Month End Special 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: sale65best

Ace the F5 301b Exam: Ultimate Preparation Guide

Questions 21

A customer needs to intercept all of the redirects its application is sending to clients. When a redirect is matched, the customer needs to log a message including the client IP address.

Which iRule should be used?

Options:
A.

when HTTP_RESPONSE {

if { [HTTP::is_3xx] } {

log local0. "redirecting client ip address [IP::addr [IP::remote_addr]]"

}

}

B.

when HTTP_REQUEST {

if { [HTTP::is_301] } {

log local0. "redirecting client ip address [IP::addr [IP::remote_addr]]"

}

}

C.

when HTTP_REQUEST {

if { [HTTP::is_redirect] } {

log local0. "redirecting client ip address [IP::addr [IP::remote_addr]]"

}

}

D.

when HTTP_RESPONSE {

if { [HTTP::is_redirect] } {

log local0. "redirecting client ip address [IP::addr [IP::remote_addr]]"

}

}

F5 301b Premium Access
Questions 22

An LTM Specialist is troubleshooting an issue with a new virtual server. When connecting through the virtual server, clients receive the message "Unable to connect" in the browser, although connections directly to the pool member show the application is functioning correctly. The LTM device configuration is:

ltm virtual /Common/vs_https {

destination /Common/10.10.1.110:443

ip-protocol udp

mask 255.255.255.255

pool /Common/pool_https

profiles {

/Common/udp { }

}

translate-address enabled

translate-port enabled

vlans-disabled

}

ltm pool /Common/pool_https {

members {

/Common/172.16.20.1:443 {

address 172.16.20.1

}

}

}

What issue is the LTM Specialist experiencing?

Options:
A.

The virtual server is disabled on all VLANs.

B.

The pool member is marked down by a monitor.

C.

The pool member is marked down administratively.

D.

The virtual server is configured for the incorrect protocol.

Questions 23

-- Exhibit –

301b Question 23

-- Exhibit --

Refer to the exhibit.

An LTM Specialist creates a virtual server to load balance traffic to a pool of HTTPS servers. The servers use client certificates for user authentication. The virtual server has clientssl, serverssl, and http profiles enabled. Clients are unable to connect to the application through the virtual server, but they are able to connect to the application servers directly.

Which change to the LTM device configuration will resolve the problem?

Options:
A.

Install the server certificate/key and enable Proxy SSL.

B.

Use the serverssl-insecure-compatible serverssl profile.

C.

Configure the clientssl profile to require a client certificate.

D.

Install the client's issuing Certificate Authority certificate on the LTM device.

Questions 24

Which iRule statement demotes a virtual server from CMP?

Options:
A.

set ::foo 123

B.

set static::foo 123

C.

persist source_addr 1800

D.

[ class match $HTTP_CONTENT contains my_data_class ]

Questions 25

These log entries can have different root causes:

Jun 28 05:01:21 LTM_A notice mcpd[27545]: 0107143a:5: CMI reconnect timer: enabled

Jun 28 05:01:21 LTM_A notice mcpd[27545]: 01071431:5: Attempting to connect to CMI peer 1.1.1.2 port 6699

Jun 28 05:01:21 LTM_A notice mcpd[27545]: 01071432:5: CMI peer connection established to 1.1.1.2 port 6699

Jun 28 05:01:26 LTM_A notice mcpd[27545]: 0107143a:5: CMI reconnect timer: disabled, all peers are connected

Which two commands should be used to obtain additional information on these entries? (Choose two.)

Options:
A.

tmsh show /sys mcpd

B.

bigstart status mcpd

C.

tmsh modify /sys db log.mcpd.level value debug

D.

tmsh modify /sys db log.cmi.level value debug

Questions 26

An LTM Specialist has just manually failed the active LTM device over to the standby LTM device. The LTM Specialist notices the newly active LTM device is NOT currently receiving traffic. The LTM Specialist verifies the newly active device is responding to ARP but still no traffic is hitting the virtual servers. The LTM Specialist also notices that the virtual servers eventually start responding.

