DUMPS

BASE
EXAM DUMPS

F5
301a
28% OFF Automatically For You

BIG-IP LTM Specialist: Architect, Setup and

Deploy
1.In an iApp, which configuration protects against accidental changes to an
application Services configuration?
A. Components
B. Strict Updates
C. Name
D. Template
Answer: B

2.An LTM device load balances a pool of routers. The LTM device needs to verify
path availability to an HTTP server with the IP address 192 168.10 10. located
beyond the routers.
Which monitor type and parameters arc required?
A. HTTP monitor alias address 192 168.10 10. and set the alias to port 80
B. TCP monitor, alias address 192.168.10.10. and set the alias to port 80
C. TCP monitor change transparent option to Yes. set alias address 192.168.10.10.
and set the alias to port 80
D. TCP monitor, change transparent option to Yes, and sot the alias to port 80
Answer: C

3.An LTM Specialist has detected that a brute force login attack is occurring against
the SSH service via a BIG-IP management interface. Login attempts are occurring
from many IPs within the internal company network.
BIG-IP SSH access restrictions are in place as follows:

The LTM Specialist has determined that SSH access should only occur from the
192.168.1.0/24 and 172.16.254.0/23 networks.
Which tmsh command should the LTM Specialist use to permit access from the
desired networks only?
A. modify.sys sshd allow add {''192.168. 10/24 ,''172. 16 2540/23'')
B. modify /sys sshd login disable (''10.0.00/8'', ''172 16.0 0/12'', ''192. 168.0.0/16'')
C. modify/sys allow replace-all-with {''192.168.1.00/24'', ''192.16.254.0/23''}
D. modify/sys sshd login enable {''192.166.10/24''172''.16 254 0/23
Answer: C
Explanation:
Select C to overwrite the existing network's allow configuration over the specified
network segment.

4.Four members in a server pool have similar hardware platforms. An LTM Specialist
needs the load balancing method that can select the server with the fewest entries in
the persistence table.
Which load balancing method should the LTM Specialist use?
A. Observed
B. Dynamic Ratio
C. Least Sessions
D. Leas Connections
Answer: C
Explanation:
Pay attention to the examination questions, the stem is to ask the session to keep the
minimum entries in the table.

5.A web server's default gateway is the network router. The LTM Specialist needs to
introduce an LTM device to load balance to the web servers without changing the
server's default gateway.
Which deployment method and settings should the LTM Specialist use to ensure
correct traffic flow and that the web servers can obtain the actual con IP addresses?
A. route deployment with Automap configured and X-Forwarded-For inserted in HTTP
headers
B. route deployment without SNAT configuration
C. SNAT deployment with automap configured and X-Forwarded-For inserted in
HTTP headers
D. SNAT deployment with automap configured
Answer: C

6.An LTM device needs an additional traffic group.

Which configuration item is required?
A. Default device
B. Group name
C. MAC Masquerade Address
D. Auto Fallback Timeout
Answer: B

7.An LTM device configuration is as shown:

What should be the two expected outcomes based on this configuration? (Choose
two.)
A. A client session that has been idle for 16 minutes will be sent to the same pool
member
B. A client session that has been idle for 20 minutes will be balanced to a new pool
member
C. A client session that has been idle for 14 minutes will be balanced to a new pool
member
D. A client session that has been idle for 48 minutes will be sent to the same pool
members
E. A client session that has been idle for 12 minutes will be sent to the same pool
member
Answer: B,E

8.An LTM Specialist needs to deploy a virtual server that will load balance traffic
targeting https://register.example.com to a set of three web servers. Persistence
needs to be ensured. No persistence mirroring is allowed SSL offloading is required.
A fourth web server with fewer resources will be used to handle requests from engine
bots to https://register.example.comvrobots.txt by an iRule. The (Rule will use the
HTTP_REQUEST event. .
What are the required profile and persistence settings to implement this
A. tcp. dientssl, hup, source address persistence
B. tcp, clientssl, http. cookie persistence
C. tcp, clientssl, serverssl, ssl persistence
D. tcp, clientssl, http, serverssl cookie persistence
Answer: B
Explanation:
The option is wrong, it should be clientssl and serverssl. If the title requires ssl offload
instead of encryption, you need clientssl instead of serverssl. irule needs HTTP profile
to enable HTTP_REQU£ST. If the session cannot be mirrored, the cookie session
remains to meet the demand.

