Pre-Summer Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: validbest

Discussions
  1. Home
  2. F5
  3. BIG-IP ASM
  4. 303
  5. BIG-IP ASM Specialist Questions and Answers

Pass the F5 BIG-IP ASM 303 Questions and answers with ValidTests

Exam 303 All Questions
Exam 303 Premium Access

View all detail and faqs for the 303 exam

Go to Exam
Viewing page 10 out of 11 pages
Viewing questions 136-150 out of questions
Questions # 136:

Refer to the exhibit

The network team creates a new VLAN on the switches. The BIG-IP Administrator needs to create a

configuration on the BIG-IP device. The BIG-IP Administrator creates a new VLAN and Self IP, but the

servers on the new VLAN are NOT reachable from the BIG-IP device.

Which action should the BIG-IP Administrators to resolve this issue?

Options:

A.

Set Port Lockdown of Set IP to Allow All

B.

Change Auto Last Hop to enabled

C.

Assign a physical interface to the new VLAN

D.

Create a Floating Set IP Address

Expert Solution
Questions # 137:

For a given Virtual Server, the BIG-IP must perform SSL Offload and negotiate secure communication

overTLSvl.2only.

What should the BIG-IP Administrator do to meet this requirement?

Options:

A.

Configure a custom SSL Profile (Client) and select no TLSvl in the options list

B.

Configure a custom SSL Profile (Client) with a custom TLSV1.2 cipher string

C.

Configure a custom SSL Profile (Server) and select no TLSvl in the options list

D.

Configure a custom SSL Profile (Server) with a custom TLSV1.2 cipher string

Expert Solution
Questions # 138:

-- Exhibit –

Question # 138

Question # 138

-- Exhibit --

Refer to the exhibits.

An LTM Specialist is troubleshooting an issue with one of the virtual servers on an LTM device, and all requests are receiving errors. Testing directly against the server generates no errors. The LTM Specialist has captured the request and response on both client and server sides of the LTM device.

What should the LTM Specialist do to fix this issue?

Options:

A.

Remove "header-erase Host" in http profile.

B.

Configure SNAT Automap on the virtual server.

C.

Assign OneConnect profile to the virtual server.

D.

Set "redirect-rewrite" to "selective" in http profile.

Expert Solution
Questions # 139:

An LTM Specialist plans to enable connection mirroring for a virtualserver in an HA environment.

What must the LTM Specialist consider before implementing the configuration change?

Options:

A.

Impact on system performance that might be noticeable

B.

The add-on license that is required for this feature to be available

C.

Creating the required separate interface for connection mirroring

D.

Decreased number of possible concurrent connections to that virtual server

Expert Solution
Questions # 140:

-- Exhibit –

Question # 140

-- Exhibit --

Refer to the exhibit.

An LTM Specialist is troubleshooting an issue with a new virtual server. When connecting through the virtual server, clients receive the message "The connection was reset" in the browser. Connections directly to the pool member show the application is functioning correctly.

What is the issue?

Options:

A.

The pool member is failing the monitor check.

B.

The pool member default gateway is set incorrectly.

C.

The virtual server is configured with the incorrect SNAT address.

D.

The virtual server is processing encrypted traffic as plain-text HTTP.

Expert Solution
Questions # 141:

-- Exhibit –

Question # 141

-- Exhibit --

Refer to the exhibit.

An LTM Specialist is troubleshooting an issue with SSL and is receiving the error shown when connecting to the virtual server. When connecting directly to the pool member, clients do NOT receive this message, and the application functions correctly. The LTM Specialist exports the appropriate certificate and key from the pool member and imports them into the LTM device. The LTM Specialist then creates the Client SSL profile and associates it with the virtual server.

What is the issue?

Options:

A.

The SSL certificate and key have expired.

B.

The SSL certificate and key do NOT match.

C.

The client CANNOT verify the certification path.

D.

The common name on the SSL certificate does NOT match the hostname of the site.

Expert Solution
Questions # 142:

An LTM Specialist needs to gather website statistics such as latency and throughput on the existing virtual server. This virtual server loadBalances the backend web servers.

Which F5 feature will provide this?

Options:

A.

the Performance panel

B.

the AVR module

C.

the Dashboard

D.

the Statistics panel

Expert Solution
Questions # 143:

An HA pair of LTM devices that load balance multiple HTTPS applications utilizes highly customized RAM Cache and compression profiles on each virtual server. The LTM Specialist who is administering the HA pair regularly observes entines in the log similar to the following:

tmm tmm I708S1 011e0002.4. sweeper_update: aggressive mode activated (117504/138240 pages)

No DoS attacks arc occurring. No user problems have been reported. Which step should the LTM Specialist take to help mitigate the issue?

Options:

A.

change the Adaptive Reaping High watermark

B.

change the Adaptive Reaping Low watermark

C.

allocate less memory to the RAM cache feature

D.

use a OneConnect profile

Expert Solution
Questions # 144:

A BIG-IP Administrator remotely connects to the appliance via out-of-band management using https://mybigip mycompany net. The management portal has been working all week. When the administrator attempts to login today, the connection times out. Which two aspects should the administrator verify? (Choose two)

Options:

A.

DNS is property resolving the FQDN of the device.

B.

The device is NOT redirecting them to http.

