Show Answer

F5.101.v2022-03-02.
q205
Exam Code: 101

Exam Name: Application Delivery Fundamentals Exam
Certification Provider: F5
Free Question Number: 205
Version: v2022-03-02
# of views: 107
# of Questions views: 2156
https://www.freecram.net/torrent/F5.101.v2022-03-02.q205.html
NEW QUESTION: 1
The SNMP monitor can collect data based on which three metrics? (Choose three.)
A. packet rate
B. memory utilization
C. content verification
D. current connections
E. hops along the network path
Answer: (SHOW ANSWER)
Explanation
NEW QUESTION: 2
A BIG-IP Administrator needs to create a route to send traffic destined to 10.1.1 1 to another
router with an address of 192 168 1 1 Which TMSH command should the administrator use?
A. create/net route 10. 11. 1/32 gw 192 168. 1. 1
B. add met route 192. 168. 1. 1/32 gw 10. 1. 1. 1
C. create met route 192 168. 1. 1/32 gw 10. 11. 1
D. add inet route 10.11.1/32 gw 192. 168.1.1
NEW QUESTION: 3
An age-based policy is set up on the ARX that retains only data modified in the last 3 months on
tier 1 storage and moves the rest of the data to secondary storage. What happens when the end
user tries to access data that has not been touched in 6 months?
A. The end user is unaware that the data has been moved to secondary tier storage and is able
to access the data without difficulty.
B. The networking mapping window appears, allowing the end user to re-establish direct access
to the data even though it has been moved to secondary storage.
C. An error message appears saying "File is no longer unavailable."
D. A message appears explaining that the file has been archived, and a link to the new secondary
storage tier location is provided.
Explanation/Reference:
NEW QUESTION: 4
When is a Virtual Server hosted by an LTM System defined with two IP addresses?
A. Two addresses are used to define the Virtual Server when it is managed by redundant LTM
Systems.
B. Two addresses are used to define Virtual Servers when the LTM System hosting it is behind a
firewall that is translating the Virtual Server address.
C. Two addresses are used to define some Virtual Servers so that the GTM System can choose
the better address when resolving the name.
D. Two addresses are used to define a Virtual Server when the Wide-IP should resolve to a
different address depending on which LTM System is active.
NEW QUESTION: 5
An administrator needs to load balance connections to the application server with the lowest
number of Which load balancing method meets these requirements?
A. Least Sessions
B. Ratio Least Connections (member)
C. Least Connections (member)
D. Least Connections (node)
https:/support f5 com/csp/article/K9573
NEW QUESTION: 6
What percentage of storage in a typical environment is actively used and modified?
A. 25%
B. 10%
C. 90%
D. 5%
E. 50%
Answer: B (LEAVE A REPLY)
NEW QUESTION: 7
A site wishes to perform source address translation on packets from some clients but not others.
The determination is not based on the client's IP address, but on the virtual servers their packets
arrive on. What could best accomplish this goal.
A. The decision to perform source address translation is always based on
VLAN. Thus, the goal cannot be achieved.
B. A SNAT for all addresses could be defined, and then disable the SNAT processing for select
VLANs.
C. Some virtual servers could be associated with SNAT pools and others not associated with
SNAT pools.
D. The decision to perform source address translation is always based on a client's address (or
network). Thus, this goal cannot be achieved.
NEW QUESTION: 8
What are the two most common methods of placing a BIG-IP device into a network environment?
A. Channeled configuration
B. VLAN configuration
C. NAT configuration
D. SNAT configuration
E. Asymmetric configuration
F. Routed configuration
Explanation:
NEW QUESTION: 9
Tightening is a feature of which type of entity?
A. Flow login URLs
B. Wildcard parameters
C. Attack signatures
D. Explicit URLs
NEW QUESTION: 10
Assuming there are open connections through an active system's NAT and a fail-over occurs, by
default, what happens to those connections.
A. The "Mirror" option must be chosen on the NAT and the setting synchronized prior to the
connection establishment.
B. All open connections will be lost.
C. All open connections are lost, but new connections are initiated by the newly active BIG-IP,
resulting in minimal client downtime.
D. All open connections will be maintained.
E. Long-lived connections such as Telnet and FTP will be maintained while short-lived
connections such as HTTP will be lost.
NEW QUESTION: 11
To make complex access policies easier to manage, an administrator can create a policy
containing several policy actions, and then add instances of it within the policy using the
________. (Fill in)
A. Deployment Wizard
B. Setup Wizard
C. Policy Wizard
D. Visual Wizard
NEW QUESTION: 12
How is persistence configured.
A. Persistence is a profile type; an appropriate profile is created and associated with virtual
server.
B. Persistence is an option for each pool member. When a pool is defined, each member's
definition includes the option for persistence.
C. Persistence is an option within each pool's definition.
D. Persistence is a global setting; once enabled, load-balancing choices are superceded by the
persistence method that is specified.
NEW QUESTION: 13
Although APM can interoperate with LTM, it is unable to use iRules for advanced processing.
A. false
B. True
NEW QUESTION: 14
A site needs to terminate client HTTPS traffic at the BIG-IP and forward that traffic unencrypted.
Which two are profile types that must be associated with such a virtual server? (Choose two.)
A. TCP
B. HTTP
C. HTTPS
D. ClientSSL
E. ServerSSL
Answer: D,E (LEAVE A REPLY)
https://support.f5.com/csp/article/K12015
NEW QUESTION: 15
Why is BIG-IP ASM ideally suited to protect against layer 7 attacks, including HTTP and
HTTPS/SSL traffic, when compared to an intrusion prevention system (IPS)?
A. An intrusion prevention system (IPS) is based on Packet Filtering.
B. An IPS doesn't have the visibility into HTTPS traffic. it doesn't understand what applications
are in the network.
C. An IPS only focus on operating system attacks; it doesn't understand what application are in
the network.
D. An IPS can only look at overall traffic patterns; it doesn't understand what applications are in
the network.
NEW QUESTION: 16
Assume a virtual server is configured with a ClientSSL profile. What would the result be if the
virtual server's destination port were not 443.
A. Virtual servers with a ClientSSL profile are always configured with a destination port of 443.
B. SSL termination could not be performed if the virtual server's port was not port 443.
C. As long as client traffic was directed to the alternate
port, the virtual server would work as intended.
D. Since the virtual server is associated with a ClientSSL profile, it will always process traffic sent
to port 443.
Valid 101 Dumps shared by Fast2test.com for Helping Passing 101 Exam! Fast2test.com now
offer the newest 101 exam dumps, the Fast2test.com 101 exam questions have been
updated and answers have been corrected get the newest Fast2test.com 101 dumps with
Test Engine here: https://www.fast2test.com/101-premium-file.html (240 Q&As Dumps,
30%OFF Special Discount: freecram)
NEW QUESTION: 17
Which three of the following are benefits of adding WebAccelerator to the network infrastructure?
A. It adds a layer, security to a Web site
B. It speeds up a secure Web site
C. It reduces the need to purchase additional bandwidth
D. It analyzes Web content, and caches and compresses it accordingly
E. It improves the performance, large object file transfers
Explanation:
NEW QUESTION: 18
A BIG-IP has two load balancing virtual servers at 150.150.10.10:80 and 150.150.10.10:443. The
port 80 virtual server has SNAT automap configured. There is also a SNAT configured at
150.150.10.11 set for a source address range of 200.200.1.0 / 255.255.255.0. All other settings
are at their default states.
If a client with the IP address 200.200.1.1 sends a request to https://150.150.10.10, what is the
source IP address when the associated packet is sent to the pool member?
A. 200.200.1.1
B. 150.150.10.11
C. Floating self IP address on VLAN where the packet leaves the system
D. Floating self IP address on VLAN where the packet arrives on the system
NEW QUESTION: 19
With standard DNS, assuming no DNS request failures, which process describes the normal
resolution process on a "first time" DNS request?
A. Client requests address from LDNS, Authoritative DNS receives request from root server, root
server returns LDNS address, LDNS returns client address, Authoritative DNS returns requested
IP address, LDNS returns requested IP address to client.
B. Client requests address from LDNS, LDNS requests from GTM, GTM requests from
Authoritative DNS, Authoritative DNS returns requested IP address, LDNS returns requested IP
