0% found this document useful (0 votes)

1K views150 pages

PassLeader-F5-101-Exam-Dumps-560 Q&As

This document contains a vendor name, exam code, exam name, and version for an F5 Application Delivery Fundamentals exam. The exam code is 101 and the exam name is Application Delivery Fundamentals. The vendor is F5 and the version is 22.091.

Uploaded by

Vinee Pahuja

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PDF, TXT or read online on Scribd

0% found this document useful (0 votes)

1K views150 pages

PassLeader-F5-101-Exam-Dumps-560 Q&As

Uploaded by

Vinee Pahuja

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PDF, TXT or read online on Scribd

You are on page 1/ 150

Vendor: F5

Exam Code: 101

Exam Name: Application Delivery Fundamentals

Version: 22.091
QUESTION 1
Assume a client's traffic is being processed only by a NAT; no SNAT or virtual server processing
takes place. Also assume that the NAT definition specifies a NAT address and an origin address
while all other settings are left at their defaults. If the origin server were to initiate traffic via the BIG-
IP, what changes, if any, would take place when the BIG-IP processes such packets.

A. The BIG-IP would drop the request since the traffic didn arrive destined to the NAT address.
B. The source address would not change, but the destination address would be changed to the NAT
address.
C. The source address would be changed to the NAT address and destination address would be left
unchanged.
D. The source address would not change, but the destination address would be changed to a self-IP
of the BIG-IP.

Answer: C

QUESTION 2
A site wishes to perform source address translation on packets arriving from the Internet for clients
using some pools but not others. The determination is not based on the client's IP address, but on
the pool they are load balanced to. What could best accomplish this goal.

A. A SNAT for all addresses could be defined, and then disable the SNAT processing for select pools.
B. The decision to perform source address translation is always based on VLAN. Thus, the goal cannot
be achieved.
C. For each virtual server, regardless their default load balancing pools, association with SNAT pools
could vary dependent upon need.
D. The decision to perform source address translation is always based on a client's address (or
network). Thus, this goal cannot be achieved.

Answer: A

QUESTION 3
Which two statements are true about SNATs. (Choose two.)

A. SNATs are enabled on all VLANs, by default.

B. SNATs can be configured within a Profile definition.
C. SNATs can be configured within a Virtual Server definition.
D. SNAT's are enabled only on the VLAN where origin traffic arrives, by default

Answer: AC

QUESTION 4
What is the purpose of floating self-IP addresses?

A. to define an address that grants administrative access to either system at any time
B. to define an address that allows either system to initiate communication at any time
C. to define an address that allows network devices to route traffic via a single IP address
D. to define an address that gives network devices greater flexibility in choosing a path to forward traffic

Answer: C

Get Latest & Actual F5 101 Exam's Question and Answers from PassLeader. 2
https://www.passleader.com/
QUESTION 5
Which parameters are set to the same value when a pair of BIG-IP devices are synchronized.

A. host names
B. system clocks
C. profile definitions
D. VLAN failsafe settings
E. MAC masquerade addresses

Answer: C

QUESTION 6
Which two statements are true concerning the default communication between a redundant pair of
BIG-IP systems. (Choose two.)

A. Synchronization occurs via a TCP connection using ports 683 and 684.
B. Connection mirroring data is shared via a TCP connection using port 1028.
C. Persistence mirroring data is shared via a TCP connection using port 1028.
D. Connection mirroring data is shared through the serial failover cable unless network failover is enabled.

Answer: BC

QUESTION 7
Which two methods can be used to determine which BIG-IP is currently active. (Choose two.)

A. The bigtop command displays the status.

B. Only the active system's configuration screens are active.
C. The status (Active/Standby) is embedded in the command prompt.
D. The ifconfig a command displays the floating addresses on the active system.

Answer: AC

QUESTION 8
As a part of the Setup Utility, the administrator sets the host name for the BIG-IP.
What would be the result if the two systems in a redundant pair were set to the same host name.

