Question No. 1

-- Exhibit --

Refer to the exhibit.

A user is unable to access an HTTP application via a virtual server.

What is the cause of the failure?

AThe host header requires a host name.

BThe virtual server is in the disabled state.

CThe Connection: Keep-Alive header is set.

DThere is no pool member available to service the request.

Show Answer

Correct Answer: D

Question No. 2

An LTM Specialist sees these entries in /var/log/ltm:

Oct 25 03:34:31 tmm warning tmm[7150]: 01260017:4: Connection attempt to insecure SSL server (see RFC5746) aborteD. 172.16.20.1:443

Oct 25 03:34:32 tmm warning tmm[7150]: 01260017:4: Connection attempt to insecure SSL server (see RFC5746) aborteD. 172.16.20.1:443

Oct 25 03:34:33 tmm warning tmm[7150]: 01260017:4: Connection attempt to insecure SSL server (see RFC5746) aborteD. 172.16.20.1:443

Assume 172.16.20.0/24 is attached to the VLAN "internal."

What should the LTM Specialist use to troubleshoot this issue?

Acurl -d - -k https://172.16.20.1

Bssldump -i internal host 172.16.20.1

Ctcpdump -i internal host 172.16.20.1 > /shared/ssl.pcap
ssldump < /shared/ssl.pcap

Dtcpdump -s 64 -i internal -w /shared/ssl.pcap host 172.16.20.1
ssldump -r /shared/ssl.pcap

Show Answer

Correct Answer: B

Question No. 3

A web application requires knowledge of the client's true IP address for logging and analysis purposes. Instances of the application that can decode X-Forwarded-For HTTP headers reside in pool_a, while pool_b instances assume the source IP is the true address of the client.

Which iRule provides the proper functionality?

Awhen HTTP_DATA {
if {[HTTP::header exists X-Forwarded-For]}{
pool pool_a
} else {
pool pool_b
}
}

Bwhen HTTP_RESPONSE {
if {[HTTP::header exists X-Forwarded-For]}{
pool pool_a
} else {
pool pool_b
}
}

Cwhen HTTP_REQUEST {
if {[HTTP::header exists X-Forwarded-For]}{
pool pool_a
} else {
pool pool_b
}
}

Dwhen HTTP_OPEN {
if {[HTTP::header exists X-Forwarded-For]}{
pool pool_a
} else {
pool pool_b
}
}

Show Answer

Correct Answer: C

Question No. 4

-- Exhibit --

Refer to the exhibit.

A client attempts to connect from a Google Chrome browser to a virtual server on a BIG-IP LTM. The virtual server is SSL Offloaded. When the client connects, the client receives an SSL error. The client receives the same errors when trying Mozilla Firefox and Internet Explorer browsers.

The LTM Specialist does an ssldump on the virtual server and receives the results as per the exhibit.

How should this be resolved?

ASet the virtual server to listen on port 443 (HTTPS).

BUpgrade the client to support the appropriate SSL cipher suite.

CSelect the appropriate 'SSL Profile (Client)' in the virtual server settings.

DAdjust the SSL key length in the SSL profile to match the minimum required by the client.

Show Answer

Correct Answer: C

Question No. 5

-- Exhibit --

Refer to the exhibit.

A client attempts to connect from a Google Chrome browser to a virtual server on a BIG-IP LTM. The virtual server is SSL Offloaded. When the client connects, the client receives an SSL error. After trying Mozilla Firefox and Internet Explorer browsers, the client still receives the same errors.

The LTM Specialist does an ssldump on the virtual server and receives the results as per the exhibit.

What is the problem?

AThe SSL key length is incorrect.

BThe BIG-IP LTM is NOT serving a certificate.

CThe BIG-IP LTM is NOT listening on port 443.

DThe client needs to be upgraded to the appropriate cipher-suite.

Show Answer

Correct Answer: B

Free F5 Networks 301b Exam Actual Questions

The questions for 301b were last updated On Dec 20, 2024