address to client.
C. Client requests address from root server, root server returns IP address to Authoritative DNS,
Authoritative DNS returns requested IP address, LDNS returns requested IP address to client.
D. Client requests address from LDNS, LDNS requests from root server, root server returns
Authoritative DNS address, LDNS requests from Authoritative DNS, Authoritative DNS returns
requested IP address, LDNS returns requested IP address to client.
NEW QUESTION: 20
A. Provisioning allows the administrator to activate modules
in nonElstandard combinations.
B. Provisioning allows modules that are licensed be granted appropriate resource levels.
C. Provisioning allows the administrator to see what modules are licensed, but no user action is
ever required.
D. Provisioning allows modules that are not licensed to be fully tested.
NEW QUESTION: 21
GTM solves which three of these standard DNS limitations?
A. It can verify that a host is available before resolving a host name for a client
B. It can use HTTPS for the connection between itself and the client
C. It can ensure that clients remain at the same data center for stateful applications
D. It can verify that a client does not have any viruses before sending the IP address
E. It has more complex load balancing methods
Answer: A,C,E (LEAVE A REPLY)
Explanation/Reference: GTM solves three of these standard DNS limitations It can verify that a
host is available before resolving a host name for a client It can ensure that clients remain at the
same data center for stateful applications It has more complex load balancing methods
NEW QUESTION: 22
Which Datalink sublayer has the primary funcl.cn of proving node lo node flow and error control?
A. MAC
B. ARP
C. LLC
D. UDP
hltps://en wikipedia org/wiki/Logical_link_control
NEW QUESTION: 23
What is the primary benefit of associating Servers with Data Centers?
A. The primary benefit is in combining probing metrics. Load balancing decisions can be made
more intelligently.
B. The primary benefit is in load balancing. Clients will not be directed to Data Centers that are
separated from them by great distances.
C. The primary benefit is administrative. It is easier to remember to add servers when they are
categorized by a physical location.
D. The primary benefit is in assigning a single IP address to identify a Data Center.
NEW QUESTION: 24
A virtual server is listening at 10.10.1.100:any and has the following iRule associated with it:
If a user connects to 10.10.1.100 and port 22, which pool will receive the request?
A. ftp pool
B. telnet pool
C. None. The request will be dropped.
D. Unknown. The pool cannot be determined from the information provided.
NEW QUESTION: 25
What is the purpose of the GTM Systems Address Exclusion List concerning local DNS servers?
A. to prevent probing of specific local DNSs
B. to prevent name resolution for requests from specific local DNSs
C. to prevent probing of any local DNS servers by specific F5 devices
D. to prevent name resolution to specific Virtual Servers
NEW QUESTION: 26
Select the question you would ask your customer related to DNS attacks. Based on the material,
choose the most appropriate question.
A. How do you secure you DNS infrastructure against attacks?
B. Do you rely on your network firewall to protect you DNS server?
C. Do you over-provision your DNS infrastructure?
D. Do you regularly update BIND or some other DNS application to the latest release?
Explanation:
NEW QUESTION: 27
Which aspect of F5's Intelligent Services Platform helps you extend your security conversation to
include F5professionals and customers?
A. DevCentral
B. Modular Functionality
C. iApps
D. TMOS
NEW QUESTION: 28
Which service should be configured to allow BIG-IP devices to be externally monitored?
A. SNMP
B. SSHD
C. TMSH
D. SMTP
NEW QUESTION: 29
Which statement is true concerning the default communication between a redundant pair of BIG-
IP devices.
A. Communication between the systems cannot be effected by port lockdown settings.
B. Data for both connection and persistence mirroring are shared through the same TCP
connection.
C. Connection mirroring data is shared through the serial fail-over cable unless network failover is
enabled.
D. Regardless of the configuration, some data is communicated between the systems at regular
intervals.
NEW QUESTION: 30
A. As long as client traffic was directed to the alternate port, the virtual server would work as
intended.
B. Virtual servers with a ClientSSL profile are always configured with a destination port of 443.
C. Since the virtual server is associated with a ClientSSL profile, it will always process traffic sent
to port
443.
D. SSL termination could not be performed if the virtual server's port was not port 443.
NEW QUESTION: 31
It is common for free storage space to exist somewhere in a business network that is not easy for
storage administrators to utilize. What solution can the ARX provide in this situation?
A. The ARX identifies the exact location of the free storage, which allows network administrators
to target those locations when provisioning additional storage.
B. The ARX extends the capacity of each server by 10-15, through intelligent file virtualization.
C. The ARX uses the extra storage for transaction logs and index files.
D. The ARX allows the customer to pool storage from anywhere within the enterprise and
capacity balance the overflow across devices.
NEW QUESTION: 32
The ICMP monitor has been assigned to all nodes. In addition, all pools have been assigned
custom monitors. If a pool .eb.is marked .vailable (green) which situation is sufficient to cause
this.
A. Less than 50% of the .eb.pool. member. nodes responded to the ICMP echo request.
B. Over 25% of the .eb.pool. members have had their content updated and it no longer matches
the receive rule of the custom monitor.
The other respond as expected.The other. respond as expected.
C. All of the .eb.pool. member. nodes are responding to the ICMP monitor as expected.
D. All of the members of the .eb.pool have had their content updated recently and their responses
no longer match the monitor. receive rule.
NEW QUESTION: 33
Which of the following statements are correct regarding Attack signatures? (Choose 2)
A. Individual Attack signatures can be assigned to the security policy. Only Attack signature sets
can apply to the security policy.Individual Attack signatures can? be assigned to the security
policy. Only Attack signature sets can apply to the security policy.
B. Any new Attack signature downloaded manually or automatically will be active and assigned
directly to the security policy.
C. Attack signatures are the basis for positive security logic with the BIG-IP ASM System.
D. Attack signatures can apply to requests, responses, and parameters.
NEW QUESTION: 34
Which function does the Presentation Layer provide?
A. translation and encryption
B. access to available resources
C. transmission over a medium
D. internetworking capabilities
NEW QUESTION: 35
Which of the following statements about cookie persistence is NOT true?
A. No persistence information is placed on LTM.
B. The cookie's timeout value can be customized.
C. They do not add a performance impact on LTM.
D. They are F5'spreferred persistence method.
E. Web servers must be configured to send cookies to clients.
NEW QUESTION: 36
Assuming other failover settings are at their default state, what would occur if the failover cable
were to be disconnected for five seconds and then reconnected.
A. When the cable is disconnected, both systems will become active. When the voltage is
restored, unit two will revert to standby mode.
B. When the cable is disconnected, both systems will become active. When the voltage is
restored, both systems will maintain active mode.
C. Nothing. Failover due to loss of voltage will not occur if the voltage is lost for less than ten
seconds.
D. As long as network communication is not lost, no change will occur.
Answer: A (LEAVE A REPLY)
NEW QUESTION: 37
Drag and Drop Question
Match the security-related term with the correct definition.
1. OWASP Top 10
2. Secure Socket Layer (SSL)
3. Bot
4. Certificate
5. Content scrubbing
Answer:
NEW QUESTION: 38
A virtual server at 10.10.1.100:80 has the rule listed below applied. when HTTP_REQUEST { if
{[HTTP::uri] ends_with "htm" } { pool pool1 } elseif {[HTTP::uri] ends_with "xt" } { pool pool2 } If a
user connects to http://10.10.1.100/foo.txt which pool will receive the request.
A. Unknown. The pool cannot be determined from the information provided.
B. pool1
C. pool2
D. None. The request will be dropped.
NEW QUESTION: 39
What should a BIG-IP Administrator configure to minimize impact during a failure?
A. Clone pool
B. MAC masquerading
C. External monitors
D. One Connect profile
NEW QUESTION: 40
In the following configuration, a virtual server has the following HTTP class configuration:
A request arriving for WWW.F5.COM will be matched by which class(es)?

