Professional Documents
Culture Documents
q205
NEW QUESTION: 1
The SNMP monitor can collect data based on which three metrics? (Choose three.)
A. packet rate
B. memory utilization
C. content verification
D. current connections
E. hops along the network path
Answer: (SHOW ANSWER)
Explanation
NEW QUESTION: 2
A BIG-IP Administrator needs to create a route to send traffic destined to 10.1.1 1 to another
router with an address of 192 168 1 1 Which TMSH command should the administrator use?
A. create/net route 10. 11. 1/32 gw 192 168. 1. 1
B. add met route 192. 168. 1. 1/32 gw 10. 1. 1. 1
C. create met route 192 168. 1. 1/32 gw 10. 11. 1
D. add inet route 10.11.1/32 gw 192. 168.1.1
Answer: (SHOW ANSWER)
NEW QUESTION: 3
An age-based policy is set up on the ARX that retains only data modified in the last 3 months on
tier 1 storage and moves the rest of the data to secondary storage. What happens when the end
user tries to access data that has not been touched in 6 months?
A. The end user is unaware that the data has been moved to secondary tier storage and is able
to access the data without difficulty.
B. The networking mapping window appears, allowing the end user to re-establish direct access
to the data even though it has been moved to secondary storage.
C. An error message appears saying "File is no longer unavailable."
D. A message appears explaining that the file has been archived, and a link to the new secondary
storage tier location is provided.
Answer: (SHOW ANSWER)
Explanation/Reference:
NEW QUESTION: 4
When is a Virtual Server hosted by an LTM System defined with two IP addresses?
A. Two addresses are used to define the Virtual Server when it is managed by redundant LTM
Systems.
B. Two addresses are used to define Virtual Servers when the LTM System hosting it is behind a
firewall that is translating the Virtual Server address.
C. Two addresses are used to define some Virtual Servers so that the GTM System can choose
the better address when resolving the name.
D. Two addresses are used to define a Virtual Server when the Wide-IP should resolve to a
different address depending on which LTM System is active.
Answer: (SHOW ANSWER)
NEW QUESTION: 5
An administrator needs to load balance connections to the application server with the lowest
number of Which load balancing method meets these requirements?
A. Least Sessions
B. Ratio Least Connections (member)
C. Least Connections (member)
D. Least Connections (node)
Answer: (SHOW ANSWER)
https:/support f5 com/csp/article/K9573
NEW QUESTION: 6
What percentage of storage in a typical environment is actively used and modified?
A. 25%
B. 10%
C. 90%
D. 5%
E. 50%
Answer: B (LEAVE A REPLY)
NEW QUESTION: 7
A site wishes to perform source address translation on packets from some clients but not others.
The determination is not based on the client's IP address, but on the virtual servers their packets
arrive on. What could best accomplish this goal.
A. The decision to perform source address translation is always based on
VLAN. Thus, the goal cannot be achieved.
B. A SNAT for all addresses could be defined, and then disable the SNAT processing for select
VLANs.
C. Some virtual servers could be associated with SNAT pools and others not associated with
SNAT pools.
D. The decision to perform source address translation is always based on a client's address (or
network). Thus, this goal cannot be achieved.
Answer: (SHOW ANSWER)
NEW QUESTION: 8
What are the two most common methods of placing a BIG-IP device into a network environment?
A. Channeled configuration
B. VLAN configuration
C. NAT configuration
D. SNAT configuration
E. Asymmetric configuration
F. Routed configuration
Answer: (SHOW ANSWER)
Explanation/Reference:
Explanation:
NEW QUESTION: 9
Tightening is a feature of which type of entity?
A. Flow login URLs
B. Wildcard parameters
C. Attack signatures
D. Explicit URLs
Answer: (SHOW ANSWER)
NEW QUESTION: 10
Assuming there are open connections through an active system's NAT and a fail-over occurs, by
default, what happens to those connections.
A. The "Mirror" option must be chosen on the NAT and the setting synchronized prior to the
connection establishment.
B. All open connections will be lost.
C. All open connections are lost, but new connections are initiated by the newly active BIG-IP,
resulting in minimal client downtime.
D. All open connections will be maintained.
E. Long-lived connections such as Telnet and FTP will be maintained while short-lived
connections such as HTTP will be lost.
Answer: (SHOW ANSWER)
NEW QUESTION: 11
To make complex access policies easier to manage, an administrator can create a policy
containing several policy actions, and then add instances of it within the policy using the
________. (Fill in)
A. Deployment Wizard
B. Setup Wizard
C. Policy Wizard
D. Visual Wizard
Answer: (SHOW ANSWER)
Explanation/Reference:
NEW QUESTION: 12
How is persistence configured.
A. Persistence is a profile type; an appropriate profile is created and associated with virtual
server.
B. Persistence is an option for each pool member. When a pool is defined, each member's
definition includes the option for persistence.
C. Persistence is an option within each pool's definition.
D. Persistence is a global setting; once enabled, load-balancing choices are superceded by the
persistence method that is specified.
Answer: (SHOW ANSWER)
NEW QUESTION: 13
Although APM can interoperate with LTM, it is unable to use iRules for advanced processing.
A. false
B. True
Answer: (SHOW ANSWER)
NEW QUESTION: 14
A site needs to terminate client HTTPS traffic at the BIG-IP and forward that traffic unencrypted.
Which two are profile types that must be associated with such a virtual server? (Choose two.)
A. TCP
B. HTTP
C. HTTPS
D. ClientSSL
E. ServerSSL
Answer: D,E (LEAVE A REPLY)
Explanation/Reference:
https://support.f5.com/csp/article/K12015
NEW QUESTION: 15
Why is BIG-IP ASM ideally suited to protect against layer 7 attacks, including HTTP and
HTTPS/SSL traffic, when compared to an intrusion prevention system (IPS)?
