that the GTM System can choose the better address when resolving the name.
C. Two addresses are used to define Virtual Servers when the LTM System hosting it is behind a firewall that is translating the Virtual Server address.
D. Two addresses are used to define a Virtual Server when the Wide-IP should resolve to a different address depending on which LTM System is active.
Correct Answer: C
Section: (none)
Explanation
Explanation/Reference:
QUESTION 195
What is a characteristic of iQuery?
A. It uses SSH.
B. It uses SSL.
C. It uses SCP.
D. It uses HTTPS.
https://gratisexam.com/
Correct Answer: B
Section: (none)
Explanation
Explanation/Reference:
QUESTION 196
Which two are events that can be used to trigger GTM iRule data processing? (Choose two.)
A. LB_FAILED
B. DNS_REQUEST
C. HTTP REQUEST
D. CLIENT_ACCEPTED
Correct Answer: AB
Section: (none)
Explanation
Explanation/Reference:
QUESTION 197
How do you support non intelligent DNS resolution in an environment with GTM Systems and standard DNS servers? (Choose two.)
Correct Answer: CD
Section: (none)
Explanation
Explanation/Reference:
QUESTION 198
https://gratisexam.com/
iQuery is a proprietary protocol that distributes metrics gathered from which three sources? (Choose three.)
A. SNMP
B. DNS root servers
C. path probes such as ICMP
D. monitors from LTM Systems
E. monitors from Generic Host Servers
Explanation/Reference:
QUESTION 199
Monitors can be assigned to which three resources? (Choose three.)
A. Pools
B. Servers
C. Wide-IPs
D. Data Centers
E. Pool Members
Explanation/Reference:
QUESTION 200
Which of the following does not pertain to protecting the Requested Resource (URI) element?
https://gratisexam.com/
Correct Answer: C
Section: (none)
Explanation
Explanation/Reference:
QUESTION 201
Which of the following is correct regarding User-defined Attack signatures?
Correct Answer: A
Section: (none)
Explanation
Explanation/Reference:
QUESTION 202
Which of the following methods of protection is not available within the Protocol Security Manager for HTTP traffic?
A. Data guard
B. Attack signatures
C. Evasion techniques
D. File type enforcement
Correct Answer: B
Section: (none)
Explanation
Explanation/Reference:
QUESTION 203
https://gratisexam.com/
Which of the following statements are correct regarding positive and negative security models? (Choose two.)
Correct Answer: CD
Section: (none)
Explanation
Explanation/Reference:
QUESTION 204
Which of the following methods are used by the BIG-IP ASM System to protect against SQL injections?
Correct Answer: B
Section: (none)
Explanation
Explanation/Reference:
QUESTION 205
Which of the following can be associated with an XML profile?
A. Flow
B. Method
C. Parameter
D. File type
Correct Answer: C
https://gratisexam.com/
Section: (none)
Explanation
Explanation/Reference:
QUESTION 206
An HTTP class is available
Correct Answer: A
Section: (none)
Explanation
Explanation/Reference:
QUESTION 207
Which of the following is not a configurable parameter data type?
A. Email
B. Array
C. Binary
D. Decimal
Correct Answer: B
Section: (none)
Explanation
Explanation/Reference:
QUESTION 208
When we have a * wildcard entity configured in the File Type section with tightening enabled, the following may occur when requests are passed through the policy.
Which is the most accurate statement?
https://gratisexam.com/
A. File type violations will not be triggered.
B. File type violations will be triggered and learning will be available based on these violations.
C. File type entities will automatically be added to the policy (policy will tighten).
D. File type violations will not be triggered and the entity learning section will be populated with file type recommendations.
Correct Answer: B
Section: (none)
Explanation
Explanation/Reference:
QUESTION 209
There are multiple HTTP class profiles assigned to a virtual server. Each profile has Application Security enabled. Which statement is true?
A. Traffic will process through every HTTP class profile every time.
B. Traffic will process through the first HTTP class profile that it matches and then stops.
C. Traffic will process through one HTTP class profile and if the traffic matches another profile, BIG-IP System will send a redirect to the client.
D. Traffic will only process through the HTTP class profile that it matches but always processes through the whole list and will process through each HTTP class
profile it matches.
Correct Answer: B
Section: (none)
Explanation
Explanation/Reference:
QUESTION 210
A security audit has determined that your web application is vulnerable to a cross site scripting attack. Which of the following measures are appropriate when
building a security policy? (Choose two.)