A. The request will be dropped
B. Class 2
C. Class 1
D. Both Class 1 and Class 2
NEW QUESTION: 41
A BIG-IP has two load balancing virtual servers at 150.150.10.10:80 and
150.150.10.10:443. The port 80 virtual server has SNAT automap configured. There is also a
SNAT configured at 150.150.10.11 set for a source address range of 200.200.1.0 /
255.255.255.0. All other settings are at their default states. If a client with the IP address
200.200.1.1 sends a request to https://150.150.10.10, what is the source IP address when the
associated packet is sent to the pool member.
A. 200.200.1.1
B. Floating self IP address on VLAN where the packet leaves the system
C. Floating self IP address on VLAN where the packet arrives on the system
D. 150.150.10.11
NEW QUESTION: 42
DRAG DROP
Match the security-related term with the correct definition.
1. Demilitarized zone (DMZ)
2. Denial of service (DoS)
3. DNS Express
4. DNS Security Extensions (DNSSEC)
5. Endpoint inspection
Select and Place:
Answer:
NEW QUESTION: 43
Which method of protection is not provided by the Rapid Deployment policy template?
A. Dynamic parameter validation
B. HTTP protocol compliance
C. Buffer overflow
D. Data leakage
NEW QUESTION: 44
The ARX can see ________ when a data modification takes place and will cue that file to be
migrated back to the primary tier.
A. In real time
B. Nightly
C. Weekly
D. At the time of a system scan
E. When scheduled by administrator
NEW QUESTION: 45
Which four of the following items are physical objects used by GTM?
A. Virtual servers
B. Links
C. Servers
D. Wide IPs
E. Data centers
F. Pools
Explanation
These components include:
Data centers, Servers, Links, Virtual servers
http://support.f5.com/kb/en-
us/products/bigip_gtm/manuals/product/gtm_config_10_2/gtm_components_overvie Links
+ Wide IPs + Data centers + Pools
Links
+ Wide IPs + Data centers + Virtual servers
Links
+ Servers + Virtual servers + Pools the physical network, such as data centers, servers, and links,
and the components that comprise the logical network, such as wide IPs, pools, and global
settings. Most of the configuration components you build using the Configuration utility are saved
to the wideip.conf file.
Logical objects/components include: Listeners - Pools - Wide IPs - Distributed applications
NEW QUESTION: 46
The ARX saves customers time, money and frustration through a stub-based system that makes
a slight modification to each file in order to more efficiently sort and store end user data.
A. True
B. False
Explanation:
NEW QUESTION: 47
The current status of a given pool is ffline.(red). Which condition could explain that state. Assume
the descriptions below include all monitorsThe current status of a given pool is .ffline.(red). Which
condition could explain that state. Assume the descriptions below include all monitors assigned
for each scenario.
A. The pool has a monitor assigned to it, and only some of the pool's members passed the test.
B. No monitors are currently assigned to any pool, member or node.
C. A monitor is assigned to all nodes and all nodes have passed the test. The pool's members
have no specific monitor assigned to them.
D. The pool has a monitor assigned to it, and none of the pool members passed the test. The
pool has a monitor assigned to it, and none of the pool. members passed the test.
NEW QUESTION: 48
Similar to LTM monitors, GTM monitors use both an Interval and a Timeout value.
A. True
B. False
NEW QUESTION: 49
Where is the load-balancing mode specified.
A. within the node definition
B. within the virtual server definition
C. within the pool definition
D. within the pool member definition
NEW QUESTION: 50
A. The server is temporary unable to receive any more data
B. The server is trying to close the TCP connection
C. The client is temporarily unable to receive any more data
D. The client is trying to close the TCP connection
NEW QUESTION: 51
A virtual server at 10.10.1.100:80 has the rule listed below applied. when HTTP_REQUEST { if
{[HTTP::uri] ends_with "htm" } { pool pool1 } elseif {[HTTP::uri] ends_with "xt" } { pool pool2 } If a
user connects to
http://10.10.1.100/foo.txt which pool will receive the request.
A. pool1
B. Unknown. The pool cannot be determined from the information provided.
C. pool2
D. None. The request will be dropped.
NEW QUESTION: 52
Which statement concerning virtual servers is true?
A. Virtual servers can keep idle server connections open indefinitely.
B. Virtual server processing always translates the virtual server address to the address of the
chosen pool member.
C. Virtual servers can reuse connections between the BIG-IP and server for multiple HTTP GETs.
D. Virtual servers cannot perform load balancing without performing address translation.
E. Virtual servers can compress data between the BIG-IP and servers.
NEW QUESTION: 53
An LTM has the 3 virtual servers, four self IP addresses defined and the networks shown in the
exhibit.
Selected options for each object are shown below. Settings not shown are at their defaults.
A connection attempt is made with a source IP and port of 10.20.100.50:2222 and a destination
IP and port of
10.10.2.102:80.
When the request is processed, what will be the destination IP address?
A. The request will be dropped.