9.One LTM device in an HA pair of LTM devices is unable to reach its default
gateway. An HA Failover event needs to happen.
Which configuration item enables this behavior?
A. iRule
B. Gateway Fail Safe
C. Gateway pool monitor
D. Gateway pool
Answer: B

10.An LTM Specialist upgrades the switching infrastructure and the backend servers
on the LAN segments.
The LTM Specialist notices a 20% memory usage increase on the BIG-IP device
while handling the same number of concurrent connections.
A comparison of statistics pre-upgrade and post-upgrade shows a significant
reduction on the following:
- RTT between the BIG-IP device and the backend servers
- Packet drops in the switch
Time to First Byte (TTFB)
The LTM Specialist is concerned with the scalability of the number of concurrent
connections with the new memory usage.
Which setting should be changed to reduce the memory usage on the BIG-IP device?
A. Reduce the proxy buffer high setting on the server-side TCP profile
B. Increase the receive window of the client-side TCP profile
C. Increase the proxy buffer high setting on the server-side TCP profile
D. Reduce the idle of the client-side TCP profile
Answer: A
Explanation:
After adjusting the architecture, the network quality becomes better. With the
connection unchanged the memory usage increase by 20%. It means that the
sending speed of the server is higher than the receiving speed of the client. F5
caches more content on the memory and causes the memory usage to….

11.An application is sensitive to packet loss and unexpected session termination. A

pair of LTM devices is configured in an Active/Standby high availability configuration.
SNATS are NOT used and the virtual server contains a Universal Persistence profile.
which two actions must an LTM Specialist take to ensure the sessions are maintained
between the client and server during an LTM device failover event while maintaining
maximum uptime? (Choose two.)
A. configure a serial failover cable for mirror traffic
B. configure a One Connect profile to mirror connections
C. configure a VLAN and primary mirroring address for mirror traffic
D. enable Mirroring for a virtual server and persistence profile
E. enable Clone Pools for a virtual server and a persistence profile
Answer: C,D

12.AN LTM Specialist needs to determine the delay between an LTM device and the
internal web server for a specific client.
Which two AVR reporting options should the LTM Specialist enable to measure the
delay? (Choose two.)
A. User agents
B. Methods
C. Response codes
D. Server latency
E. Client IP
Answer: D,E
Explanation:
The problem is to specify the server delay of the client

13.An LTM Specialist has recently taken over administration or an LTM device that
has experienced resource availability issues. The LTM device will need to be solely
used for load balancing and SSL offload. Previously, the LTM device was also used to
provide statistical analysis of application traffic. However, that functionality has been
moved to a third party solution.
Based on the output below, which configuration change should be made to ensure the
LTM module receives the most amount of resources?

A. Provision AVR to Minimum. Provision LTM at Maximum

B. Provision AVR to none. Provision LTM to Dedicated
C. Provision AVR to Minimum, Provision LTM to Dedicated
D. Provision LTM to Dedicated, Provision AVR to Dedicated
Answer: B

14.A virtual server with SNAT automap enabled selects pool member 10.20.0.10.443
for the server-side flow. The client side flow source IP is 192.168.0.10.

Which source IP should be expected in the server-side connection?

