clapgeek logo
An LI M device is experiencing a high volume of traffic. The virtual server is struggling under the load. The problem appears to be on the server side connections. The virtual server isaccepting connections . The virtual server is accepting connections on https and is configured with an SSL profile and http pool.
What should be added to increase the performance of the device?
A BIG-IP Administrator needs to purchase new licenses for a BIG-IP appliance.
The administrator needs to know if a module is licensed and the memory requirement for that module.
Where should the administrator view this information in the System menu?
An LTM Specialist is troubleshooting an issue with a new virtual server. When connecting through the virtual server, clients receive the message "Unable to connect" in the browser, although connections directly to the pool member show the application is functioning correctly. The LTM device configuration is:
ltm virtual /Common/vs_https {
destination /Common/10.10.1.110:443
ip-protocol udp
mask 255.255.255.255
pool /Common/pool_https
profiles {
/Common/udp { }
}
translate-address enabled
translate-port enabled
vlans-disabled
}
ltm pool /Common/pool_https {
members {
/Common/172.16.20.1:443 {
address 172.16.20.1
}
}
}
What issue is the LTM Specialist experiencing?
An LTM Specialist needs to provide access to a 8BG-IP to device for a company's support person access to the BIG IP device, but are NOT allowed to change any settings All support the support remote access to the BIG-IP device, but are NOTallowed to change ant settings. All support have accounts in the company's Active Directory
Which method is appropriate to provide access for the support personnel to the BIG-JP device?
A BIG-IP Administrator needs to apply a license to the BIG-IP system to increase the user count from the
base license.
Which steps should the BIG-IP Administrator?
An LTM Specialist configures an HTTP monitor as follows:
ltm monitor http stats_http_monitor {
defaults-from http
destination *:*
interval 5
recv "Health check: OK"
send "GET /stats/stats.html HTTP/1.1\\r\\nHost: www.example.com\\r\\nAccept-EncodinG. gzip, deflate\\r\\nConnection: close\\r\\n\\r\\n"
time-until-up 0
timeout 16
}
The monitor is marking all nodes as down. A trace of the HTTP conversation shows the following:
GET /stats/stats.html HTTP/1.1
Host: www.example.com
Accept-EncodinG. gzip, deflate
Connection: close
HTTP/1.1 401 Authorization Required
DatE. Tue, 23 Oct 2012 19:38:56 GMT
Server: Apache/2.2.15 (Unix)
WWW-AuthenticatE. Basic realm="Please enter your credentials"
Content-LengtH. 480
Connection: close
Content-TypE. text/html; charset=iso-8859-1
Which action will resolve the problem?
A BIG-IP Administrator must configure the BIG-IP device to send system log messages to a remote syslog server In addition, the log messages need to be sent over TCP for guaranteed delivery. What should the BIG-IP Administrator configure?
An HTTP 1.1 application utilizes chunking.
Which header should be used to notify the client's browser that there are additional HTTP headers at the end of the message?
An LTM Specialist is setting up a monitor for an HTTP 1.1 server. The response to a GET / is:
HTTP/1.1 302 Moved Temporarily
Location: http://www.example.com/new/location.html
Which send string settings should the LTM Specialist use to force a proper response?
A BIG-IP Administrator adds new Pool Members into an existing, highly utilized pool. Soon after, there are reports that the application is failing to load for some users. What pool level setting should the BIG-IP Administrator check?
An LTMSpecialist must reconfigure a BIG-IP LTM system that load balances traffic to web application servers. The application developer inform the LTM Specialist that TLS must be used to communicate
with the application servers.
Which additional profile isrequired as part of virtual server configuration?
Which two alerting capabilities can be enabled from within an application visibility reporting (AVR) analytics profile? (Choose two.)
The end users of a web application need to verify that their browsers received the complete message-body from the web server.
Which HTTP header will accomplish this?
-- Exhibit –
-- Exhibit --
Refer to the exhibit.