B. Destination IP: pool member in the 192.168/16 network
C. Destination IP: 10.10.2.102
D. Destination IP: pool member in the 172.16/16 network
NEW QUESTION: 54
Which of the following is NOT a method that TMOS uses to improve the performance of
applications?
A. Offloading SSL decryption from downstream servers
B. Compressing HTTP data
C. Optimizing the TCP connection between the client and the BIG-IP device
D. Discarding unnecessary data from server responses before sending to the client
E. Caching HTTP data
NEW QUESTION: 55
To make complex access policies easier to manage, an administrator can create a policy
containing several policy actions, and then add instances of it within the policy using the
________. (Fill in)
A. Deployment Wizard
B. Setup Wizard
C. Policy Wizard
D. Visual Wizard
Explanation:
NEW QUESTION: 56
Assume a virtual server is configured with a ClientSSL profile. What would the result be if the
virtual server's destination port were not 443.
A. SSL termination could not be performed if the virtual server's port was not port 443.
B. Virtual servers with a ClientSSL profile are always configured with a destination port of 443.
C. As long as client traffic was directed to the alternate port, the virtual server would work as
intended.
D. Since the virtual server is associated with a ClientSSL profile, it will always process traffic sent
to port 443.
NEW QUESTION: 57
ASM combined with LTM provides protection against:
A. Layer 7 DoSattacks
B. All of the above
C. Layer 4 DoS attacks
D. DDoS attacks
Explanation:
NEW QUESTION: 58
Which of the following is correct regarding static parameters?
A. A static parameter is pre-defined by the web application logic.
B. A static parameter is learned only by using the Deployment Wizard.
C. A static parameter is mapped once when creating the application flow model.
D. A static parameter is stored in a frame cookie.
NEW QUESTION: 59
A new virtual server is being tested to replace http://myapp.mydomain.com. The original virtual
server is still on use. And the new virtual server is on a different ip address. What should be done
to test this new virtual server using the fully quailed domain name for this application?
A. add a DNS record for the fully qualified domain name
B. make an entry in the client host file
C. add the fully qualified domain name to the browser cache
D. make an entry in the web server services file
NEW QUESTION: 60
A. Do you regularly update BIND or some other DNS application to the latest release?
B. Do you over-provision your DNS infrastructure?
C. Do you rely on your network firewall to protect your DNS server?
D. How do you secure your DNS infrastructure against attacks?
NEW QUESTION: 61
A BIG IP Administrator wants to add a new VLAN (VLAN 40) to an LACP trunk (named LACP01)
connected to the BIG-IP device Mufti VLANS exist on LACPO1. Which TMSH command should
the BIG IP Administrator issue to add the new VLAN to the existing LACP trunk?
A. create net vlan VLAN40 {interfaces add {LACP01 {untagged}} tag 40}
B. create net vlan VLAN40 {interfaces replace-all-with {LACP01{tagged}} tag 40}
C. create net vlan VLAN40 (interfaces add (LACP01 {lagged)) tag 40}
D. create net vlan VLAN40 interfaces replace all with {LACP01 {untagged)} tag 40}
NEW QUESTION: 62
LTM runs on________F5's proprietary product platform. (Fill in the correct answer)
Answer:
TMOS
NEW QUESTION: 63
Which protocol data unit (POU) is associated with the OSI model's Network layer
A. Bit
B. Segment
C. Frame
D. Datagram
NEW QUESTION: 64
A Network Administrator needs a new networking device can perform NAT to connect several
devices on a computer network.
What is the most appropriate device for this requirement?
A. Bridges
B. Router
C. Switch
D. Hub
NEW QUESTION: 65
DNSSEC is a GTM add-on licensing feature.
A. True
B. False
NEW QUESTION: 66
Basic F5 IP Geo location provides which four types of client information? (Choose four.)
A. State
B. Continent
C. Postal code
D. City
E. Carrier
F. Country
State - Country - Continent - City
State - Country - Postal code - City
The BIG-IP system uses geo location software to identify the geographic location of a client or
web application user. The default IP geo location database provides IPv4 addresses at the
continent, country, state, ISP, and organization levels, and IPv6 addresses at the continent and
country levels.
The database consists of the following files:
F5GeoIP.dat
F5GeoIPv6.dat
F5GeoIPISP.dat
F5GeoIPOrg.dat
NEW QUESTION: 67
You can use an HTTP class profile to forward traffic that matches which three of these types of
criteria?
(Choose three.)
A. Port
B. Host name
C. URI path
D. User name
E. Protocol
F. HTTP header
NEW QUESTION: 68
An Administrator enables HTTP keep alive.
How does this affect the network?
A. HTTP connections will remain open longer
B. Fewer TCP connections will need to be opened
C. HTTP connections will close when the keep-alive times out
D. More TCP connections will need to be opened
https //en wikipedia org/wiki/HTTPpersistentconnection
NEW QUESTION: 69
Application trends and drivers that increase the need for application security are:
A. All the above
B. Webification
C. Targeted attacks
D. Intelligent Browsers
NEW QUESTION: 70
A. It does not provide an acceptable disaster recovery solution
B. It won't improve latency between the data centers
C. It won't improve the backup time from the primary data center to the backup data center
D. Users near the data centers will find their connections going back and forth between the two
site
E. It costs more to have the data centers close together than further apart
It does not provide an acceptable disaster recovery solution, it is so close
NEW QUESTION: 71
What will likely happen if you were to define a LTM System in the wrong Data Center?
A. There would be no effect if the LTM System is defined in the wrong Data Center.
B. Data from probes from that LTM System might result in inaccurate path metrics and load
balancing decisions.
C. The GTM System would not be able to resolve Wide-IPs to the addresses associated with that
LTM System's Virtual Servers.
D. The GTM System would not be able to communicate with that LTM System.
NEW QUESTION: 72
TCP Express is licensed separately from LTM
A. True
B. False
TCP Express is licensed including in LTM.
NEW QUESTION: 73
GTM uses Auto Discovery to add virtual servers from both LTM and non-BIG-IP load balancers.
A. True
B. False
Explanation:
NEW QUESTION: 74
iQuery is a proprietary protocol that distributes metrics gathered from which three sources?
(Choose three.)
A. DNS root servers
B. path probes such as ICMP
C. monitors from Generic Host Servers
D. SNMP
E. monitors from LTM Systems
NEW QUESTION: 75
Select the best word or phrase to complete the following sentence.
Using the _______ feature in GTM, F5's Application Delivery Firewall solution can handle a
significantly higher number of queries than traditional DNS servers.
A. DNS Express
B. BIND
C. Site availability request
D. Location-based routing
Explanation:
NEW QUESTION: 76
HTTPS/SSL traffic, when compared to an intrusion prevention system (IPS)?
A. An IPS can only look at overall traffic patterns; it doesn't understand what applications are in
the network.
B. An IPS only focus on operating system attacks; it doesn't understand what application are in
the network.
C. An intrusion prevention system (IPS) is based on Packet Filtering.
D. An IPS doesn't have the visibility into HTTPS traffic. it doesn't understand what applications
are in the network.
NEW QUESTION: 77
Which statement is correct concerning differences between BIG-IP ASM platforms?
A. The 3900 and 6800 have the same number of ports.
B. The 3900 and 6800 can support both the module and standalone versions of BIG-IP ASM.
C. The 3900 has more ports than the 6800.
D. The 3900 can support both module and standalone versions of BIG-IP ASM whereas the 6800
can support only the module version of BIG-IP ASM.
NEW QUESTION: 78
Complete the statement below by choosing the correct word or phrase to complete the sentence.
By identifying IP addresses and security categories associated with malicious activity, the BIG-IP
_______ service can incorporate dynamic lists of threatening IP addresses into the BIG-IP
platform, adding context to policy decisions.
A. iApps
B. IP intelligence
C. iRules
D. Edge Client
E. LTM
NEW QUESTION: 79
Assume a client's traffic is being processed only by a NAT; no SNAT or virtual server processing
takes place.
Also assume that the NAT definition specifies a NAT address and an origin address while all
other settings are left at their defaults. If a client were to initiate traffic to the NAT address, what
changes, if any, would take place when the BIG-IP processes such packets?
A. The destination address would not change, but the source address would be translated to the
origin address.
B. The source address would not change, but the destination address would be translated to the
NAT's address.
C. The destination address would not change, but the source address would be translated to the
NAT's address.
D. The source address would not change, but the destination address would be translated to the
origin address.
NEW QUESTION: 80
A. ASM can be deployed easily
B. No changes are needed on the servers
C. Higher performance than other configurations
D. Fail open is easy to add
Explanation:
NEW QUESTION: 81
Which facility logs messages concerning GTM System parameters?
A. local0
B. local1
C. local3
D. local2
NEW QUESTION: 82
After editing and saving changes to the configuration file containing virtual servers, what is the
immediate result?
A. The new configuration is verified and loaded.
B. The new configuration is loaded but not verified.
C. The new configuration is verified not loaded.
D. The new configuration is neither verified nor loaded.
E. The new configuration is verified
F. The new configuration is verified and loaded if is it syntactically correct.
NEW QUESTION: 83
Which three of these scenarios should you identify as being an APM opportunity?
A. An organization that has been recently fined for failing security compliance
B. An organization sharing a public Web site for all Internet users
C. An organization with a traveling sales force
D. An organization that needs to ensure users are using Symantec antivirus software
E. An organization with a single location and no remote employees
F. An organization using Novell Netware for authentication
NEW QUESTION: 84
What is the main business driver for bringing Enterprise Manager into the network infrastructure?
A. Consolidate management of administrator and user accounts
B. Consolidate management of licenses
C. Consolidate management of SSL certificates
D. Consolidate management of BIG-IP devices
E. Consolidate management of access policies
NEW QUESTION: 85
An administrator is performing a capture from a lagged port on an Ethernet SWITCH.
Which OSI layer should be inspected to determine with which VLAN a datagram is associated?
A. Application layer
B. Data-link layer
C. Transport layer
D. Network layer
NEW QUESTION: 86
Which four of these statements regarding object size and WebAccelerator performance are true?
(Choose four.)
A. Large objects such as video cache well
B. Large objects allow fewer requests per second
C. Large objects result in higher throughput
D. Small objects result in higher throughput
E. Small objects such as images cache well
F. Small objects allow more requests per second
Explanation:
NEW QUESTION: 87
Which event is always triggered when the client sends data to a virtual server using TCP?
A. HTTP_REQUEST
B. CLIENT_DATA
C. VS_CONNECTED
D. HTTP_DATA
NEW QUESTION: 88
It is common for free storage space to exist somewhere in a business network that is not easy for
storageadministrators to utilize. What solution can the ARX provide in this situation?
A. The ARX allows the customer to pool storage from anywhere within the enterprise and
capacity balance theoverflow across devices
B. The ARX extends the capacity of each server by 10-15, through intelligent file virtualization
C. The ARX identifies the exact location of the free storage, which allows network administrators
to targetthose locations when provisioning additional storage
D. The ARX uses the extra storage for transaction logs and index files
NEW QUESTION: 89
Which statement describes advanced shell access correctly? Which statement describes
advanced shell access correctly?
A. Users with advance shell access have the same right as those with msh access, but the right
extend to all partition rather than to Users with advance shell access have the same right as
those with msh access, but right extend to all partition rather than to a single partition.
B. All Users can be given advanced shell access. All users can be given advance shell access.
C. Users with advance shell access are limited to changing, adding, or deleting LTM object in any
single partition. Users with? Advance shell accesses are limited to changing, adding, or deleting
LTM object on any single partition.
D. Users with advanced shell access can always change, add, or delete LTM objects in all
partition. Users with? Advanced shell access can always, change, add, or delete LTM objects in
all partitions.
NEW QUESTION: 90
A. False
B. True
NEW QUESTION: 91
ASM combined with LTM provides protection against:
A. Layer 7 DoS attacks
B. All of the above
C. Layer 4 DoS attacks
D. DDoS attacks
NEW QUESTION: 92
Which of the following are the three main business drivers for placing LTM into a network?
A. Secure the connection between WAN sites
B. Authenticate and authorize users
C. Act as a Web application firewall
D. Include application security
E. Boost application performance
F. Improve application availability and scalability
Explanation:
NEW QUESTION: 93
Which must be sent to the license server to generate a new license?
A. the system's dossier
B. the system's host name
C. the system's base license
D. the system's purchase order number
Explanation
NEW QUESTION: 94
Which three files/data items are included in a BIG-IP UCS backup file? (Choose three.)
A. the BIG-IP license
B. the BIG-IP administrative addresses
C. the BIG-IP host name
D. the BIG-IP default traps
E. the BIG-IP log files
NEW QUESTION: 95
When initially configuring the GTM System using the config tool, which two parameters can be
set? (Choose two.)
A. Port lockdown of management port
B. System hostname
C. IP Address of the external VLAN
D. IP Address of management port
E. Default route for management port
NEW QUESTION: 96
How is persistence configured?
A. Persistence is an option within each pool's definition.
B. Persistence is an option for each pool member. When a pool is defined, each member's
definition includes the option for persistence.
C. Persistence is a global setting; once enabled, load balancing choices are superceded by the
persistence method that is specified.
D. Persistence is a profile type; an appropriate profile is created and associated with virtual
server.
NEW QUESTION: 97
criteria?
A. Port
B. HTTP header
C. URI path
D. User name
E. Protocol
F. Host name
Explanation:
NEW QUESTION: 98
An administrator connects two devices using an Ethernet cable. The link fails to come up on
either device, which setting could prevent the link from being established?
A. IP configuration
B. Link speed
C. DNS resolvers
D. Proxy settings
NEW QUESTION: 99
Which two of the following LTM load balancing methods require the least amount of resources?
(Choose two.)
A. Round robin
B. Ratio
C. Least connections
D. Predictive
E. Fastest
F. Observed
NEW QUESTION: 100