A. 10.20.0.1
B. 10.50.0.2
C. 10.20.0.2
D. 192.168.0.10
Answer: C

15.An LTM Specialist plans to enable connection mirroring for a virtual server in an
HA environment.
What must the LTM Specialist consider before implementing the configuration
change?
A. Impact on system performance that might be noticeable
B. The add-on license that is required for this feature to be available
C. Creating the required separate interface for connection mirroring
D. Decreased number of possible concurrent connections to that virtual server
Answer: A
Explanation:
Connection mirroring will bring performance consumption

16.An LTM Specialist needs to create an iRule that creates persistence records
based on a
JSESSIONID cookie. If a persistence record already exists, then the iRule must
persist the client connection according to the existing record.
Which persistence profile enables the iRule to meet these requirements?
A. Universal
B. SSL
C. Destination Address Affinity
D. Cookie
E. Source Address Affinity
Answer: A

17.Remote office users are having performance issues with a virtual hosted on the F5
LTM. The LTM Specialist reviews the configuration for the virtual server and
determine that some settings are set with default profiles.
Which profile should the LTM Specialist enable to improve virtual server
performance?
A. A WAN optimized client side profile
B. A FastL4 profile on the virtual server
C. An HTTP profile for the virtual server
D. A Stream profile for the remote user networks
Answer: A
Explanation:
They key word is that there are performance problem with Remote office users, no
F5. The user experience can be improved through tcp optimization. The expression
should be wom-tcp-wan-optimized in Protocol Profile (Client)

18.The network team introduces a new subnet 10.10.22.0/24 to the network. The
route needs to be configured on the F5 device to access this network via the
30.30.30.158 gateway.
How should the LTM Specialist configure this route?
A. Tmsh modify net route 10.10.22/24 gw 30.30.30.158
B. Tmsh create net route 10.10.22/24 gw 30.30.30.158
C. Tmsh changey net route 10.10.22/24 gw 30.30.30.158
D. Tmsh add net route 10.10.22/24 gw 30.30.30.158
Answer: B

19.An LTM Specialist regularly provides analytics reports that show that traffic
generated by different subnets within the organization. The LTM Specialist needs
show the associate department names next the IP addresses in the reports.
Which step should the LTM Specialist take to meet this requirement?
A. use an iRule to change the output of the report
B. export the report and add the department names manually
C. create VLANs for each subnet and set the name accordingly
D. define active subnets and assign a name to certain subnets
Answer: C

20.The picture belongs to static content, you can configure static content cache in FS
to meet this demand
An LTM Specialist must configure session persistence for a highly available, highly
utilized web-based application.
* The following requirements are provided:
* http proxy setup for security
persistence information available to the HA peer in case of failover
The LTM Specialist needs to minimize additional burden on the LTM device to the
greatest extent possible.
Which persistence profile should be used?
A. Cookie insert
B. Universal
C. Source Address Affinity
D. Destination Address Affinity
Answer: A

21.AN LTM Specialist receives reports that an external company application is having
reliability issues. The F5 Administrator finds the following in /vat/log/ltm file.

The LTM Specialist determines that the F5 LTM device is entering into Aggressive
Mode Adaptive Reaping, which is causing the site reliability issues.
What is the most likely reason that the LTM device has entered into Aggressive Mode
Adaptive Reaping?
A. The LTM device exceeds licensed traffic limits.
B. The site has too many licensed modules.
C. The LTM device has not provisioned AVR.
D. The site is under DDOS attack
Answer: D

22.An unwanted IP address tries to connect to the configuration utility via Self IP An
LTM Specialist needs to block the attempts based on the IP address.
How should the ITM Specialist block the attempts without affecting other users?
A. SSH IP allow list
B. Port lockdown
C. Device trust
D. Packet filter
Answer: D

23.An LTM Specialist discovers an issue with the custom http monitor that returns in a
false positive status.
The end users cannot get the right website, but the http monitor marks the pool
member UP.
What is causing the false positive result?
A. The end user should use another type of browser.
B. The response is chunked.
C. The response is compressed.
D. The Content-Type has value "iso-8859-200".
Answer: D

24.To improve application security, an LTM Specialist must configure a BIG

application access. The BIG IP system to authenticate the client certificate before
permitting application access. The BIG-IP system must also support the ability to red
to redirect users to a certificate enrolment system without generating a browser error.
Within the Client SSL profile, which value should the LTM Specialist select for the
Client Certificate option?
A. Require
B. Request
C. Demand
D. ignore
Answer: A

25.Refer to the exhibit.