A web application is configured to allow sessions to continue even after a user computer is shut down for the night. A new LTM device is configured to load balance the web application to several servers. The application owner reports that application users are logged out of the web application whenever their browser is restarted or computer is rebooted.
What is the problem?
A BIG-IP Administrator remotely connects to the appliance via out-of-band management using https://mybigip mycompany net. The management portal has been working all week. When the administrator attempts to login today, the connection times out. Which two aspects should the administrator verify? (Choose two)
An LTM Specialist needs to configure a virtual server with the requirements displayed below.
Application is currently an internal HTTPapplication
Encrypted external user access
Links are hard for siteA example.com and need to rewritten to siteB.Example.com
Which profiles must the LTM Specialist use to provide the proper functionality?
A Client makes the request displayed below to the application server.
Which virtual server type should an LTM Specialist use to load balance based on the URI?
.A. Forwarding (Layer 2)
B. Stateless
C.Standard
D. Performance (Layer 4)
An TLM Specialist needs to configure a virtual server to terminate SSL connection on the LTM device.
Cryptographic information must be re-authorized for SSL sessions that remain open for longer than 30 seconds.
Which settings should the LTM Specialist configure in the client SSL profile?
An LTM device is deployed in a one-armed topology. The virtual server, clients, and web servers are connected on the LTM device internal VLAN. A client tries to connect to the virtual server and is unable to establish a connection. A packet capture from the LTM device internal VLAN shows that the HTTP request is being forwarded to the web server.
From which two additional locations should protocol analyzer data be collected? (Choose two.)
The BIG-IP Administrator needs to perform a BIG-IP device upgrade to the latest version of TMOS. Where can the administrator obtain F5 documentation on upgrade requirements?
An TLM Specialist has an Exchange that must use the LTM device to route traffic to the internet.
Which SNAT/NAT configure allows the Exchange server’s traffic access the internet through the LTM device?
A node is a member of various pools and hosts different web applications. If a web application is unavailable, the BIG-IP appliance needs to mark the pool member down for that application pool. What should a BIG-IP Administrator deploy at the pool level to accomplish this?
A OneConnect profile is applied to a virtual server. The LTM Specialist would like the client source IP addresses within the 10.10.10.0/25 range to reuse an existing server side connection.
Which OneConnect profile source mask should the LTM Specialist use?
-- Exhibit –
-- Exhibit --
Refer to the exhibit.
An HTTP monitor always marks the nodes in the pool as down. The monitor's definition and the HTTP headers from the monitor request and response are provided.
What is the issue?
An LTM Specialist notices the following error on the stdout console:
mcpd[2395]: 01070608:0: License is not operational(expired or digital signature does not match contents)
Which command should be executed to verify the LTM device license?
An LTM Specialist plans to enable connection mirroring for a virtualserver in an HA environment.
What must the LTM Specialist consider before implementing the configuration change?
-- Exhibit –
-- Exhibit --
Refer to the exhibits.
Every monitor has the same Send String, Recv String, and an Alias of *:*. The LTM Specialist simplifies the configuration to minimize the number of monitors.
How many unique monitors remain?
An HTTP monitor is created and assigned to a pool with the following non-default configuration:
Interval: 7 seconds
Timeout: 22 seconds
Reverse: Yes
Send String: GET/status.htmlHTTP/1.1/r/nHost:test.example.com/r/nConnector:Close Receive String: Up
The HTTP server sends the following response:
What is the resulting pool status?
What should the 816-IP Administrator provide when opening a new ticket with F5 Support?
-- Exhibit –
-- Exhibit --
Refer to the exhibit.
A user is unable to access an HTTP application via a virtual server.
What is the cause of the failure?
A BIG IP device delivers the online shopping website https://shop.example.com. Two pool members handle the traffic. An iRule directs requests with the hip parameter "environment=development" to a third pool member for a staging environment.
Which combination of profiles is needed at minimum?