A. An intrusion prevention system (IPS) is based on Packet Filtering.
B. An IPS doesn't have the visibility into HTTPS traffic. it doesn't understand what applications
are in the network.
C. An IPS only focus on operating system attacks; it doesn't understand what application are in
the network.
D. An IPS can only look at overall traffic patterns; it doesn't understand what applications are in
the network.
Answer: (SHOW ANSWER)
Explanation/Reference:
NEW QUESTION: 16
Assume a virtual server is configured with a ClientSSL profile. What would the result be if the
virtual server's destination port were not 443.
A. Virtual servers with a ClientSSL profile are always configured with a destination port of 443.
B. SSL termination could not be performed if the virtual server's port was not port 443.
C. As long as client traffic was directed to the alternate
port, the virtual server would work as intended.
D. Since the virtual server is associated with a ClientSSL profile, it will always process traffic sent
to port 443.
Answer: (SHOW ANSWER)
Valid 101 Dumps shared by Fast2test.com for Helping Passing 101 Exam! Fast2test.com now
offer the newest 101 exam dumps, the Fast2test.com 101 exam questions have been
updated and answers have been corrected get the newest Fast2test.com 101 dumps with
Test Engine here: https://www.fast2test.com/101-premium-file.html (240 Q&As Dumps,
30%OFF Special Discount: freecram)
NEW QUESTION: 17
Which three of the following are benefits of adding WebAccelerator to the network infrastructure?
A. It adds a layer, security to a Web site
B. It speeds up a secure Web site
C. It reduces the need to purchase additional bandwidth
D. It analyzes Web content, and caches and compresses it accordingly
E. It improves the performance, large object file transfers
Answer: (SHOW ANSWER)
Explanation/Reference:
Explanation:
NEW QUESTION: 18
A BIG-IP has two load balancing virtual servers at 150.150.10.10:80 and 150.150.10.10:443. The
port 80 virtual server has SNAT automap configured. There is also a SNAT configured at
150.150.10.11 set for a source address range of 200.200.1.0 / 255.255.255.0. All other settings
are at their default states.
If a client with the IP address 200.200.1.1 sends a request to https://150.150.10.10, what is the
source IP address when the associated packet is sent to the pool member?
A. 200.200.1.1
B. 150.150.10.11
C. Floating self IP address on VLAN where the packet leaves the system
D. Floating self IP address on VLAN where the packet arrives on the system
Answer: (SHOW ANSWER)
NEW QUESTION: 19
With standard DNS, assuming no DNS request failures, which process describes the normal
resolution process on a "first time" DNS request?
A. Client requests address from LDNS, Authoritative DNS receives request from root server, root
server returns LDNS address, LDNS returns client address, Authoritative DNS returns requested
IP address, LDNS returns requested IP address to client.
B. Client requests address from LDNS, LDNS requests from GTM, GTM requests from
Authoritative DNS, Authoritative DNS returns requested IP address, LDNS returns requested IP
address to client.
C. Client requests address from root server, root server returns IP address to Authoritative DNS,
Authoritative DNS returns requested IP address, LDNS returns requested IP address to client.
D. Client requests address from LDNS, LDNS requests from root server, root server returns
Authoritative DNS address, LDNS requests from Authoritative DNS, Authoritative DNS returns
requested IP address, LDNS returns requested IP address to client.
Answer: (SHOW ANSWER)
NEW QUESTION: 20
A. Provisioning allows the administrator to activate modules
in nonElstandard combinations.
B. Provisioning allows modules that are licensed be granted appropriate resource levels.
C. Provisioning allows the administrator to see what modules are licensed, but no user action is
ever required.
D. Provisioning allows modules that are not licensed to be fully tested.
Answer: (SHOW ANSWER)
NEW QUESTION: 21
GTM solves which three of these standard DNS limitations?
A. It can verify that a host is available before resolving a host name for a client
B. It can use HTTPS for the connection between itself and the client
C. It can ensure that clients remain at the same data center for stateful applications
D. It can verify that a client does not have any viruses before sending the IP address
E. It has more complex load balancing methods
Answer: A,C,E (LEAVE A REPLY)
Explanation/Reference: GTM solves three of these standard DNS limitations It can verify that a
host is available before resolving a host name for a client It can ensure that clients remain at the
same data center for stateful applications It has more complex load balancing methods
NEW QUESTION: 22
Which Datalink sublayer has the primary funcl.cn of proving node lo node flow and error control?
A. MAC
B. ARP
C. LLC
D. UDP
hltps://en wikipedia org/wiki/Logical_link_control
Answer: (SHOW ANSWER)
NEW QUESTION: 23
What is the primary benefit of associating Servers with Data Centers?
A. The primary benefit is in combining probing metrics. Load balancing decisions can be made
more intelligently.
B. The primary benefit is in load balancing. Clients will not be directed to Data Centers that are
separated from them by great distances.
C. The primary benefit is administrative. It is easier to remember to add servers when they are
categorized by a physical location.
D. The primary benefit is in assigning a single IP address to identify a Data Center.
Answer: (SHOW ANSWER)
NEW QUESTION: 24
A virtual server is listening at 10.10.1.100:any and has the following iRule associated with it:
If a user connects to 10.10.1.100 and port 22, which pool will receive the request?
A. ftp pool
B. telnet pool
C. None. The request will be dropped.
D. Unknown. The pool cannot be determined from the information provided.
Answer: (SHOW ANSWER)
Explanation/Reference:
NEW QUESTION: 25
What is the purpose of the GTM Systems Address Exclusion List concerning local DNS servers?