What should be added to the configuration to resolve the problem?

Options:
A.

vlan failsafe

B.

floating self IP

C.

network failover

D.

MAC masquerading

E.

connection mirroring

Questions 27

A OneConnect profile is applied to a virtual server. The LTM Specialist would like the client source IP addresses within the 10.10.10.0/25 range to reuse an existing server side connection.

Which OneConnect profile source mask should the LTM Specialist use?

Options:
A.

0.0.0.0

B.

255.255.255.0

C.

255.255.255.128

D.

255.255.255.224

E.

255.255.255.255

Questions 28

There are three servers in the pool: 172.16.20.1, 172.16.20.2, and 172.16.20.3, with the virtual IP address 10.0.20.88.

A user CANNOT connect to an HTTP application. To understand the problem and find a solution, the LTM Specialist runs two concurrent traces on the LTM device, with the following results:

Trace on client side:

tcpdump: verbose output suppressed, use -v or -vv for full protocol decode

listening on 0.0, link-type EN10MB (Ethernet), capture size 96 bytes

22:22:07.423759 IP 172.16.20.100.53875 > 10.0.20.88.80: S 998346084:998346084(0) win 5840

22:22:07.424056 IP 10.0.20.88.80 > 172.16.20.100.53875: S 4671780:4671780(0) ack 998346085 win 4380

22:22:07.424776 IP 172.16.20.100.53875 > 10.0.20.88.80: . ack 1 win 365 <nop,nop,timestamp 67942058 2392362490>

22:22:07.424790 IP 172.16.20.100.53875 > 10.0.20.88.80: P 1:149(148) ack 1 win 365 <nop,nop,timestamp 67942058 2392362490>

22:22:07.424891 IP 10.0.20.88.80 > 172.16.20.100.53875: . ack 149 win 4528 <nop,nop,timestamp 2392362491 67942058>

22:22:12.024850 IP 10.0.20.88.80 > 172.16.20.100.53875: R 1:1(0) ack 149 win 4528

6 packets captured

6 packets received by filter

0 packets dropped by kernel

Trace on server side:

tcpdump: verbose output suppressed, use -v or -vv for full protocol decode

listening on internal, link-type EN10MB (Ethernet), capture size 96 bytes

22:22:07.424881 IP 172.16.20.100.53875 > 172.16.20.2.80: S 51116678:51116678(0) win 4380

22:22:08.424893 IP 172.16.20.100.53875 > 172.16.20.2.80: S 51116678:51116678(0) win 4380 <mss 1460,nop,wscale 0,nop,nop,timestamp 2392363491 0,sackOK,eol>

22:22:09.625082 IP 172.16.20.100.53875 > 172.16.20.2.80: S 51116678:51116678(0) win 4380 <mss 1460,nop,wscale 0,nop,nop,timestamp 2392364691 0,sackOK,eol>

22:22:10.825194 IP 172.16.20.100.53875 > 172.16.20.2.80: S 51116678:51116678(0) win 4380 <mss 1460,sackOK,eol>

4 packets captured

4 packets received by filter

0 packets dropped by kernel

What should the LTM Specialist do to solve the problem?

Options:
A.

Edit the packet filter rules.

B.

Modify the monitor of the pool.

C.

Enable the virtual server.

D.

Configure the virtual server to use SNAT.

Questions 29

An LTM Specialist receives a request to monitor the network path through a member, but NOT the member itself.

Which monitor option should the LTM Specialist enable or configure?

Options:
A.

Reverse

B.

Up interval

C.

Transparent

D.

Alias address

E.

Time until up

Questions 30

An LTM Specialist is customizing local traffic logging.

Which traffic management OS alert level provides the most detail?

Options:
A.

Alert

B.

Notice

C.

Critical

D.

Emergency

E.

Informational

Exam Code: 301b
Certification Provider: F5
Exam Name: LTM Specialist: Maintain & Troubleshoot
Last Update: Jan 24, 2025
Questions: 209