A BIG-IP Administrator is receiving intermittent reports from users that SSL connections to the BIG-IP device are failing. Upon checking the log files, the BIG-IP Administrator notices the following error message:
ere tmm
After reviewing statistics, the BIG-IP Administrator notices there are a maximum of 1200 client-side SSL
TPS and a maximum of 800 server-side SSL TPS.
What is the minimum SSL license limit capacity the BIG-IP Administrator should upgrade to handle this
peak?
A BIG-IP Administrator plans to upgrade a BIG-IP device to the latest TMOS version.
Which two tools could the administrator leverage to verify known issues for the target versions?
(Choose two.)
These log entries can have different root causes:
Jun 28 05:01:21 LTM_A notice mcpd[27545]: 0107143a:5: CMI reconnect timer: enabled
Jun 28 05:01:21 LTM_A notice mcpd[27545]: 01071431:5: Attempting to connect to CMI peer 1.1.1.2 port 6699
Jun 28 05:01:21 LTM_A notice mcpd[27545]: 01071432:5: CMI peer connection established to 1.1.1.2 port 6699
Jun 28 05:01:26 LTM_A notice mcpd[27545]: 0107143a:5: CMI reconnect timer: disabled, all peers are connected
Which two commands should be used to obtain additional information on these entries? (Choose two.)
-- Exhibit –
-- Exhibit --
Refer to the exhibit.
An LTM Specialist is troubleshooting an issue with SSL and is receiving the error shown when connecting to the virtual server. When connecting directly to the pool member, clients do NOT receive this message, and the application functions correctly. The LTM Specialist exports the appropriate certificate and key from the pool member and imports them into the LTM device. The LTM Specialist then creates the Client SSL profile and associates it with the virtual server.
What is the issue?
An LTM Specialist needs to deploy a virtual server that will load balance traffic targeting https://register.example.com to a set of three web servers. Persistence needs to be ensured. No persistence mirroring is allowed SSL offloading is required.
A fourth web server with fewer resources will be used to handle requests from engine bots to https://register.example.comvrobots.txt by an iRule. The (Rule will use the HTTP_REQUEST event. .
What are the required profile and persistence settings to implement this
A BIG-IP Administrator creates an HTTP Virtual Server using an iApp template. After the Virtual Server is
created, the user requests to change the destination IP addresses. The BIG-IP Administrator tries to
change the destination IP address from 10.1.1.1 to 10.2.1.1 in Virtual Server settings, but receives the
following error:
The application service must be updated using an application management interface
What is causing this error?
-- Exhibit –
-- Exhibit --
Refer to the exhibit.
A pair of LTM devices are configured for HA. The LTM Specialist observes from a capture that there is a successful connection from a client directly to a web server and an unsuccessful connection from a client via the LTM device to the same web server.
Which two solutions will solve the configuration problem? (Choose two.)
An LTM device needs an additional traffic group.
Which configuration item is required?
-- Exhibit –
-- Exhibit --
Refer to the exhibit.
An LTM Specialist is troubleshooting a new HTTP monitor on a pool. The pool member is functioning correctly when accessed directly through a browser. However, the monitor is marking the member as down. The LTM Specialist captures the monitor traffic via tcpdump.
What is the issue?
A virtual server for a set of web services is constructed on an LTM device. The LTM Specialist has created an iRule and applied this iRule to the virtual server:
when HTTP_REQUEST {
switch [HTTP::uri] {
"/ws1/ws.jsp" {
log local0. "[HTTP::uri]-Redirected to JSP Pool"
pool JSP
}
default { log local0. "[HTTP::uri]-Redirected to Non-JSP Pool"
pool NonJSP
}
}
}
However, the iRule is NOT behaving as expected. Below is a snapshot of the log:
/WS1/ws.jsp-Redirected to JSP Pool
/WS1/ws.jsp-Redirected to JSP Pool
/WS1/ws.jsp-Redirected to JSP Pool
/WS1/WS.jsp-Redirected to Non-JSP Pool
/ws1/WS.jsp-Redirected to Non-JSP Pool
/WS1/ws.jsp-Redirected to JSP Pool
/ws1/ws.jsp-Redirected to Non-JSP Pool
What should the LTM Specialist do to resolve this?