The http monitor is applied to a pool All members are enabled One pool member
stops responding TCP port 80. The server still responds to ping.
What is the resulting status of this pool member?
A. Available (Enabled)
B. Offline (Disabled)
C. Unavailable (Disabled)
D. Unknown (Enabled)
Answer: A

26.A LTM device needs to load balance active and passive FTP traffic while using
only a single virtual server.
Which virtual server type should an LTM Specialist configure on the LTM device?
A. Forwarding (Layer 2)
B. Standard
C. Stateless
D. DHCP relay
E. Forwarding (IP)
Answer: E

27.An LTM Specialist needs to create two virtual servers.

The application has links for both HTTP and HTTPS version of application. The client
must be persistence to a pool member, no matter which virtual server is accessed.
What must be selected in the Source Address Affinity persistence profile?
A. Match across Virtual Servers
B. Match across Pool Members
C. Match across Services
D. Match across Polls
Answer: A

28.An LTM Specialist creates an Analytics wide to show the type of browsers used to
access a certain application. However, the generated statistics only sum up all
transaction for that application under one item called ‘ Aggregated.’’
What should the LTM Specialist do to resolve this problem?
A. Verify that the Analytics profile is assigned to the applications virtual server.
B. Make sure ‘’User Agent’’ is selected in the Analytics profile.
C. Drill down into the stats to show the User Agents correlated in the Aggregated
group.
D. Make sure ‘’User Sessions’’ is selected in the Analytics profile
Answer: B

29.Refer to the following iRule:

What is a complete list of profiles that must be applied to the virtual server for this
iRule?
A. Fast L4, HTTP
B. TCP, HTTP
C. TCP, HTTP, Client SSL
D. Fast L4 , HTTP, Stream
Answer: B
30.An LTM Specialist has trouble with SNMP traps in the management network.
The ITM Specialist takes the network capture shown to troubleshoot:

What should the UM Specialist change to capture packets related to this workflow?
A. the interface
B. the tcpdump filter expression
C. the verbose level
D. the port
Answer: A

31.An LTM Specialist needs to configure a setup for antivirus scanning of HTTP traffic
with an internet Contact adaption Protocol (ICAP) server.
Which two server type should be used? (Choose two.)
A. Standard
B. Internal
C. Performance HTTP
D. Forwarding IP
E. Stateless
Answer: A,B

32.An LTM Specialist needs to upgrade all guests on a Viprion eight CMP guests.
What is the maximum number of guests that the LTM Specialist should upgrade at
once?
A. Eight
B. One
C. TWO
D. Four
Answer: B
Explanation: Explanation
Each guest is independent, just like hardware upgrades. Can only upgrade one by
one, there is no way to upgrade at the same time.

33.Which process can be eliminated by terminating SSL communication on the LTM

device rather than the backend pool members?
A. generating CSRS
B. obtaining SSL certificates from a certificate authority
C. administering SSL on the web servers
D. applying security patches on the backend pool members
Answer: C

34.Refer to the exhibit

Given the bigip conf extract shown where the servers only talk http on port 80, which
node will receive the next user request?
A. 72.10.1.1
B. 10.1.1.1
C. 10.1.1.2 0
D. 10.1.1.3
Answer: D

35.Which Standard Virtual Server settings should an LTM Specialist use to load
balance across routed path of two different ISPs?
A. address translation enabled and port translation disabled
B. both address and port translation enabled
C. both address and port translation disabled
D. address translation disabled and port translation enabled
Answer: B
36.An HTTP monitor is created and assigned to a pool with the following non-default
configuration:
Interval: 7 seconds
Timeout: 22 seconds
Reverse: Yes
Send String: GET/status.html HTTP/1.1/r/nHost:test.example.com/r/nConnector:Close
Receive String: Up
The HTTP server sends the following response:

What is the resulting pool status?