A. to prevent probing of specific local DNSs
B. to prevent name resolution for requests from specific local DNSs
C. to prevent probing of any local DNS servers by specific F5 devices
D. to prevent name resolution to specific Virtual Servers
Answer: (SHOW ANSWER)
NEW QUESTION: 26
Select the question you would ask your customer related to DNS attacks. Based on the material,
choose the most appropriate question.
A. How do you secure you DNS infrastructure against attacks?
B. Do you rely on your network firewall to protect you DNS server?
C. Do you over-provision your DNS infrastructure?
D. Do you regularly update BIND or some other DNS application to the latest release?
Answer: (SHOW ANSWER)
Explanation:
NEW QUESTION: 27
Which aspect of F5's Intelligent Services Platform helps you extend your security conversation to
include F5professionals and customers?
A. DevCentral
B. Modular Functionality
C. iApps
D. TMOS
Answer: (SHOW ANSWER)
NEW QUESTION: 28
Which service should be configured to allow BIG-IP devices to be externally monitored?
A. SNMP
B. SSHD
C. TMSH
D. SMTP
Answer: (SHOW ANSWER)
NEW QUESTION: 29
Which statement is true concerning the default communication between a redundant pair of BIG-
IP devices.
A. Communication between the systems cannot be effected by port lockdown settings.
B. Data for both connection and persistence mirroring are shared through the same TCP
connection.
C. Connection mirroring data is shared through the serial fail-over cable unless network failover is
enabled.
D. Regardless of the configuration, some data is communicated between the systems at regular
intervals.
Answer: (SHOW ANSWER)
NEW QUESTION: 30
A. As long as client traffic was directed to the alternate port, the virtual server would work as
intended.
B. Virtual servers with a ClientSSL profile are always configured with a destination port of 443.
C. Since the virtual server is associated with a ClientSSL profile, it will always process traffic sent
to port
443.
D. SSL termination could not be performed if the virtual server's port was not port 443.
Answer: (SHOW ANSWER)
NEW QUESTION: 31
It is common for free storage space to exist somewhere in a business network that is not easy for
storage administrators to utilize. What solution can the ARX provide in this situation?
A. The ARX identifies the exact location of the free storage, which allows network administrators
to target those locations when provisioning additional storage.
B. The ARX extends the capacity of each server by 10-15, through intelligent file virtualization.
C. The ARX uses the extra storage for transaction logs and index files.
D. The ARX allows the customer to pool storage from anywhere within the enterprise and
capacity balance the overflow across devices.
Answer: (SHOW ANSWER)
Explanation/Reference:
Valid 101 Dumps shared by Fast2test.com for Helping Passing 101 Exam! Fast2test.com now
offer the newest 101 exam dumps, the Fast2test.com 101 exam questions have been
updated and answers have been corrected get the newest Fast2test.com 101 dumps with
Test Engine here: https://www.fast2test.com/101-premium-file.html (240 Q&As Dumps,
30%OFF Special Discount: freecram)
NEW QUESTION: 32
The ICMP monitor has been assigned to all nodes. In addition, all pools have been assigned
custom monitors. If a pool .eb.is marked .vailable (green) which situation is sufficient to cause
this.
A. Less than 50% of the .eb.pool. member. nodes responded to the ICMP echo request.
B. Over 25% of the .eb.pool. members have had their content updated and it no longer matches
the receive rule of the custom monitor.
The other respond as expected.The other. respond as expected.
C. All of the .eb.pool. member. nodes are responding to the ICMP monitor as expected.
D. All of the members of the .eb.pool have had their content updated recently and their responses
no longer match the monitor. receive rule.
Answer: (SHOW ANSWER)
NEW QUESTION: 33
Which of the following statements are correct regarding Attack signatures? (Choose 2)
A. Individual Attack signatures can be assigned to the security policy. Only Attack signature sets
can apply to the security policy.Individual Attack signatures can? be assigned to the security
policy. Only Attack signature sets can apply to the security policy.
B. Any new Attack signature downloaded manually or automatically will be active and assigned
directly to the security policy.
C. Attack signatures are the basis for positive security logic with the BIG-IP ASM System.
D. Attack signatures can apply to requests, responses, and parameters.
Answer: (SHOW ANSWER)
NEW QUESTION: 34
Which function does the Presentation Layer provide?
A. translation and encryption
B. access to available resources
C. transmission over a medium
D. internetworking capabilities
Answer: (SHOW ANSWER)
NEW QUESTION: 35
Which of the following statements about cookie persistence is NOT true?
A. No persistence information is placed on LTM.
B. The cookie's timeout value can be customized.
C. They do not add a performance impact on LTM.
D. They are F5'spreferred persistence method.
E. Web servers must be configured to send cookies to clients.
Answer: (SHOW ANSWER)
NEW QUESTION: 36
Assuming other failover settings are at their default state, what would occur if the failover cable
were to be disconnected for five seconds and then reconnected.
A. When the cable is disconnected, both systems will become active. When the voltage is
restored, unit two will revert to standby mode.
B. When the cable is disconnected, both systems will become active. When the voltage is
restored, both systems will maintain active mode.
C. Nothing. Failover due to loss of voltage will not occur if the voltage is lost for less than ten
seconds.
D. As long as network communication is not lost, no change will occur.
Answer: A (LEAVE A REPLY)
NEW QUESTION: 37
Drag and Drop Question
Match the security-related term with the correct definition.
1. OWASP Top 10
2. Secure Socket Layer (SSL)
3. Bot
4. Certificate
5. Content scrubbing
Answer:
NEW QUESTION: 38
A virtual server at 10.10.1.100:80 has the rule listed below applied. when HTTP_REQUEST { if
{[HTTP::uri] ends_with "htm" } { pool pool1 } elseif {[HTTP::uri] ends_with "xt" } { pool pool2 } If a
user connects to http://10.10.1.100/foo.txt which pool will receive the request.