TWO LTM devices are in the same Device Group and configured for Ac live/Standby Failover. The LTM Specialist observes that the HA Active and Standby device constantly changes state. All network links use the default route domain A dedicated fiber ink is used for the HA connection with a latency of 250 ms but no packet loss.
What is causing the change in failover state to occur?
Which two subsystems could the LTM Specialist utilize to access an LTM device with lost management interface connectivity? (Choose two.)
An LTM Specialistis configuring a new virtual server on an LTM device and assigning a SNAT pool that is already is use another virtual server. Both virtual servers use the same pool members to load balance traffic. A maximum of 35,000 users needs to be able to access each virtual server ta any time. The network architecture does NOT allow the backend servers to use the LTM device as a default gateway.
What is the minimum number of SNAT addresses required in the SNAT pool to meet the needs of the virtual servers?
Refer to the exhibit.
Which two pool members are eligible to receive new connections? (Choose two)
The 8IG-IP Administrator generates a qkview using "qkview -SO" and needs to transfer the output file via
SCP.
Which directory contains the output file?
An LTM HTTP pool has an associated monitor that sends a string equal to 'GET /test.html'.
Which two configurations could an LTM Specialist implement to allow server administrators to disable their pool member servers without logging into the LTM device? (Choose two.)
Refer to the exhibit.
The http monitor is applied to a pool. All members are enabled. One server responds as follows.
What is the resulting status of this poo! member?
An LTM Specialist is experiencing issues in a failover event. Certain long-lasting FTP event. Certain long-lasting FTP connections using a single node pool are forced to reconnect. The bigip.conf extract isshown:
What does the LTM Specialist need to change in the configuration to avoid this issue?
-- Exhibit –
-- Exhibit --
Refer to the exhibit.
An LTM Specialist is troubleshooting an HTTP monitor that is marking a pool member as down. Connecting to the pool member directly through a browser shows the application is up and functioning correctly.
ltm monitor http http_mon {
defaults-from http
destination *:*
interval 5
recv "200 OK"
send "GET /\\r\\n"
time-until-up 0
timeout 16
}
What is the issue?
A BIG-IP Administrator is unable to connect to the management interface via HTTPS. What is a possible reason for this issue?
-- Exhibit –
-- Exhibit --
Refer to the exhibits.
An LTM Specialist has configured a virtual server to distribute connections to a pool of application servers and to offload SSL processing. The application fails to work as expected when connecting to the virtual server. It does work when clients connect directly to the application. Two packet captures were taken at the application server.
What is the root cause of the problem?
During a maintenance window, an EUD test was executed and the output displayed on the screen. The BIG-IP Administrator did NOT save the screen output. The BIG-IP device is currently handling business critical traffic. The BIG-IP Administrator needs to minimize impact. What should the BIG-IP Administrator do to provide the EUD results to F5 Support?
A user is having issues with connectivity to an HTTPS virtual server. The virtual server is on the LTM device's external vlan, and the pools associated with the virtual server are on the internal vlan. An LTM Specialist does a tcpdump on the external interface and notices that the host header is incomplete.
In which location should the LTM Specialist put a traffic analyzer to gather the most pertinent data?
-- Exhibit –
-- Exhibit --
Refer to the exhibit.
An LTM Specialist is reviewing the virtual server configuration on an LTM device.
Which two actions should the LTM Specialist perform to minimize the virtual server configuration? (Choose two.)
An LTM device is monitoring three pool members. One pool member is being marked down.
What should the LTM Specialist enable to prevent the server from being flooded with connections once its monitor determines it is up?
A BIG-IP Administrator wants to add a new Self IP to the BIG-IP device. Which item should be assigned to the new Self IP being configured?
Refer to the exhibit.