Correct Answer: BD
https://gratisexam.com/
Section: (none)
Explanation
Explanation/Reference:
QUESTION 211
Which of the following mitigation techniques is based on anomaly detection? (Choose two)
Correct Answer: AC
Section: (none)
Explanation
Explanation/Reference:
QUESTION 212
Which of the following statements are incorrect regarding protection of web services? (Choose two.)
A. The BIG-IP ASM System checks to ensure web services use cookies.
B. The BIG-IP ASM System parses XML requests and XML responses.
C. The BIG-IP ASM System checks to ensure XML documents are well formed.
D. The BIG-IP ASM System uses attack signatures to enforce negative security logic.
E. The BIG-IP ASM System checks for XML syntax, schema validation, and WSDL validation.
Correct Answer: AB
Section: (none)
Explanation
Explanation/Reference:
QUESTION 213
Which of the following is correct regarding static parameters?
https://gratisexam.com/
A. A static parameter is stored in a frame cookie.
B. A static parameter is predefined by the web application logic.
C. A static parameter is learned only by using the Deployment Wizard.
D. A static parameter is mapped once when creating the application flow model.
Correct Answer: B
Section: (none)
Explanation
Explanation/Reference:
QUESTION 214
When configuring the BIG-IP ASM System in redundant pairs, which of the following are synchronized? (Choose two.)
A. License file
B. Security policies
C. Web applications
D. Request information
E. Traffic learning information
Correct Answer: BC
Section: (none)
Explanation
Explanation/Reference:
QUESTION 215
Which of the following is correct concerning HTTP classes?
https://www.gratisexam.com/
https://gratisexam.com/
B. A virtual server can only have one web application associated with it
C. A single ASM enabled HTTP class can be used by multiple virtual servers
D. Each ASM enabled HTTP class can have several active security policies associated with it
Correct Answer: C
Section: (none)
Explanation
Explanation/Reference:
QUESTION 216
What are the best reasons for using the Deployment Wizard? (Choose three.)
Explanation/Reference:
QUESTION 217
When building a policy based on live traffic using the automated policy builder, which of the following elements will not be taken into account when analyzing the
traffic?
Correct Answer: A
Section: (none)
Explanation
https://gratisexam.com/
Explanation/Reference:
QUESTION 218
Which of the following are properties of an ASM logging profile? (Choose three.)
A. storage type
B. storage filter
C. storage policy
D. web application
Correct Answer: AB
Section: (none)
Explanation
Explanation/Reference:
QUESTION 219
Which of the following methods of protection are used by the BIG-IP ASM System to mitigate buffer overflow attacks?
Correct Answer: B
Section: (none)
Explanation
Explanation/Reference:
QUESTION 220
Which HTTP response code ranges indicate an error condition? (Choose two.)
A. 1xx
B. 2xx
C. 3xx
https://gratisexam.com/
D. 4xx
E. 5xx
Correct Answer: DE
Section: (none)
Explanation
Explanation/Reference:
QUESTION 221
The following request is sent to the BIG-IP ASM System:
GET http://www.example.local/financials/week1.xls?display=yes&user=john&logon=true
Which of the following components in this requests line represent the query string?
A. .xls
B. /week1.xls
C. /financials/week1.xls
D. display=yes&user=john&logon=true
Correct Answer: D
Section: (none)
Explanation
Explanation/Reference:
QUESTION 222
Which of the following storage type combinations are configurable in an ASM logging profile?
Correct Answer: B
Section: (none)
Explanation
https://gratisexam.com/
Explanation/Reference:
QUESTION 223
A site has six members in a pool. All of the servers have been designed, built, and configured with the same applications. It is known that each client's interactions
vary significantly and can affect the performance of the servers. If traffic should be sent to all members on a regular basis, which load balancing mode is most
effective if the goal is to maintain a relatively even load across all servers.
A. Ratio
B. Priority
C. Observed
D. Round Robin
Correct Answer: C
Section: (none)
Explanation
Explanation/Reference:
QUESTION 224
Which two can be a part of a pool's definition? (Choose two.)
A. rule(s)
B. profile(s)
C. monitor(s)
D. persistence type
E. load balancing mode
Correct Answer: CE
Section: (none)
Explanation
Explanation/Reference:
QUESTION 225
A standard virtual server has been associated with a pool with multiple members. Assuming all other settings are left at their defaults, which statement is always
https://gratisexam.com/
true concerning traffic processed by the virtual server?
A. The client IP address is unchanged between the client-side connection and the server-side connection.
B. The server IP address is unchanged between the client-side connection and the server-side connection.
C. The TCP ports used in the client-side connection are the same as the TCP ports server-side connection.
D. The IP addresses used in the client-side connection are the same as the IP addresses used in the server-side connection.
