Enhance your career with 303 PDF Dumps - True F5 Exam Questions
New (2023) Download free 303 PDF for F5 Practice Tests
NEW QUESTION 236
The BIG-IP Administrator configures an HTTP monitor with a specific receive string. The status is marked
'down'.
Which tool should the administrator use to identify the problem?
- A. Health
- B. tcpdump
- C. Ping
- D. ifconfig
Answer: B
NEW QUESTION 237
A 8IG-IP Administrator configures a node with a standard icmp Health Monitor. The Node shows as DOWN although the Backend Server is configured to answer ICMP requests. Which step should the administrator take next to find the root cause of this issue?
- A. Run a curl Run a qkview
- B. Runatcpdump
- C. Runanssldump
- D. Run a qkview
Answer: B
NEW QUESTION 238
An LTM Specialist configured a virtual server to load balance a custom application. The application works when it is tested from within the firewall but it fails when tested externally. The pool member address is
192.168.200.10:80. A capture from an external client shows:
GET /index.jsp HTTP/1.1
Host: 207.206.201.100
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:15.0) Gecko/20100101 Firefox/15.0.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Connection: keep-alive HTTP/1.1 302 Found DatE. Wed, 17 Oct 2012 23:09:55 GMT Server: Apache/2.2.15 (CentOS) Location:
http://192.168.200.10/user/home.jsp
Content-LengtH. 304
Connection: close
What is the solution to this issue?
- A. Configure a content filter on the backend web server.
- B. Add a Web Acceleration Profile to the virtual server.
- C. Configure redirect rewrite option in the HTTP profile.
- D. Assign a SNAT pool to the virtual server.
Answer: C
NEW QUESTION 239
While investigating the cause of a device failover, an LTM Specialist discovers the following events in
/var/log/ltm:
01010029:5: Clock advanced by 518 ticks
01010029:5: Clock advanced by 505 ticks
01010029:5: Clock advanced by 590 ticks
01010029:5: Clock advanced by 568 ticks
01010029:5: Clock advanced by 1681 ticks
01010029:5: Clock advanced by 6584 ticks
01140029:5: HA daemon_heartbeat tmm fails action is failover and restart.
010c0026:5: Failover condition, active attempting to go standby.
Which issue caused the failover?
- A. VLAN Fail-safe heartbeats
- B. HA missing heartbeat packets
- C. NTP being out of sync
- D. TMM being descheduled
Answer: D
NEW QUESTION 240
An LTM Specialist has detected that a brute force login attack is occurring against the SSH service via a BIG-IP management interface. Login attempts are occurring from many IPs within the internal company network. BIG-IP SSH access restrictions are in place as follows:
The LTM Specialist has determined that SSH access should only occur from the 192.168.1.0/24 and
172.16.254.0/23 networks.
Whichtmsh command should the LTM Specialist use to permit access from the desired networks only?
- A. modify/sys allow replace-all-with {''192.168.1.00/24'', ''192.16.254.0/23''}
- B. modify /sys sshd login disable (''10.0.00/8'', ''172 16.0 0/12'', ''192. 168.0.0/16'')
- C. modify.sys sshd allow add {''192.168. 10/24 , '' ''172. 16 2540/23'')
- D. modify/sys sshd login enable {''192.166.10/24'''' ''172.16 254 0/23
Answer: A
Explanation:
Explanation
Select C to overwrite the existing network's allow configuration over the specified network segment.
NEW QUESTION 241
An LTM device is load balancing telnet and ssh applications in a client/server environment experiencing significant packet delay.
Which setting in the TCP profile should reduce the amount of packet delay?
- A. enable Proxy Maximum Segment
- B. disable Nagle's Algorithm
- C. increase Maximum Segment Retransmissions
- D. disable Bandwidth Delay
Answer: B
NEW QUESTION 242
Traffic to a pool of SFTP servers that share storage must be balanced by an LTM device.
What are therequired profile and persistence settings for a standard virtual server?
- A. tcp - no persistence profile will be used
- B. tcp, ftp - Source address persistence
- C. tcp, ctientsst, ftp serverssl persistence
- D. tcp, clientssl, serverssl persistence
Answer: B
NEW QUESTION 243
-- Exhibit -
-- Exhibit --
Refer to the exhibits.
After upgrading LTM from v10 to v11, users are unable to connect to an application. The virtual server is using a client SSL profile for re-terminating SSL for payload inspection, but a server SSL profile is being used to re-encrypt the request.
A client side ssldump did NOT show any differences between the traffic going directly to the server and the traffic being processed by the LTM device. However, packet capture was done on the server, and differences were noted.
Which modification will allow the LTM device to process the traffic correctly?
- A. Change to different ciphers on the server SSL profile.
- B. Enable Strict Resume.
- C. Change Secure Renegotiation to "Request."
- D. Enable ProxySSL option in the server SSL profile.
Answer: C
NEW QUESTION 244 
A BIG-IP Administrator notices that one of the servers that runs an application is NOT receiving any traffic.