A. Unknown. The pool cannot be determined from the information provided.
B. pool1
C. pool2
D. None. The request will be dropped.
Answer: (SHOW ANSWER)
NEW QUESTION: 39
What should a BIG-IP Administrator configure to minimize impact during a failure?
A. Clone pool
B. MAC masquerading
C. External monitors
D. One Connect profile
Answer: (SHOW ANSWER)
NEW QUESTION: 40
In the following configuration, a virtual server has the following HTTP class configuration:
NEW QUESTION: 41
A BIG-IP has two load balancing virtual servers at 150.150.10.10:80 and
150.150.10.10:443. The port 80 virtual server has SNAT automap configured. There is also a
SNAT configured at 150.150.10.11 set for a source address range of 200.200.1.0 /
255.255.255.0. All other settings are at their default states. If a client with the IP address
200.200.1.1 sends a request to https://150.150.10.10, what is the source IP address when the
associated packet is sent to the pool member.
A. 200.200.1.1
B. Floating self IP address on VLAN where the packet leaves the system
C. Floating self IP address on VLAN where the packet arrives on the system
D. 150.150.10.11
Answer: (SHOW ANSWER)
NEW QUESTION: 42
DRAG DROP
Match the security-related term with the correct definition.
1. Demilitarized zone (DMZ)
2. Denial of service (DoS)
3. DNS Express
4. DNS Security Extensions (DNSSEC)
5. Endpoint inspection
Select and Place:
Answer:
NEW QUESTION: 43
Which method of protection is not provided by the Rapid Deployment policy template?
A. Dynamic parameter validation
B. HTTP protocol compliance
C. Buffer overflow
D. Data leakage
Answer: (SHOW ANSWER)
NEW QUESTION: 44
The ARX can see ________ when a data modification takes place and will cue that file to be
migrated back to the primary tier.
A. In real time
B. Nightly
C. Weekly
D. At the time of a system scan
E. When scheduled by administrator
Answer: (SHOW ANSWER)
Explanation/Reference:
NEW QUESTION: 45
Which four of the following items are physical objects used by GTM?
A. Virtual servers
B. Links
C. Servers
D. Wide IPs
E. Data centers
F. Pools
Answer: (SHOW ANSWER)
Explanation
These components include:
Data centers, Servers, Links, Virtual servers
http://support.f5.com/kb/en-
us/products/bigip_gtm/manuals/product/gtm_config_10_2/gtm_components_overvie Links
+ Wide IPs + Data centers + Pools
Links
+ Wide IPs + Data centers + Virtual servers
Links
+ Servers + Virtual servers + Pools the physical network, such as data centers, servers, and links,
and the components that comprise the logical network, such as wide IPs, pools, and global
settings. Most of the configuration components you build using the Configuration utility are saved
to the wideip.conf file.
Logical objects/components include: Listeners - Pools - Wide IPs - Distributed applications
NEW QUESTION: 46
The ARX saves customers time, money and frustration through a stub-based system that makes
a slight modification to each file in order to more efficiently sort and store end user data.
A. True
B. False
Answer: (SHOW ANSWER)
Explanation/Reference:
Explanation:
Valid 101 Dumps shared by Fast2test.com for Helping Passing 101 Exam! Fast2test.com now
offer the newest 101 exam dumps, the Fast2test.com 101 exam questions have been
updated and answers have been corrected get the newest Fast2test.com 101 dumps with
Test Engine here: https://www.fast2test.com/101-premium-file.html (240 Q&As Dumps,
30%OFF Special Discount: freecram)
NEW QUESTION: 47
The current status of a given pool is ffline.(red). Which condition could explain that state. Assume
the descriptions below include all monitorsThe current status of a given pool is .ffline.(red). Which
condition could explain that state. Assume the descriptions below include all monitors assigned
for each scenario.
A. The pool has a monitor assigned to it, and only some of the pool's members passed the test.
B. No monitors are currently assigned to any pool, member or node.
C. A monitor is assigned to all nodes and all nodes have passed the test. The pool's members
have no specific monitor assigned to them.
D. The pool has a monitor assigned to it, and none of the pool members passed the test. The
pool has a monitor assigned to it, and none of the pool. members passed the test.
Answer: (SHOW ANSWER)
NEW QUESTION: 48
Similar to LTM monitors, GTM monitors use both an Interval and a Timeout value.
A. True
B. False
Answer: A (LEAVE A REPLY)
NEW QUESTION: 49
Where is the load-balancing mode specified.
A. within the node definition
B. within the virtual server definition
C. within the pool definition
D. within the pool member definition
Answer: (SHOW ANSWER)
NEW QUESTION: 50
A. The server is temporary unable to receive any more data
B. The server is trying to close the TCP connection
C. The client is temporarily unable to receive any more data
D. The client is trying to close the TCP connection
Answer: (SHOW ANSWER)
NEW QUESTION: 51
A virtual server at 10.10.1.100:80 has the rule listed below applied. when HTTP_REQUEST { if
{[HTTP::uri] ends_with "htm" } { pool pool1 } elseif {[HTTP::uri] ends_with "xt" } { pool pool2 } If a
user connects to
http://10.10.1.100/foo.txt which pool will receive the request.
A. pool1
B. Unknown. The pool cannot be determined from the information provided.
C. pool2
D. None. The request will be dropped.
Answer: (SHOW ANSWER)
NEW QUESTION: 52
Which statement concerning virtual servers is true?
A. Virtual servers can keep idle server connections open indefinitely.
B. Virtual server processing always translates the virtual server address to the address of the
chosen pool member.