A. True
B. False
Explanation:
NEW QUESTION: 101

Which of the following methods of protection is not available within the Protocol Security Manager
for HTTP traffic?
A. Data guard
B. Evasion techniques
C. Attack signatures
D. File type enforcement
NEW QUESTION: 102

When initially configuring the GTM System using the config tool, which two parameters can be
set? (Choose two.)
A. Port lockdown of management port
B. IP Address of management port
C. System hostname
D. Default route for management port
E. IP Address of the external VLAN
NEW QUESTION: 103

The F5 Application Delivery Firewall has the ability to outperform traditional and next
generationfirewalls during DDoS attacks by leveraging the performance and scalability of BIG-IP
to handlextremely highloads, including high throughput, high connection count, and high number
of connections per second.
A. False
B. True
NEW QUESTION: 104

A)
B)
C)
A. Option
B. Option
C. Option
NEW QUESTION: 105

What is the correct procedure to comply with the recommendation?
A. Download the product version image from ihealth f5 com
B. Download the product version image from dovcentral f5.com
C. Download the product version image from support 6 com
D. Download the product version image from downloads f5.com
NEW QUESTION: 106

Which of the following is a benefit of using iRules?
A. They provide an automated way to create LTM objects
B. They provide a secure connection between a client and LTM
C. They enable granular control of traffic
D. They can use Active Directory to authenticate and authorize users
E. They can be used as templates for creating new applications
Answer: C (LEAVE A REPLY)
NEW QUESTION: 107

A BIG-IP has the following objects configured: A SNAT pool with 2 members:
A virtual server at 150.10.30.30:80 that is associated with both the SNAT pool and the load
balancing pool. If a client at IP address 200.10.10.10 initiates a connection to the virtual server,
what will the source IP address be in the packets sent to the chosen pool member?
A. 10.10.1.33
B. 150.10.33.33
C. 10.10.1.10
D. 200.10.10.10
E. 150.10.30.30
F. It could be any of the addresses of the members of the load balancing pool.
NEW QUESTION: 108

Which of the following business benefits does storage tiering offer to customers?
A. Reduces time for backups because data on the secondary tier can have a less time intensive
backup policed applied to it
B. All of the above
C. Enables customers to apply a more aggressive RTO/RPO for business critical Tier-1
unstructured data
D. Reduces money spent on storage since the majority of data can be moved to less expensive
secondary tier storage
Explanation:
NEW QUESTION: 109

Match the five elements of the intelligent file virtualization with the appropriate ARX feature:
Answer:
Explanation
A. Real Time
B. Non-Disruptive
C. Heterogeneous
D. Data Integrity
E. Scale and Performance
NEW QUESTION: 110

A. The source IP address on the client to BIG-IP request packet.
B. The source IP address on the BIG-IP to pool member request packet.
C. The destination IP address on the BIG-IP to pool member request packet.
D. The source IP address on the BIG-IP to client response packet.
E. The destination IP address on the BIG-IPto client response packet.
F. The destination IP address on the pool member to BIG-IP response packet.
Explanation:
NEW QUESTION: 111
Without decrypting, what portion of an HTTPS session is visible with a packet capture?
A. HTTP Request Headers
B. Source IP Address
C. HTTP Response Headers
D. Cookies
NEW QUESTION: 112

An administrator needs to provide access to corporate resources for remote users. The
administrator also needs to verify that the remote use has anti-virus software installed. Which F5
product provides this functionality?
A. ASM
B. APM
C. TGM
D. AFM
NEW QUESTION: 113

Using Fast Cache with ASM will:
A. Improve user experience
B. Improve server performance
C. All of the above
D. Improve BIG-IP ASM performance
NEW QUESTION: 114

LTM runs on________F5's proprietary product platform.
Answer:
TMOS
NEW QUESTION: 115

The administrator must specify APM access control entries as either L4 or L7.
A. False
B. True
NEW QUESTION: 116

Which four of these scenarios will benefit from F5's WAN Optimization Module? (Choose four.)
A. An international organization with data centers in different countries.
B. An organization that does not want to rely on using tape backup.
C. An organization with one site but hundreds of Web servers.
D. An organization whose users create extremely large files.
E. An organization that expects their Web site usage to double in the next year.
F. An organization attempting to lower costs by reducing the number of data centers.
Explanation:
NEW QUESTION: 117

If your customer has a policy requirement that cannot be handled in the Visual Policy Editor, what
would you use to supplement the Visual Policy Editor?
A. iApps
B. TMOS
C. iControl
D. iRules
Explanation:
NEW QUESTION: 118

When installing LTM on different VIPRION performance blades, each instance of LTM needs to
be licensed separately.
A. True
B. False
Explanation:
NEW QUESTION: 119

Match these terms with their description.
Answer:
Explanation
Disaster recovery SLA - Measured by RPOs and RTOs
Recovery point objective - The amount of data that can be lost
Recovery time objective - How fast operations need to return to normal
NEW QUESTION: 120

A. False
B. True
NEW QUESTION: 121

Which two statements are true concerning the default communication between a redundant pair
of BIG-IP systems. (Choose two.)
A. Persistence mirroring data is shared via a TCP connection using port 1028.
B. Connection mirroring data is shared via a TCP connection using port 1028.
C. Synchronization occurs via a TCP connection using ports 683 and 684.
D. Connection mirroring data is shared through the serial fail-over cable unless network fail-over
is enabled.
NEW QUESTION: 122

A. The cookie's timeout value can be customized.
B. They are F5'spreferred persistence method.
C. No persistence information is placed on LTM.
D. Web servers must be configured to send cookies to clients.
E. They do not add a performance impact on LTM.
Explanation:
NEW QUESTION: 123

Which statement is true regarding fail-over?
A. By default, hardware fail-over detects voltage across the fail-over cable and monitors traffic
across the internal VLAN.
B. Hardware fail-over is disabled by default.
C. If the hardware fail-over cable is disconnected, both BIG-IP devices will always assume the
active role.
D. Hardware fail-over can be used in conjunction with network failover.
NEW QUESTION: 124

Assuming there are open connections through an active system's NAT and a failover occurs, by
default, what happens to those connections?
A. Long-lived connections such as Telnet and FTP will be maintained while short-lived
connections such as HTTP will be lost.
B. All open connections will be maintained.
C. All open connections will be lost.
D. All open connections are lost, but new connections are initiated by the newly active BIG-IP,
E. The "Mirror" option must be chosen on the NAT and the setting synchronized prior to the
NEW QUESTION: 125

Refer ex
A. There is no SFP plugged into the port.