The BIG-IP Administrator examines the configuration status of the application and observes the displayed monitor configuration and affected Pool Member status. What is the possible cause of this issue?
- A. HTTP 1.1 is NOT appropriate for monitoring purposes.
- B. The Node Health Monitor is NOT responding.
- C. The BIG-IP device is NOT able to reach the Pool.
- D. The application is NOT responding with the expected Receive String.
Answer: B
NEW QUESTION 245
An ITM Specialist has the configuration shown:
The LTM Specialist needs to create a new virtual server in part B.
Which virtual address(es) should be used for the new virtual server?
- A. 10.90.0.1 and 10.100.0.1
- B. 10.120.0.1 only
- C. 10.90.0.1 and 10.12.0.1
- D. 10.100.0.1 and.10.120.0.1
Answer: D
NEW QUESTION 246
-- Exhibit -
-- Exhibit --
Refer to the exhibit.
A pair of LTM devices are configured for HA. The LTM Specialist observes from a capture that there is a successful connection from a client directly to a web server and an unsuccessful connection from a client via the LTM device to the same web server.
Which two solutions will solve the configuration problem? (Choose two.)
- A. Configure SNAT on the pool.
- B. Configure SNAT on the virtual server.
- C. Change server default gateway to point at LTM internal floating IP.
- D. Change server default gateway to point at LTM internal self IP.
Answer: B,C
NEW QUESTION 247
A BIG-IP Administrator finds the following log entry:
tnm tmm[7141]: 011e0002:4: sweeperjjpdate: aggressive mode activated.
Which action should the BIG-IP Administrator to mitigate this memory issue?
- A. increase the TCP profile ide Timeout value
- B. Configure the serve to use Connection Mirroring
- C. Decrease the TCP profile ide Timeout value
- D. Configure the redundant par to be active-active
Answer: B
NEW QUESTION 248
A 8IG-IP device is replaced with an RMA device. The BIG-IP Administrator renews the license and tries to restore the configuration from a previously generated UCS archive on the RMA device. The device configuration is NOT fully loading. What is causing the configuration load to fail?
- A. The Device Group is NOT configured for Full Sync.
- B. The US does NOT contain the full config
- C. The clock is NOT set correctly
- D. The Master Key is NOT restored
Answer: D
NEW QUESTION 249
A company plans to launch a huge marketing campaign and expects increase demand of their secure website.
With the current virtual server setup, the LTM Specialist expects that the LTM device will reach its capacity limits. For the wen application to function properly. Cookies persistence is required. The LTM Specialist needsto reduce LTM device load without breaking the application.
Which two settings should the LTM Specialist modify to meet the requirement? (Choose two.)
- A. Remove HTTP compression profile
- B. Remove HTTP profile
- C. Remove web acceleration profile.
- D. Modify virtual Server type to performance (Layer 4)
- E. Remove ClientSSL profile
Answer: A,C
Explanation:
Explanation
It is required that cookie persist must be used and http profile must be used, and SSL offloading must also be required. It must be in standard mode,excluding BD E.
NEW QUESTION 250
Refer of the exhibit.
The 816-IP Administrator runs the command shown and observes a device trust issue between BIG-IP devices in a device group. The issue prevents config sync on device bigip3.local.
What is preventing the config sync?
- A. Both devices are standby
- B. Next Active Load factor is 0 on bigip1.local
- C. Next Active Load factor is 1 on bigip1.local
- D. Time Delta to local system is 12
Answer: B
Explanation:
Explanation
Option A should be bioip3.local?. if choose bigip3.local, you should choose A.
NEW QUESTION 251
A local user account (Users) on the BIG-IP device is assigned the User Manager role. Userl attempts to modify the properties of another account (User2), but the action fails. The BIG-IP Administrator can successfully modify the User2 account.
Assuming the principle of least privilege, what is the correct way to allow User 1 to modify User2 properties?
- A. Move User2 to the same partition as User1
- B. Grant User1 administrative privileges
- C. Modify the partition access for User 1
- D. Move User to the same partition as User2.
Answer: C
NEW QUESTION 252
In preparation for a maintenance task, an LTM Specialist performs a "Force to Standby" on LTM device Unit
1. LTM device Unit 2 becomes active as expected. The maintenance task requires the reboot of Unit 1. Shortly after the reboot is complete, the LTM Specialist discovers that Unit 1 has become active and Unit 2 has returned to standby.
What would cause this behavior?
- A. Unit 1 is set with the redundancy state preference of active in devices groups.
- B. Unit 1 is set with the redundancy state preference of active in high availability.
- C. A device group is configured with Auto Failback, and Unit 1 is the default device.
- D. A traffic group is configured with Auto Failback, and Unit 1 is the default device.
Answer: D
NEW QUESTION 253
......
100% Free 303 Files For passing the exam Quickly: https://testking.practicedump.com/303-exam-questions.html