C. Virtual servers can reuse connections between the BIG-IP and server for multiple HTTP GETs.
D. Virtual servers cannot perform load balancing without performing address translation.
E. Virtual servers can compress data between the BIG-IP and servers.
Answer: (SHOW ANSWER)
NEW QUESTION: 53
An LTM has the 3 virtual servers, four self IP addresses defined and the networks shown in the
exhibit.
Selected options for each object are shown below. Settings not shown are at their defaults.
A connection attempt is made with a source IP and port of 10.20.100.50:2222 and a destination
IP and port of
10.10.2.102:80.
When the request is processed, what will be the destination IP address?
NEW QUESTION: 54
Which of the following is NOT a method that TMOS uses to improve the performance of
applications?
A. Offloading SSL decryption from downstream servers
B. Compressing HTTP data
C. Optimizing the TCP connection between the client and the BIG-IP device
D. Discarding unnecessary data from server responses before sending to the client
E. Caching HTTP data
Answer: (SHOW ANSWER)
NEW QUESTION: 55
To make complex access policies easier to manage, an administrator can create a policy
containing several policy actions, and then add instances of it within the policy using the
________. (Fill in)
A. Deployment Wizard
B. Setup Wizard
C. Policy Wizard
D. Visual Wizard
Answer: (SHOW ANSWER)
Explanation/Reference:
Explanation:
NEW QUESTION: 56
Assume a virtual server is configured with a ClientSSL profile. What would the result be if the
virtual server's destination port were not 443.
A. SSL termination could not be performed if the virtual server's port was not port 443.
B. Virtual servers with a ClientSSL profile are always configured with a destination port of 443.
C. As long as client traffic was directed to the alternate port, the virtual server would work as
intended.
D. Since the virtual server is associated with a ClientSSL profile, it will always process traffic sent
to port 443.
Answer: (SHOW ANSWER)
NEW QUESTION: 57
ASM combined with LTM provides protection against:
A. Layer 7 DoSattacks
B. All of the above
C. Layer 4 DoS attacks
D. DDoS attacks
Answer: (SHOW ANSWER)
Explanation/Reference:
Explanation:
NEW QUESTION: 58
Which of the following is correct regarding static parameters?
A. A static parameter is pre-defined by the web application logic.
B. A static parameter is learned only by using the Deployment Wizard.
C. A static parameter is mapped once when creating the application flow model.
D. A static parameter is stored in a frame cookie.
Answer: (SHOW ANSWER)
NEW QUESTION: 59
A new virtual server is being tested to replace http://myapp.mydomain.com. The original virtual
server is still on use. And the new virtual server is on a different ip address. What should be done
to test this new virtual server using the fully quailed domain name for this application?
A. add a DNS record for the fully qualified domain name
B. make an entry in the client host file
C. add the fully qualified domain name to the browser cache
D. make an entry in the web server services file
Answer: (SHOW ANSWER)
NEW QUESTION: 60
A. Do you regularly update BIND or some other DNS application to the latest release?
B. Do you over-provision your DNS infrastructure?
C. Do you rely on your network firewall to protect your DNS server?
D. How do you secure your DNS infrastructure against attacks?
Answer: (SHOW ANSWER)
NEW QUESTION: 61
A BIG IP Administrator wants to add a new VLAN (VLAN 40) to an LACP trunk (named LACP01)
connected to the BIG-IP device Mufti VLANS exist on LACPO1. Which TMSH command should
the BIG IP Administrator issue to add the new VLAN to the existing LACP trunk?
A. create net vlan VLAN40 {interfaces add {LACP01 {untagged}} tag 40}
B. create net vlan VLAN40 {interfaces replace-all-with {LACP01{tagged}} tag 40}
C. create net vlan VLAN40 (interfaces add (LACP01 {lagged)) tag 40}
D. create net vlan VLAN40 interfaces replace all with {LACP01 {untagged)} tag 40}
Answer: B (LEAVE A REPLY)
Valid 101 Dumps shared by Fast2test.com for Helping Passing 101 Exam! Fast2test.com now
offer the newest 101 exam dumps, the Fast2test.com 101 exam questions have been
updated and answers have been corrected get the newest Fast2test.com 101 dumps with
Test Engine here: https://www.fast2test.com/101-premium-file.html (240 Q&As Dumps,
30%OFF Special Discount: freecram)
NEW QUESTION: 62
LTM runs on________F5's proprietary product platform. (Fill in the correct answer)
Answer:
TMOS
NEW QUESTION: 63
Which protocol data unit (POU) is associated with the OSI model's Network layer
A. Bit
B. Segment
C. Frame
D. Datagram
Answer: (SHOW ANSWER)
NEW QUESTION: 64
A Network Administrator needs a new networking device can perform NAT to connect several
devices on a computer network.
What is the most appropriate device for this requirement?
A. Bridges
B. Router
C. Switch
D. Hub
Answer: (SHOW ANSWER)
NEW QUESTION: 65
DNSSEC is a GTM add-on licensing feature.
A. True
B. False
Answer: (SHOW ANSWER)
Explanation/Reference:
NEW QUESTION: 66
Basic F5 IP Geo location provides which four types of client information? (Choose four.)
A. State
B. Continent
C. Postal code
D. City
E. Carrier
F. Country
Answer: (SHOW ANSWER)
State - Country - Continent - City
State - Country - Postal code - City
The BIG-IP system uses geo location software to identify the geographic location of a client or
web application user. The default IP geo location database provides IPv4 addresses at the
continent, country, state, ISP, and organization levels, and IPv6 addresses at the continent and
country levels.
The database consists of the following files:
F5GeoIP.dat
F5GeoIPv6.dat
F5GeoIPISP.dat
F5GeoIPOrg.dat
NEW QUESTION: 67
You can use an HTTP class profile to forward traffic that matches which three of these types of
criteria?