Correct Answer: A
Section: (none)
Explanation
Explanation/Reference:
QUESTION 226
A site has assigned the ICMP monitor to all nodes and a custom monitor, based on the HTTP template, to a pool of web servers. The HTTP-based monitor is
working in all cases. The ICMP monitor is failing for 2 of the pool member 5 nodes. All other settings are default. What is the status of the monitor is working in all
cases?
Correct Answer: D
Section: (none)
Explanation
Explanation/Reference:
QUESTION 227
A site would like to ensure that a given web server's default page is being served correctly prior to sending it client traffic. They assigned the A site would like to
ensure that a given web server's default page is being served correctly prior to sending it client traffic. They be assigned the default HTTP monitor to the pool. What
would the member status be if it sent an unexpected response to the GET request default HTTP monitor to the pool?
https://gratisexam.com/
B. The pool member would be marked online (green).
C. The pool member would be marked unknown (blue).
D. The pool member would alternate between red and green.
Correct Answer: B
Section: (none)
Explanation
Explanation/Reference:
QUESTION 228
The current status of a given pool is offline (red). Which condition could explain that state? Assume the descriptions below include all monitors assigned for each
scenario.
Correct Answer: B
Section: (none)
Explanation
Explanation/Reference:
QUESTION 229
Which three statements describe a characteristic of profiles? (Choose three.)
https://gratisexam.com/
Explanation
Explanation/Reference:
QUESTION 230
How is persistence configured?
https://gratisexam.com/
A. Persistence is an option within each pool's definition.
https://gratisexam.com/
B. Persistence is a profile type; an appropriate profile is created and associated with virtual server.
C. Persistence is a global setting; once enabled, load balancing choices are superceded by the persistence method that is specified.
D. Persistence is an option for each pool member. When a pool is defined, each member's definition includes the option for persistence.
Correct Answer: B
Section: (none)
Explanation
Explanation/Reference:
QUESTION 231
Which cookie persistence method requires the fewest configuration changes on the web servers to be implemented correctly?
A. insert
B. rewrite
C. passive
D. session
Correct Answer: A
Section: (none)
Explanation
Explanation/Reference:
QUESTION 232
Which two statements are true about NATs? (Choose two.)
Correct Answer: AC
Section: (none)
Explanation
Explanation/Reference:
https://gratisexam.com/
QUESTION 233
A virtual server is listening at 10.10.1.100:80 and has the following iRule associated with it:
If a user connects to http://10.10.1.100/foo.html and their browser does not specify a UserAgent, which pool will receive the request?
A. MSIE_pool
B. Mozilla_pool
C. None. The request will be dropped.
D. Unknown. The pool cannot be determined from the information provided.
Correct Answer: B
Section: (none)
Explanation
Explanation/Reference:
QUESTION 234
GTM can sign a DNS response using DNSSEC only if the DNS request. GTM can sign a DNS response using DNSSEC only if the DNS request.
Correct Answer: B
Section: (none)
Explanation
Explanation/Reference:
https://gratisexam.com/
QUESTION 235
Which two daemons only run after the entire license process has been completed? (Choose two.)
A. zrd
B. tmm
C. ntpd
D. gtmd
Correct Answer: AD
Section: (none)
Explanation
Explanation/Reference:
QUESTION 236
If the GTM System receives a packet destined for one of its Listener addresses the GTM will process the request _____
Correct Answer: B
Section: (none)
Explanation
Explanation/Reference:
QUESTION 237
Flow login allows for more granular protection of login and logout URLs within web applications. Which of the following are components of flow login? (Choose
three.)
A. Schema
B. Login URLs
C. Login pages
D. Attack signatures
https://gratisexam.com/
E. Access validation
Explanation/Reference:
QUESTION 238
Which three files/data items are included in a BIG-IP UCS backup file? (Choose three.)
Explanation/Reference:
QUESTION 239
How is traffic flow through transparent virtual servers different from typical virtual servers?
A. Traffic flow through transparent virtual servers must be forwarded through a single routing device.
B. Traffic flow through transparent virtual servers does not have IP address translation performed.
C. Traffic flow through transparent virtual severs is not load balanced.
D. Traffic flow through transparent virtual servers is bridged (leave IP and MAC.addresses intact) rather than routed (leave IP address intact but change the
MAC.addresses).
Correct Answer: B
Section: (none)
Explanation
Explanation/Reference:
https://gratisexam.com/
https://www.gratisexam.com/
https://gratisexam.com/