A. Unavailable (Enabled)
B. Available (Enabled)
C. Offline (Enabled)
D. Unknown (Disabled)
Answer: A

37.An LTM Specialist needs to apply SNAT using currently used SNAT pool to a new
virtual server.
What needs to be completed before applying that configuration change?
A. Review connection for the selected SNAT pool and enlarge it if appropriate
B. Make sure that the BIG-IP device is NOT operating under heavy load during peak
times
C. Verify that the IP address of the SNAT pool are in the same subnet as the pool
members
D. Verify that the IP address of the SNAT pool are in the same VLAN as the pool
members.
Answer: A
Explanation:
SNAT does not need to in the same vlan or same network segment as the pool
member, as long as the route is reachable, excluding C and D he connection
information of the SNAT pool to avoid port exhaustion under high concurrency

38.A virtual server is using a TCP profile based on the top-wan-optimized profile for a
streaming application Users report videos are loading slowly.
Which setting should be modified in the TCP profile to optimize the application?
A. Disable Slow Start
B. Disable Selective ACKs
C. Disable Nagle's Algorithm
D. Disable Reset on Timeout
Answer: A

39.An LTM device an application that requires all connections to be secured via SSL
The device must verify that request contain a specific cookie before allowing the
request to be sent to the pool member.
Which virtual server type should an LTM Specialist configure on the LTM device?
A. Stateless
B. Performance (HTTP)
C. Standard
D. Performance (Layer 4)
E. Forwarding (IP)
Answer: C

40.TWO LTM devices are in the same Device Group and configured for Ac
live/Standby Failover. The LTM Specialist observes that the HA Active and Standby
device constantly changes state. All network links use the default route domain A
dedicated fiber ink is used for the HA connection with a latency of 250 ms but no
packet loss.
What is causing the change in failover state to occur?
A. The HA network is using the default routing domain.
B. The HA network is using multicast IP.
C. The HA network is not configured for mirroring.
D. The HA network latency is too high.
Answer: B

41.A new web application is being deployed Mutual SSL authentication must be used
to authenticate clients.
Which of the following two tasks must be completed to meet the requirements?
(Choose two)
A. configure the server SSL profile with "Client Certificate" Set to require
B. configure the client SSL profile with "Client Certificate" set to require
C. instruct the desktop team to update the web browser to the most recent release
D. generate a CSR to register a certificate with the CA
E. configure the client SSL profile with the Trusted .Certificate Authorities
Answer: B,E

42.An TLM Specialist needs to configure a virtual server to terminate SSL connection
on the LTM device.
Cryptographic information must be re-authorized for SSL sessions that remain open
for longer than 30 seconds.
Which settings should the LTM Specialist configure in the client SSL profile?
A. set the Handshake Timeout to 30 seconds
B. enable Require Peer SN1 Support
C. set the Renegotiate Period to 30 seconds
D. set the Renegotiate Max Record Delay to 30
Answer: C

43.An LTM Specialist observes decreased performance and intermittent connection

reap LTM system.
Based on the configuration, which action will address these issues?
A. Use an optimized TCP profile.
B. Use a FastL4 profile on the virtual server
C. Use a default caching profile on the virtual server.
D. Use a shorter idle timeout on the TCP profile.
Answer: D

44.An LTM Specialist needs to provide access to a 8BG-IP to device for a company's
support person access to the BIG IP device, but are NOT allowed to change any
settings All support the support remote access to the BIG-IP device, but are NOT
allowed to change ant settings. All support have accounts in the company's Active
Directory
Which method is appropriate to provide access for the support personnel to the BIG-
JP device?
A. configure remote authentication for all users with a default user role of Guest
B. configure remote authentication and map support personnel users to the Guest
user role
C. configure remote authentication and map support personnel users to the Operator
user role
D. configure remote authentication for all users with a default user role of Operator
Answer: B
GET FULL VERSION OF 301a DUMPS