(Choose three.)
A. Port
B. Host name
C. URI path
D. User name
E. Protocol
F. HTTP header
Answer: (SHOW ANSWER)
NEW QUESTION: 68
An Administrator enables HTTP keep alive.
How does this affect the network?
A. HTTP connections will remain open longer
B. Fewer TCP connections will need to be opened
C. HTTP connections will close when the keep-alive times out
D. More TCP connections will need to be opened
Answer: B (LEAVE A REPLY)
https //en wikipedia org/wiki/HTTPpersistentconnection
NEW QUESTION: 69
Application trends and drivers that increase the need for application security are:
A. All the above
B. Webification
C. Targeted attacks
D. Intelligent Browsers
Answer: (SHOW ANSWER)
NEW QUESTION: 70
A. It does not provide an acceptable disaster recovery solution
B. It won't improve latency between the data centers
C. It won't improve the backup time from the primary data center to the backup data center
D. Users near the data centers will find their connections going back and forth between the two
site
E. It costs more to have the data centers close together than further apart
Answer: (SHOW ANSWER)
Explanation/Reference:
It does not provide an acceptable disaster recovery solution, it is so close
NEW QUESTION: 71
What will likely happen if you were to define a LTM System in the wrong Data Center?
A. There would be no effect if the LTM System is defined in the wrong Data Center.
B. Data from probes from that LTM System might result in inaccurate path metrics and load
balancing decisions.
C. The GTM System would not be able to resolve Wide-IPs to the addresses associated with that
LTM System's Virtual Servers.
D. The GTM System would not be able to communicate with that LTM System.
Answer: (SHOW ANSWER)
NEW QUESTION: 72
TCP Express is licensed separately from LTM
A. True
B. False
Answer: (SHOW ANSWER)
TCP Express is licensed including in LTM.
NEW QUESTION: 73
GTM uses Auto Discovery to add virtual servers from both LTM and non-BIG-IP load balancers.
A. True
B. False
Answer: (SHOW ANSWER)
Explanation/Reference:
Explanation:
NEW QUESTION: 74
iQuery is a proprietary protocol that distributes metrics gathered from which three sources?
(Choose three.)
A. DNS root servers
B. path probes such as ICMP
C. monitors from Generic Host Servers
D. SNMP
E. monitors from LTM Systems
Answer: (SHOW ANSWER)
NEW QUESTION: 75
Select the best word or phrase to complete the following sentence.
Using the _______ feature in GTM, F5's Application Delivery Firewall solution can handle a
significantly higher number of queries than traditional DNS servers.
A. DNS Express
B. BIND
C. Site availability request
D. Location-based routing
Answer: (SHOW ANSWER)
Explanation/Reference:
Explanation:
NEW QUESTION: 76
Why is BIG-IP ASM ideally suited to protect against layer 7 attacks, including HTTP and
HTTPS/SSL traffic, when compared to an intrusion prevention system (IPS)?
A. An IPS can only look at overall traffic patterns; it doesn't understand what applications are in
the network.
B. An IPS only focus on operating system attacks; it doesn't understand what application are in
the network.
C. An intrusion prevention system (IPS) is based on Packet Filtering.
D. An IPS doesn't have the visibility into HTTPS traffic. it doesn't understand what applications
are in the network.
Answer: (SHOW ANSWER)
Valid 101 Dumps shared by Fast2test.com for Helping Passing 101 Exam! Fast2test.com now
offer the newest 101 exam dumps, the Fast2test.com 101 exam questions have been
updated and answers have been corrected get the newest Fast2test.com 101 dumps with
Test Engine here: https://www.fast2test.com/101-premium-file.html (240 Q&As Dumps,
30%OFF Special Discount: freecram)
NEW QUESTION: 77
Which statement is correct concerning differences between BIG-IP ASM platforms?
A. The 3900 and 6800 have the same number of ports.
B. The 3900 and 6800 can support both the module and standalone versions of BIG-IP ASM.
C. The 3900 has more ports than the 6800.
D. The 3900 can support both module and standalone versions of BIG-IP ASM whereas the 6800
can support only the module version of BIG-IP ASM.
Answer: (SHOW ANSWER)
NEW QUESTION: 78
Complete the statement below by choosing the correct word or phrase to complete the sentence.
By identifying IP addresses and security categories associated with malicious activity, the BIG-IP
_______ service can incorporate dynamic lists of threatening IP addresses into the BIG-IP
platform, adding context to policy decisions.
A. iApps
B. IP intelligence
C. iRules
D. Edge Client
E. LTM
Answer: (SHOW ANSWER)
NEW QUESTION: 79
Assume a client's traffic is being processed only by a NAT; no SNAT or virtual server processing
takes place.
Also assume that the NAT definition specifies a NAT address and an origin address while all
other settings are left at their defaults. If a client were to initiate traffic to the NAT address, what
changes, if any, would take place when the BIG-IP processes such packets?
A. The destination address would not change, but the source address would be translated to the
origin address.
B. The source address would not change, but the destination address would be translated to the
NAT's address.
C. The destination address would not change, but the source address would be translated to the
NAT's address.
D. The source address would not change, but the destination address would be translated to the
origin address.
Answer: (SHOW ANSWER)
NEW QUESTION: 80
A. ASM can be deployed easily
B. No changes are needed on the servers
C. Higher performance than other configurations
D. Fail open is easy to add
Answer: (SHOW ANSWER)
Explanation/Reference:
Explanation:
NEW QUESTION: 81
Which facility logs messages concerning GTM System parameters?
A. local0
B. local1
C. local3
D. local2
Answer: (SHOW ANSWER)
NEW QUESTION: 82
After editing and saving changes to the configuration file containing virtual servers, what is the
immediate result?