NEW QUESTION: 126

On a BIG-IP ASM 3600, in standalone mode, which of the following pool configurations is valid?
A. Pool named vs_pool with 2 pool members, cookie persistence, and ratio load balancing
method
B. Pool named vs_pool with 1 pool member, cookie persistence, and ratio load balancing method
C. Pool named vs_pool with 1 pool member, no persistence, and no load balancing method
D. Pool named vs_pool with 3 pool members, source IP persistence, and least connections load
balancing method
NEW QUESTION: 127

Using WOM for vMotion transfers across the WAN prevents VMware users from experiencing
interruptions.
A. False
B. True
NEW QUESTION: 128

DRAG DROP
Select and Place:
Answer:
NEW QUESTION: 129
Assuming there are open connections through an active system's NAT and a failover occurs, by
default, what happens to those connections.
A. All open connections will be lost.
B. All open connections are lost, but new connections are initiated by the newly active BIG-IP,
C. The "Mirror" option must be chosen on the NAT and the setting synchronized prior to the
D. Longlived connections such as Telnet and FTP will be maintained while shortlived connections
such as HTTP will be lost.
E. All open connections will be maintained.
NEW QUESTION: 130

Click the Exhibit Button an LTM has the 3 virtual servers, a SNAT defined, four self IP addresses
defined and the networks shown in the exhibit. Selected options for each object are shown below.
Settings not shown are at their defaults.
VirtualServer 1
Destination: 10.10.1.102:80 netmask 255.255.255.255
Pool: Pool with 3 members in the 172.16/16 network
SNAT Automap enabled
VirtualServer2
Destination: 10.10.1.102:* netmask 255.255.255.255
Pool: Pool with 3 members in the 192.168/16 network
VirtualServer 3
Destination: 10.10.2.0:80 netmask 255.255.255.0
Type: IP Forwarding
SNATI Source IP: All Addresses
SNAT Address: SNAT Pool with 2 members 172.16.20.50 and 192.168.10.50
Self IPs 192.168.1.1;
172.16.1.1; 10.10.2.1; 10.10.1.1
A connection attempt is made with a source IP and port of 10.20.100.50:80 and a destination IP
and port of 10.10.2.10:80. When the request is processed, what will be the source and destination
IP addresses?
A. The request will be dropped.

B. Source IP: 10.10.2.1; Destination IP: 10.10.2.10
C. Source IP: 10.20.100.50; Destination IP: 10.10.2.10
D. Source IP: Either 172.16.20.50 or 192.168.10.50; Destination IP: 10.10.2010
NEW QUESTION: 131

Which statement is true regarding failover?
A. If the hardware failover cable is disconnected, both BIG-IP devices will always assume the
active role.
B. By default, hardware failover detects voltage across the failover cable and monitors traffic
across the internal VLAN.
C. Hardware failover can be used in conjunction with network failover.
D. Hardware failover is disabled by default.
Answer: C (LEAVE A REPLY)
NEW QUESTION: 132

A site is load balancing to a pool of web servers. Which statement is true concerning BIG-IP's
ability to verify whether the web servers are functioning properly or not.
A. Web server monitors can test the content of static web pages, but cannot test pages that
would require the web server to dynamically build content.
B. Web server monitors can test whether the server's address is reachable, but cannot test a
page's content.
C. Web server monitors always verify the contents of the index.html page.
D. Web server monitors can test the content of any page on the server.
NEW QUESTION: 133

CORRECT TEXT
Place the following items in the order that the BIG-IP device uses when processing a packet.
Answer:
NEW QUESTION: 134

DNSSEC is a GTM add-on licensing feature.
A. True
B. False
Explanation:
NEW QUESTION: 135

What are the two most common methods of placing a BIG-IP device into a network environment?
A. VLAN configuration
B. Asymmetric configuration
C. SNATconfiguration
D. Routed configuration
E. NAT configuration
F. Channeled configuration
Explanation:
NEW QUESTION: 136

Which two protocol are used for the retrieval of email? (Choose two)
A. IMAP
B. POP3
C. ICAP
D. SMTP
E. SNMP
NEW QUESTION: 137

An administrator needs to do the following
* install a load balancer in front of an existing application
* test application performance
* avoid reconfiguration of the application server
* avoid interruption of users accessing the application
A. configure Port Address Translation
B. modify the DNS Server A-record for the application
C. modify the test client's local host file
D. configure IP Anycasting
NEW QUESTION: 138

The APM Dashboard enables administrators to monitor which two of these metrics?
A. Number of active sessions
B. Number of new sessions
C. Number of denied users
D. Number of users from each country
Explanation:
NEW QUESTION: 139

APM provides access control lists at which two 051 layers
A. Layer 6
B. Layer 5
C. Layer 7
D. Layer 4
E. Layer 3
F. Layer 2
NEW QUESTION: 140

A. False
B. True
NEW QUESTION: 141

BIG-IP ASM is requesting automatic signature updates from the F5 update service Who is
considered the server in this communication?
A. web application
B. F5 update Service
C. BIG-IP
D. User A
NEW QUESTION: 142

A new VLAN segment has been added to the network. Only the existing connected interface may
be used. What should the BIG-IP Administrator do to allow traffic to both the existing and the new
VLAN?
A. configure VLAN to use interface with Multiple Spanning Tree Protocol (MSTP)
B. configure a tagged VLAN
C. configure VLAN with Link Aggregation Control Protocols (LACP)
D. configure an untagged VLAN
NEW QUESTION: 143

What is an advantage of a packet forwarding architecture?
A. handles larger packet sizes
B. allows for manipulation of HTTP headers
C. allows for SSL offload
D. reduces latency
NEW QUESTION: 144

What is the purpose of the GTM Systems Address Exclusion List concerning local DNS servers?
A. to prevent probing of specific local DNSs
B. to prevent name resolution to specific Virtual Servers
C. to prevent probing of any local DNS servers by specific F5 devices
D. to prevent name resolution for requests from specific local DNSs
NEW QUESTION: 145

Which two of the following statements about how TMOS typically manages traffic between a client
and server are accurate? (Choose two.)
A. It changes the destination address before forwarding a request to the server.
B. It changes the destination address before sending a response to the client.
C. It changes the source address before sending a response to the client.
D. It changes the source address before forwarding a request to the server.
Explanation:
NEW QUESTION: 146

criteria?
A. User name
B. Host name
C. URI path
D. HTTP header
E. Protocol
F. Port
NEW QUESTION: 147

GTM solves which three of these standard DNS limitations? (Choose three.)
A. It can verify that a host is available before resolving a host name for a client.
B. It can use HTTPS for the connection between itself and the client.
C. It can ensure that clients remain at the same data center for stateful applications.
D. It can verify that a client does not have any viruses before sending the IP address.
E. It has more complex load balancing methods.
GTM solves three of these standard DNS limitations.
It can verify that a host is available before resolving a hostname for a client It can ensure that
clients remain at the same data center for stateful applications It has more complex load
balancing methods.
NEW QUESTION: 148

You need to terminate client SSL traffic at the BIG-IP and also to persist client traffic to the same
pool member based on a BIG-IP supplied cookie. Which four are profiles that would normally be
included in the virtual server's definition. (Choose four.)
A. CookieBased Persistence
B. ClientSSL
C. TCP
D. HTTPS
E. HTTP
F. ServerSSL
NEW QUESTION: 149

What is a characteristic of iQuery?
A. It uses SSH.
B. It uses HTTPS.
C. It uses SCP.
D. It uses SSL.
NEW QUESTION: 150

A. Modular Functionality
B. iApps
C. TMOS
D. DevCentral
NEW QUESTION: 151

Learning suggestions in the Policy Building pages allow for which of the following? (Choose 2)
A. Blocking response pages can be automatically generated from web site content.
B. The administrator may modify whether the BIG-IP ASM System will learn, alarm, or block
detected violations.
C. Flow level parameters are displayed when found and can be accepted into the current policy.
D. Maximum acceptable values for length violations are calculated and can be accepted into the
security policy by the administrator.
E. XML-based parameters and associated schema are automatically learned.
NEW QUESTION: 152