An LTM Specialist has multiple SNAT and virtual server objects configured as in the bigip.conf shown.
The LTMSpecialist tests a connection from a client with. IP 172.163.31.11 to 192.168.0.100:80.
Which two objects will show an increase in Local Traffic statistics connections?
Where does a LTM Specialist view all of the objects that are part of a deployed iApp?
The network team introduces a new subnet 10.10.22.0/24 to the network. The route needs to be configured on the F5 device to access this network via the 30.30.30.158 gateway.
How should the LTM Specialist configure thisroute?
An LTM Specialist is removing some of the load off an existing cluster by adding a adding a third BIG-IP
device to the device group. The new device candeliver twice the performance of the other two devices.
The LTM Specialist needs to make sure that the BIG-IP device with the highest available capacity is
always selected to take over a traffic group in the event of a failover.
Which failover method is most appropriate?
Which command should the LTM Specialist use to determine the current system time?
DNS queries from two internal DNS servers are being load balanced to external DNS Servers via a Virtual
Server on a BIG-P device. The DNS queries originate from 192.168.101.100 and 192.168.101.200 and
target 192.168.21.50
All DNS queries destined for the external DNS Servers fail
Which property change should the BIG-IP Administrator make in the Virtual Server to resolve this issue?
-- Exhibit --
-- Exhibit --
Refer to the exhibit.
A company uses a complex piece of client software that connects to one or more virtual servers (VS) hosted on an LTM device. The client software is experiencing issues. An LTM Specialist must determine the cause of the problem. The LTM Specialist has the tcpdump extract. The client loses connection with the LTM device.
Where is the reset originating?
An LTM Specialist must perform a hot fix installation from the command line.
What is the correct procedure to ensure that the installation is successful?
A VLAN has the following objects configured:
Self-IP 10.10.10.100 with port lockdown set to Allow default
Virtual server 10.10.10.100:443 with UDP profile enabled
Virtual server 10.10.10.0/24 port forwarding virtual server
Global destination NAT forwarding 10.10.10.100 to internal server 172.168.10.100
Which object will process this request when https://10.10.10.100 is entered into a browser?
An LTM Specialist has just manually failed the active LTM device over to the standby LTM device. The LTM Specialist notices the newly active LTM device is NOT currently receiving traffic. The LTM Specialist verifies the newly active device is responding to ARP but still no traffic is hitting the virtual servers. The LTM Specialist also notices that the virtual servers eventually start responding.
What should be added to the configuration to resolve the problem?
While investigating the cause of a device failover, an LTM Specialist discovers the following events in /var/log/ltm:
01010029:5: Clock advanced by 518 ticks
01010029:5: Clock advanced by 505 ticks
01010029:5: Clock advanced by 590 ticks
01010029:5: Clock advanced by 568 ticks
01010029:5: Clock advanced by 1681 ticks
01010029:5: Clock advanced by 6584 ticks
01140029:5: HA daemon_heartbeat tmm fails action is failover and restart.
010c0026:5: Failover condition, active attempting to go standby.
Which issue caused the failover?
-- Exhibit –
-- Exhibit --
Refer to the exhibit.
An LTM Specialist is upgrading the LTM devices.
Which device should be upgraded first?
An LTM Specialist needs to use a set of addresses to access an Internet website in an outbound configuration.
Whichfeature should the LTM Specialist configure?
-- Exhibit –
-- Exhibit --
Refer to the exhibit.
An LTM Specialist configures a virtual server that balances HTTP connections to a pool of three application servers. Approximately one out of every three connections to the virtual server fails.
Which two actions will resolve the problem? (Choose two.)
When importing a PEM formatted SSL certificate, which text needs to appear first in the file?
The owner of a web application asks the 8IG-IP Administrator to change the port that the BIG-IP device sends traffic to. This change must be made for each member in the server pool named app_pool for their Virtual Server named app_vs. In which area of the BIG-IP Configuration Utility should the BIG-P Administrator make this change?
TESTED 24 Nov 2024