A. The new configuration is verified and loaded.
B. The new configuration is loaded but not verified.
C. The new configuration is verified not loaded.
D. The new configuration is neither verified nor loaded.
E. The new configuration is verified
F. The new configuration is verified and loaded if is it syntactically correct.
Answer: (SHOW ANSWER)
NEW QUESTION: 83
Which three of these scenarios should you identify as being an APM opportunity?
A. An organization that has been recently fined for failing security compliance
B. An organization sharing a public Web site for all Internet users
C. An organization with a traveling sales force
D. An organization that needs to ensure users are using Symantec antivirus software
E. An organization with a single location and no remote employees
F. An organization using Novell Netware for authentication
Answer: (SHOW ANSWER)
NEW QUESTION: 84
What is the main business driver for bringing Enterprise Manager into the network infrastructure?
A. Consolidate management of administrator and user accounts
B. Consolidate management of licenses
C. Consolidate management of SSL certificates
D. Consolidate management of BIG-IP devices
E. Consolidate management of access policies
Answer: (SHOW ANSWER)
Explanation/Reference:
NEW QUESTION: 85
An administrator is performing a capture from a lagged port on an Ethernet SWITCH.
Which OSI layer should be inspected to determine with which VLAN a datagram is associated?
A. Application layer
B. Data-link layer
C. Transport layer
D. Network layer
Answer: (SHOW ANSWER)
NEW QUESTION: 86
Which four of these statements regarding object size and WebAccelerator performance are true?
(Choose four.)
A. Large objects such as video cache well
B. Large objects allow fewer requests per second
C. Large objects result in higher throughput
D. Small objects result in higher throughput
E. Small objects such as images cache well
F. Small objects allow more requests per second
Answer: (SHOW ANSWER)
Explanation/Reference:
Explanation:
NEW QUESTION: 87
Which event is always triggered when the client sends data to a virtual server using TCP?
A. HTTP_REQUEST
B. CLIENT_DATA
C. VS_CONNECTED
D. HTTP_DATA
Answer: (SHOW ANSWER)
NEW QUESTION: 88
It is common for free storage space to exist somewhere in a business network that is not easy for
storageadministrators to utilize. What solution can the ARX provide in this situation?
A. The ARX allows the customer to pool storage from anywhere within the enterprise and
capacity balance theoverflow across devices
B. The ARX extends the capacity of each server by 10-15, through intelligent file virtualization
C. The ARX identifies the exact location of the free storage, which allows network administrators
to targetthose locations when provisioning additional storage
D. The ARX uses the extra storage for transaction logs and index files
Answer: (SHOW ANSWER)
NEW QUESTION: 89
Which statement describes advanced shell access correctly? Which statement describes
advanced shell access correctly?
A. Users with advance shell access have the same right as those with msh access, but the right
extend to all partition rather than to Users with advance shell access have the same right as
those with msh access, but right extend to all partition rather than to a single partition.
B. All Users can be given advanced shell access. All users can be given advance shell access.
C. Users with advance shell access are limited to changing, adding, or deleting LTM object in any
single partition. Users with? Advance shell accesses are limited to changing, adding, or deleting
LTM object on any single partition.
D. Users with advanced shell access can always change, add, or delete LTM objects in all
partition. Users with? Advanced shell access can always, change, add, or delete LTM objects in
all partitions.
Answer: (SHOW ANSWER)
NEW QUESTION: 90
A. False
B. True
Answer: (SHOW ANSWER)
NEW QUESTION: 91
ASM combined with LTM provides protection against:
A. Layer 7 DoS attacks
B. All of the above
C. Layer 4 DoS attacks
D. DDoS attacks
Answer: B (LEAVE A REPLY)
Explanation/Reference:
Valid 101 Dumps shared by Fast2test.com for Helping Passing 101 Exam! Fast2test.com now
offer the newest 101 exam dumps, the Fast2test.com 101 exam questions have been
updated and answers have been corrected get the newest Fast2test.com 101 dumps with
Test Engine here: https://www.fast2test.com/101-premium-file.html (240 Q&As Dumps,
30%OFF Special Discount: freecram)
NEW QUESTION: 92
Which of the following are the three main business drivers for placing LTM into a network?
A. Secure the connection between WAN sites
B. Authenticate and authorize users
C. Act as a Web application firewall
D. Include application security
E. Boost application performance
F. Improve application availability and scalability
Answer: (SHOW ANSWER)
Explanation/Reference:
Explanation:
NEW QUESTION: 93
Which must be sent to the license server to generate a new license?
A. the system's dossier
B. the system's host name
C. the system's base license
D. the system's purchase order number
Answer: (SHOW ANSWER)
Explanation
NEW QUESTION: 94
Which three files/data items are included in a BIG-IP UCS backup file? (Choose three.)
A. the BIG-IP license
B. the BIG-IP administrative addresses
C. the BIG-IP host name
D. the BIG-IP default traps
E. the BIG-IP log files
Answer: (SHOW ANSWER)
NEW QUESTION: 95
When initially configuring the GTM System using the config tool, which two parameters can be
set? (Choose two.)
A. Port lockdown of management port
B. System hostname
C. IP Address of the external VLAN
D. IP Address of management port
E. Default route for management port
Answer: (SHOW ANSWER)
NEW QUESTION: 96
How is persistence configured?
A. Persistence is an option within each pool's definition.
B. Persistence is an option for each pool member. When a pool is defined, each member's
definition includes the option for persistence.
C. Persistence is a global setting; once enabled, load balancing choices are superceded by the
persistence method that is specified.
D. Persistence is a profile type; an appropriate profile is created and associated with virtual
server.
Answer: (SHOW ANSWER)
NEW QUESTION: 97
You can use an HTTP class profile to forward traffic that matches which three of these types of
criteria?