An LTM has the 3 virtual servers, a SNAT, four self IP addresses defined and the networks
shown in the exhibit. Selected options for each object are shown below. Settings not shown are at
their defaults.
A connection attempt is made with a source IP and port of 10.20.100.50:2222 and a destination
IP and port of 10.10.2.102:80.
When the request is processed, what will be the destination IP address?
A. Destination IP: 10.10.2.10

B. Destination IP: pool member in the 192.168/16 network.
C. The request will be dropped.
D. Destination IP: pool member in the 172.16/16 network
NEW QUESTION: 153

Which is NOT an ASM protectionmethod for cross site scripting?
A. Token injection
B. Parameter character set limiting
C. Signatures
D. URl chacactsr set limiting
NEW QUESTION: 154
Which two of the following factors are often responsible for poor Web application performance?
(Choose two.)
A. The time it takes to generate the HTTP response.
B. The time it takes to deliver the HTTP response over the network.
C. The time it takes to display the HTTP response in the browser.
D. The time it takes to generate an HTTP request.
NEW QUESTION: 155

In the next few years, 75% of new storage capacity will shift to unstructured data (also known as
file data).
Which two of the following are examples of unstructured data?
A. CAD drawings
B. Location data in a GIS (geographic information system)
C. Customer records and product records in a CRM (customer relationship management)
database
D. Microsoft Office and PDF documents
Explanation:
NEW QUESTION: 156

An administrator needs to rapidly deter e newly discovered security threat to a remote desktop
application.
Which F5 feature provides this functionality?
A. SPDY
B. iRules
C. SSL profiles
D. Proxy SSL
NEW QUESTION: 157

Very low administrative impact:
A. All of the above
B. The attacks are always encrypted
C. The attacks always utilize obfuscation
D. The attacks are requests a user should be allowed to make
NEW QUESTION: 158
Which HTTP response code ranges indicate an error condition? (Choose two.)
A. 3xx
B. 4xx
C. 5xx
D. 2xx
E. 1xx
NEW QUESTION: 159

Which of the following are correct regarding Wildcard entities? (Choose two.)
A. Wildcard entities are the basis for positive security logic.
B. Wildcard entities are the basis for negative security logic.
C. Wildcard entities require the need to learn only from violations.
D. Wildcard entities can be applied to file types, URLs, cookies and parameters.
NEW QUESTION: 160

A. set a policy that the file type remains on primary storage
B. This is not possible on the ARX
C. Instruct the end users to put the file in a non-tiered directory
D. set up an automated bot that accesses that file once a week
NEW QUESTION: 161

Which of the following are four of the benefits of the TMOS architecture?
A. Web application security
B. Dynamic DDoS protection
C. User authentication
D. Antivirus checking
E. Server-side optimization
F. Client-side optimization
NEW QUESTION: 162

Using WOM for vMotion transfers across the WAN prevents VMware users from experiencing
interruptions.
A. True
B. False
NEW QUESTION: 163
Monitors can be assigned to which three resources? (Choose three.)
A. Servers
B. Data Centers
C. Pools
D. Wide IPs
E. Pool Members
NEW QUESTION: 164

DRAG DROP
Select and Place:
Answer:
NEW QUESTION: 165
ASM can detect Layer 7 DoS attacks by which four ways of monitoring:
A. Monitoring for a threshold of increased number of transactions per second per URL
B. Monitoring for a % change in transactions per second per URL
C. Monitoring for a % change in server latency or TPS
D. Monitoring for a threshold of increased server latency or TPS
E. Monitoring ASM policy builder performance
F. Monitoring BIG-IP CPU utilization
G. Deep Packet inspection
Explanation:
NEW QUESTION: 166

When an administrator creates a new access policy in the Visual Policy Editor, which three
options are included by default? (Choose three.)
A. An empty Resource Assign item
B. An Allow Ad box
C. A Start box
D. A fallback option
E. A Deny End box
F. A Block All option
NEW QUESTION: 167

Which three files/data items are included in a BIG-IP UCS backup file? (Choose three.)
A. the BIG-IP host name
B. the BIG-IP default traps
C. the BIG-IP administrative addresses
D. the BIG-IP license
E. the BIG-IP log files
Answer: A,C,D (LEAVE A REPLY)
NEW QUESTION: 168

When choosing Fundamental as the Policy Builder security policy type, BIG-IP ASM will learn and
enforce the following components? (Choose 2)
A. URLs and meta characters
B. Attack signatures
C. HTTP protocol compliance
D. Global parameters
NEW QUESTION: 169

Match each persistence method with the correct statement describing it:
A. Cookie persistence
B. Source address persistence
C. SSL persistence
D. Universal persistence
Explanation:
NEW QUESTION: 170

A. Pool
B. Self-IP
C. Node
D. Pool member
E. Virtual Server
Explanation:
NEW QUESTION: 171

How does file caching affect the web application?
A. It slows traffic to the web application
B. It reduces the load on the web application
C. It increases the load on the web application
D. It speeds up traffic to the web application
NEW QUESTION: 172

To function properly, an Enterprise Manager device is required within each data center.
A. True
B. False
Explanation
NEW QUESTION: 173

An administrator needs to protect a web application from cross-site scripting (CSS) exploits.
Which F5 protocol provide this functionality
A. ASM
B. APM
C. AFM
D. GTM
https //devcentral f5.com/articIes/the-big-ip-application-security-managef-part-1-what-is-the-asm
NEW QUESTION: 174

Which file contains the list of events for which the GTM System will send traps to an SNMP
manager?
A. /etc/alertd/alert.conf
B. /etc/syslog-ng.conf
C. /etc/gtm_snmptrap.conf
D. /etc/snmpd.conf
NEW QUESTION: 175

How do you support non-intelligent DNS resolution in an environment with GTM Systems and
standard DNS servers? (Choose two.)
A. The GTM System may have a Listener set for your DNS server's address. LIE The GTM
System may have a Listener set for the GTM's loopback address.
B. The GTM System must be a secondary server in all of your zones.
C. Your GTM System must delegate some DNS names to the DNS Servers.
D. Your DNS servers may delegate some DNS names to the GTM Systems.
NEW QUESTION: 176

A BIG-IP administrator is interested in using some of the vCMP
What should impact the administrator's decision?
A. vCMP is available on all F5 hardware platforms.
B. vCMP is hardware independent
C. vCMP is only available on certain F5 platforms
D. vCMP is only available on the virtual edition
NEW QUESTION: 177

The ARX saves customers time, money and frustration through a stub-based system that makes
a slight modification to each file in order to more efficiently sort and store end user data.
A. False
B. True
NEW QUESTION: 178
Which three parameters can be specified within the Setup Utility? (Choose three.)
A. all necessary administrative IP addresses (including floating addresses)
B. IP address of an initial WideIP
C. password of the "root" user
D. IP address of an NTP server
E. IP address restrictions for ssh access
NEW QUESTION: 179

When using a redundant pair of LTMs, it is most advantageous to use them in an Active/Active
scenario because this provides additional load balancing capabilities.
A. True
B. False
Explanation:
NEW QUESTION: 180

A. wwmysite.com. IN DEL wiwGTM.mysite.com.
B. 15.33.addr-in.arpa.com IN PRT .wiw.mysite.com.
C. vww.mysite.com. IN A 132.26.33.15
D. iw.mysite.com. IN CNAME wwip.mysite.com.
NEW QUESTION: 181

Which of the following storage type combinations are configurable in an ASM logging profile?
A. Remote and Syslog
B. Local and Remote
C. Local and Syslog
D. Remote and Reporting Server
NEW QUESTION: 182

Which of the following user roles have access to make changes to security policies? (Choose 2)
A. Web Application Security Editor
B. Administrator
C. Guest
D. Operator
Answer: A,B (LEAVE A REPLY)
NEW QUESTION: 183

What is a common use of an iRule?
A. to create a reuseable application delivery template
B. to create an accelerated session between two BIG-IP devices
C. to integrate a BIG IP into an enterprise orchestration tool
D. to modify application traffic between the client and server
NEW QUESTION: 184