C.

The administrator has the latest version of the web browser.

D.

Packet Filters on the device are blocking port 80.

E.

The administrator has TCP connectivity to the device.

Expert Solution
Questions # 145:

Refer to the exhibit

Question # 145

Given the bigip conf extract shown where the servers only talk http on port 80, which node will receive thenext user request?

Options:

A.

72.10.1.1

B.

10.1.1.1

C.

10.1.1.2 0

D.

10.1.1.3

Expert Solution
Questions # 146:

-- Exhibit –

Question # 146

-- Exhibit --

Refer to the exhibit.

An LTM Specialist has created a virtual server to load balance traffic to a pool of HTTPS servers. The servers use client certificates for user authentication. The virtual server has clientssl, serverssl, and http profiles enabled. Clients are unable to connect to the application through the virtual server. Clients are able to connect to the application servers directly.

What is the root cause of the problem?

Options:

A.

The application server does NOT support 2048-bit keys.

B.

The clientssl profile is NOT set to require a client certificate.

C.

The LTM device does NOT trust the issuing CA of the client certificate.

D.

The application server does NOT see the client certificate due to SSL offload.

Expert Solution
Questions # 147:

An LTM Specialist has trouble with SNMP traps in the management network The ITM Specialist takes the network capture shown to troubleshoot:

Question # 147

Whatshould the UM Specialist change to capture packets related to this workflow?

Options:

A.

the interface

B.

the tcpdump filter expression

C.

the verbose level

D.

the port

Expert Solution
Questions # 148:

An LTM Specialist connects to an LTM device via the serial console cable and receives unreadable output. The LTM Specialist is using the appropriate cable and connecting it to the correct serial port.

Which command should the LTM Specialist run through ssh to verify that the baud rate settings for the serial port are correct on the LTM device?

Options:

A.

tmsh list /sys console

B.

tmsh edit /sys console

C.

tmsh show /sys console

D.

tmsh show /ltm console

Expert Solution
Questions # 149:

An application is being load balanced through the LTM device using the configuration displayed below.

The network has been re-engineered to NAT all client connection. As a result, allclient connections are hitting the same pool member.

Question # 149

Question # 149

Which changes should the LTM Specialist make in order to restore load balancing functionality wile maintaining session persistence?

Options:

A.

Change the virtual server type to Standard, add an httpprofile, and change the persistence profile to Destination Address

B.

Leave the virtual server type set Performance (Layer 4) and change the persistence type to hash

C.

Change the virtual serer type to Forwarding (Layer 4) and leave the persistence type tohash source Address

D.

Change the virtual server to Standard add an http profile, and change the persistence profile to Cookie persistence

Expert Solution
Questions # 150:

Given LTM device ltm log:

Sep 26 20:51:08 local/lb-d-1 notice promptstatusd[3695]: 01460006:5: semaphore mcpd.running(1) held

Sep 26 20:51:08 local/lb-d-1 notice promptstatusd[3695]: 01460006:5:

Sep 26 20:51:08 local/lb-d-1 warning promptstatusd[3695]: 01460005:4: mcpd.running(1) held, wait for mcpd

Sep 26 20:51:08 local/lb-d-1 info sod[3925]: 010c0009:6: Lost connection to mcpd - reestablishing.

Sep 26 20:51:08 local/lb-d-1 err bcm56xxd[3847]: 012c0004:3: Lost connection with MCP: 16908291 ... Exiting bsx_connect.cpp(174)

Sep 26 20:51:08 local/lb-d-1 info bcm56xxd[3847]: 012c0012:6: MCP Exit Status

Sep 26 20:51:08 local/lb-d-1 info bcm56xxd[3847]: 012c0012:6: Info: LACP stats (time now:1348717868) : no traffic

Sep 26 20:51:08 local/lb-d-1 info bcm56xxd[3847]: 012c0014:6: Exiting...

Sep 26 20:51:08 local/lb-d-1 err lind[3842]: 013c0004:3: IO error on recv from mcpd - connection lost

Sep 26 20:51:08 local/lb-d-1 notice bigd[3837]: 01060110:5: Lost connection to mcpd with error 16908291, will reinit connection.

Sep 26 20:51:08 local/lb-d-1 err statsd[3857]: 011b0004:3: Initial subscription for system configuration failed with error ''

Sep 26 20:51:08 local/lb-d-1 err statsd[3857]: 011b0001:3: Connection to mcpd failed with error '011b0004:3: Initial subscription for system configuration failed with error '''

Sep 26 20:51:08 local/lb-d-1 err csyncd[3851]: 013b0004:3: IO error on recv from mcpd - connection lost

.............skipping more logs.....

Sep 26 20:51:30 local/lb-d-1 notice sod[3925]: 01140030:5: HA proc_running bcm56xxd is now responding.

Sep 26 20:51:34 local/lb-d-1 notice sod[3925]: 01140030:5: HA proc_running mcpd is now responding.

Sep 26 20:51:34 local/lb-d-1 notice sod[3925]: 010c0018:5: Standby

Which daemon failed?

Options:

A.

promptstatusd

B.

mcpd

C.

sod

D.

bcm56xxd

E.

lind

Expert Solution
Viewing page 10 out of 11 pages
Viewing questions 136-150 out of questions