A. Port
B. HTTP header
C. URI path
D. User name
E. Protocol
F. Host name
Answer: (SHOW ANSWER)
Explanation/Reference:
Explanation:
NEW QUESTION: 98
An administrator connects two devices using an Ethernet cable. The link fails to come up on
either device, which setting could prevent the link from being established?
A. IP configuration
B. Link speed
C. DNS resolvers
D. Proxy settings
Answer: (SHOW ANSWER)
NEW QUESTION: 99
Which two of the following LTM load balancing methods require the least amount of resources?
(Choose two.)
A. Round robin
B. Ratio
C. Least connections
D. Predictive
E. Fastest
F. Observed
Answer: (SHOW ANSWER)
B)
C)
A. Option
B. Option
C. Option
Answer: (SHOW ANSWER)
Valid 101 Dumps shared by Fast2test.com for Helping Passing 101 Exam! Fast2test.com now
offer the newest 101 exam dumps, the Fast2test.com 101 exam questions have been
updated and answers have been corrected get the newest Fast2test.com 101 dumps with
Test Engine here: https://www.fast2test.com/101-premium-file.html (240 Q&As Dumps,
30%OFF Special Discount: freecram)
A virtual server at 150.10.30.30:80 that is associated with both the SNAT pool and the load
balancing pool. If a client at IP address 200.10.10.10 initiates a connection to the virtual server,
what will the source IP address be in the packets sent to the chosen pool member?
A. 10.10.1.33
B. 150.10.33.33
C. 10.10.1.10
D. 200.10.10.10
E. 150.10.30.30
F. It could be any of the addresses of the members of the load balancing pool.
Answer: (SHOW ANSWER)
Answer:
Explanation
A. Real Time
B. Non-Disruptive
C. Heterogeneous
D. Data Integrity
E. Scale and Performance
Answer:
Explanation
Disaster recovery SLA - Measured by RPOs and RTOs
Recovery point objective - The amount of data that can be lost
Recovery time objective - How fast operations need to return to normal
Valid 101 Dumps shared by Fast2test.com for Helping Passing 101 Exam! Fast2test.com now
offer the newest 101 exam dumps, the Fast2test.com 101 exam questions have been
updated and answers have been corrected get the newest Fast2test.com 101 dumps with
Test Engine here: https://www.fast2test.com/101-premium-file.html (240 Q&As Dumps,
30%OFF Special Discount: freecram)
Answer:
NEW QUESTION: 129
Assuming there are open connections through an active system's NAT and a failover occurs, by
default, what happens to those connections.
A. All open connections will be lost.
B. All open connections are lost, but new connections are initiated by the newly active BIG-IP,
resulting in minimal client downtime.
C. The "Mirror" option must be chosen on the NAT and the setting synchronized prior to the
connection establishment.
D. Longlived connections such as Telnet and FTP will be maintained while shortlived connections
such as HTTP will be lost.
E. All open connections will be maintained.
Answer: (SHOW ANSWER)
Valid 101 Dumps shared by Fast2test.com for Helping Passing 101 Exam! Fast2test.com now
offer the newest 101 exam dumps, the Fast2test.com 101 exam questions have been
updated and answers have been corrected get the newest Fast2test.com 101 dumps with
Test Engine here: https://www.fast2test.com/101-premium-file.html (240 Q&As Dumps,
30%OFF Special Discount: freecram)
Valid 101 Dumps shared by Fast2test.com for Helping Passing 101 Exam! Fast2test.com now
offer the newest 101 exam dumps, the Fast2test.com 101 exam questions have been
updated and answers have been corrected get the newest Fast2test.com 101 dumps with
Test Engine here: https://www.fast2test.com/101-premium-file.html (240 Q&As Dumps,
30%OFF Special Discount: freecram)
Valid 101 Dumps shared by Fast2test.com for Helping Passing 101 Exam! Fast2test.com now
offer the newest 101 exam dumps, the Fast2test.com 101 exam questions have been
updated and answers have been corrected get the newest Fast2test.com 101 dumps with
Test Engine here: https://www.fast2test.com/101-premium-file.html (240 Q&As Dumps,
30%OFF Special Discount: freecram)
Valid 101 Dumps shared by Fast2test.com for Helping Passing 101 Exam! Fast2test.com now
offer the newest 101 exam dumps, the Fast2test.com 101 exam questions have been
updated and answers have been corrected get the newest Fast2test.com 101 dumps with
Test Engine here: https://www.fast2test.com/101-premium-file.html (240 Q&As Dumps,
30%OFF Special Discount: freecram)
Answer:
NEW QUESTION: 194
The Protected Workspace client-side action provides more client-side security than the Cacheand
Session Control action.
A. True
B. False
Answer: (SHOW ANSWER)
NEW QUESTION: 195
TMOS is an F5 software module that runs on the BIG-IP platform.
A. True
B. False
Answer: (SHOW ANSWER)
Valid 101 Dumps shared by Fast2test.com for Helping Passing 101 Exam! Fast2test.com now
offer the newest 101 exam dumps, the Fast2test.com 101 exam questions have been
updated and answers have been corrected get the newest Fast2test.com 101 dumps with
Test Engine here: https://www.fast2test.com/101-premium-file.html (240 Q&As Dumps,
30%OFF Special Discount: freecram)
Valid 101 Dumps shared by Fast2test.com for Helping Passing 101 Exam! Fast2test.com now
offer the newest 101 exam dumps, the Fast2test.com 101 exam questions have been
updated and answers have been corrected get the newest Fast2test.com 101 dumps with
Test Engine here: https://www.fast2test.com/101-premium-file.html (240 Q&As Dumps,
30%OFF Special Discount: freecram)