Which are immediate results of entering the following command: b pool PoolA . { lb method
predictive member 10.10.1 .1:80 member 10.10.1.2:80 }
Answer:
NEW QUESTION: 185

A website is using source address persistence with a 30 second timeout A client is idle for 35
seconds What happens to their connection?
A. The client receives a "404 Page Not Found'" error
B. The client connection is dropped
C. The client remains on the same server
D. The Client request is load balanced
http://support.f5.com/kb/en-us/products/big ip_Itm/manuals/product/Itm-concepts-1-1-2-
1/Itm_persist_files.html
NEW QUESTION: 186

Which two of the following are costs businesses may face in dealing with unstructured data?
(Choose two.)
A. Buying backup media
B. Lost productivity due to server downtime
C. Buying additional storage capacity
D. Paying to convert unstructured data into structured data
NEW QUESTION: 187

HTTPS/SSL traffic,when compared to an intrusion prevention system (IPS)?
A. An IPS can only look at overall traffic patterns; it doesn't understand what applications are in
the network
B. An IPS only focus op operating system attacks; it doesn't understand what application are in
the network
C. An intrusion prevention system (IPS) is base on Packet Filtering
D. An IPS doesn't have the visibility into HTTPS traffic. it doesn't understand what applications
are in thenetwork.
NEW QUESTION: 188

Given the configuration shown below, if a connection request arrived on the BIG-IP with a source
address of 200.10.10.10:1050 and a
destination of 150.10.10.75:80, what would the source IP address of the associated packet be
when it arrived on the choosen member of the web_pool self
150.10.10.1 { netmask 255.255.255.0 unit I floating enable vlan external allow tcp https } self
10.10.1.1 { netmask 255.255.255.0 unit I floating enable vlan internal allow default } pool
web_pool { member
10.10.1.11:80 member
10.10.1.12:80 member
10.10.1.13:80 }snatpool client_pool { member
10.10.1.100 member
150.10.10.15 }virtual VS_web { destination 150.10.10.10:80 ip protocol tcp snat automap pool
web_pool }virtual VS_network{ destination 150.10.1 0.0:any mask
255.255.255.0 snatpool client_pool ip protocol tcp pool web_pool } virtual VS_network
{ destination 150.10.1 0.0:any mask 255.255.255.0 snatpool client_pool ip protocol tcp pool
web_pool } virtual VS_network { destination
150.10.10.0:any mask
255.255.255.0 snatpool client_pool ip protocol tcp pool web_pool }
A. 10.10.1.I10.10.1.1
B. 200.10.10.I0D.200.10.10.10
C. 150.10.10.15C.150.10.10.15
D. 10.10.1.I00B.10.10.1.100
NEW QUESTION: 189

Which is the result when multiple monitors are assigned to a pool member?
A. The member is marked available if all monitors succeed, and as marginal if one or more
monitors fail(s).
B. The member is marked as available if any of the monitors succeed.
C. The member is marked available if sufficient monitors succeed, and as unavailable if
insufficient monitors succeed.
D. The member is marked as unavailable if any of the monitors fails.
NEW QUESTION: 190

A. Layer 3
B. Layer 2
C. Layer 7
D. Layer 6
E. Layer 5
F. Layer 4
NEW QUESTION: 191

An organization needs to protect its data center from layer three-based and layer four-based
exploits. Which F5 product provides this functionality
A. AFM
B. ASM
C. GTM
D. APM
https://www.f5.com/producrs/security/advanced-firewall-manager
NEW QUESTION: 192

The F5 Application Delivery Firewall has the ability to outperform traditional and next generation
firewalls during DDoS attacks by leveraging the performance and scalability of BIG-IP to hand
extremely high loads, including high throughput, high connection count, and high number of
connections per second.
A. True
B. False
Explanation:
NEW QUESTION: 193

Drag and Drop Question
Answer:
NEW QUESTION: 194
The Protected Workspace client-side action provides more client-side security than the Cacheand
Session Control action.
A. True
B. False
NEW QUESTION: 195
TMOS is an F5 software module that runs on the BIG-IP platform.
A. True
B. False
NEW QUESTION: 196

Learning suggestions can be the result of:
A. A false positive
B. A malicious attack
C. A change in the web site content
D. All the above
NEW QUESTION: 197

An administrator needs to selectively compress HTTP traffic based on geographical location
Which FS Feature should the administrator use?
A. SPDY profile
B. iSessions
C. One Connect
D. iRules
NEW QUESTION: 198

When a pool is created and saved to file, where is the default file and location for the pool
configuration?
When a pool is created and saved to file, where is the default file and location for the pool
configuration?
A. /config/BigDB.dat
B. /etc/BIG-IP_base.conf
C. /config/BIG-IP_base.conf
D. lconfig/BIG-IP.conf
NEW QUESTION: 199

Which of the following methods of protection is not available within the Protocol Security Manager
for HTTP traffic?
A. Data guard
B. Attack signatures
C. Evasion techniques
D. File type enforcement
NEW QUESTION: 200

A. Segment
B. Bit
https//en.wikipedia.org/wiki/Protocol data unit
C. Datagram
D. Frame
NEW QUESTION: 201

Select the key reasons F5 is able to handle DNS DDoS attacks so effectively? Select two.
A. F5 can ensure a DNS DDoS attack is not successful.
B. F5 has high performance DNS services.
C. F5 can answer the DNS queries directly.
D. With Global Traffic Manager (GTM), F5 completely stops all DNS DDoS attacks.
E. F5 can ensure a customer never faces a DNS DDoS attack.
NEW QUESTION: 202

In which FTP mode is the serve, responsible for initiating the data correction back to the client?
A. Protected FTP
B. Active FTP
C. Secure FTP
D. Passive FTP
https://support.f5 com/csp/article/K08859735
NEW QUESTION: 203

CORRECT TEXT
A_______object maps a FQDN to virtual servers. (Fill in)
Answer:
Wide IP
NEW QUESTION: 204

A. The cookie's timeout value can be customized
B. No persistence information is placed on LTM
C. Web servers must be configured to send cookies to clients
D. They do not add a performance impact on LTM
E. They are F5's preferred persistence method
NEW QUESTION: 205

Which aspect of F5's Intelligent Services Platform helps you extend your security conversation to
include F5professionals and customers?
A. TMOS
B. DevCentral
C. Modular Functionality
D. iApps

Show Answer

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Show Answer

Uploaded by

Copyright:

Available Formats

F5.101.v2022-03-02.

Exam Code: 101

A request arriving for WWW.F5.COM will be matched by which class(es)?

A. The request will be dropped.

NEW QUESTION: 100

NEW QUESTION: 101

NEW QUESTION: 102

NEW QUESTION: 103

NEW QUESTION: 104

NEW QUESTION: 105

NEW QUESTION: 106

NEW QUESTION: 107

NEW QUESTION: 108

NEW QUESTION: 109

NEW QUESTION: 110

NEW QUESTION: 112

NEW QUESTION: 113

NEW QUESTION: 114

NEW QUESTION: 115

NEW QUESTION: 116

NEW QUESTION: 117

NEW QUESTION: 118

NEW QUESTION: 119

NEW QUESTION: 120

NEW QUESTION: 121

NEW QUESTION: 122

NEW QUESTION: 123

NEW QUESTION: 124

NEW QUESTION: 125

A. There is no SFP plugged into the port.

NEW QUESTION: 126

NEW QUESTION: 127

NEW QUESTION: 128

NEW QUESTION: 130

A. The request will be dropped.

NEW QUESTION: 131

NEW QUESTION: 132

NEW QUESTION: 133

NEW QUESTION: 134

NEW QUESTION: 135

NEW QUESTION: 136

NEW QUESTION: 137

NEW QUESTION: 138

NEW QUESTION: 139

NEW QUESTION: 140

NEW QUESTION: 141

NEW QUESTION: 142

NEW QUESTION: 143

NEW QUESTION: 144

NEW QUESTION: 145

NEW QUESTION: 146

NEW QUESTION: 147

NEW QUESTION: 148

NEW QUESTION: 149

NEW QUESTION: 150

NEW QUESTION: 151

NEW QUESTION: 152

A. Destination IP: 10.10.2.10

NEW QUESTION: 153

NEW QUESTION: 155

NEW QUESTION: 156

NEW QUESTION: 157

NEW QUESTION: 159