A. Host names do not matter in redundant pair communication.

B. In a redundant pair, the two systems will always have the same host name. The parameter is
synchronized between the systems.
C. The first time the systems are synchronized the receiving system will be assigned the same self-IP
addresses as the source system.
D. When the administrator attempts to access the configuration utility using the host name, they will
always connect to the active system.

Answer: C

QUESTION 9

Get Latest & Actual F5 101 Exam's Question and Answers from PassLeader. 3
https://www.passleader.com/
When network failover is enabled, which of the following is true.

A. The failover cable status is ignored. Failover is determined by the network status only.
B. Either a network failure or loss of voltage across the failover cable will cause a failover.
C. A network failure will not cause a failover as long as there is a voltage across the failover cable.
D. The presence or absence of voltage over the failover cable takes precedence over network failover.

Answer: C

QUESTION 10
Where is connection mirroring configured.

A. It an option within a TCP profile.

B. It is an optional feature of each pool.
C. It is not configured; it is default behavior.
D. It is an optional feature of each virtual server.

Answer: D

QUESTION 11
Which statement is true regarding failover.

A. Hardware failover is disabled by default.

B. Hardware failover can be used in conjunction with network failover.
C. If the hardware failover cable is disconnected, both BIG-IP devices will always assume the active role.
D. By default, hardware failover detects voltage across the failover cable and monitors traffic across the
internal VLAN.

Answer: B

QUESTION 12
Where is persistence mirroring configured.

A. It is always enabled.
B. It is part of a pool definition.
C. It is part of a profile definition.
D. It is part of a virtual server definition.

Answer: C

QUESTION 13
Assume the bigd daemon fails on the active system. Which three are possible results. (Choose
three.)

A. The active system will restart the bigd daemon and continue in active mode.
B. The active system will restart the tmm daemon and continue in active mode.
C. The active system will reboot and the standby system will go into active mode.
D. The active system will failover and the standby system will go into active mode.

Get Latest & Actual F5 101 Exam's Question and Answers from PassLeader. 4
https://www.passleader.com/
E. The active system will continue in active mode but gather member and node state information from
the standby system.

Answer: ACD

QUESTION 14
What is the purpose of MAC masquerading.

A. to prevent ARP cache errors

B. to minimize ARP entries on routers
C. to minimize connection loss due to ARP cache refresh delays
D. to allow both BIG-IP devices to simultaneously use the same MAC address

Answer: C

QUESTION 15
Which process or system can be monitored by the BIG-IP system and used as a failover trigger in
a redundant pair configuration.

A. bandwidth utilization
B. duplicate IP address
C. CPU utilization percentage
D. VLAN communication ability

Answer: D

QUESTION 16
Assuming there are open connections through an active system's NAT and a failover occurs, by
default, what happens to those connections.

Get Latest & Actual F5 101 Exam's Question and Answers from PassLeader. 5
https://www.passleader.com/
A. All open connections will be lost.
B. All open connections will be maintained.
C. The "Mirror" option must be chosen on the NAT and the setting synchronized prior to the connection
establishment.
D. Longlived connections such as Telnet and FTP will be maintained while shortlived connections
such as HTTP will be lost.
E. All open connections are lost, but new connections are initiated by the newly active BIG-IP, resulting
in minimal client downtime.

Answer: B

QUESTION 17
A virtual server is defined per the charts. The last five client connections were to members C, D, A,
B, B . Given the conditions shown in the above graphic, if a client with IP address 205.12.45.52
opens a connection to the virtual server, which member will be used for the connection.

A. 172.16.20.1:80
B. 172.16.20.2:80
C. 172.16.20.3:80
D. 172.16.20.4:80
E. 172.16.20.5:80

Answer: D

QUESTION 18
Which statement is correct if a TOPbased monitor is assigned to an LTM System and an
HTTPbased monitor is assigned to one of that LTM System's Virtual Servers?

A. The Virtual Server status is based on the TCP monitor only.

B. The Virtual Server status is based on the HTTP monitor only.
C. GTM Systems do not allow monitors on both an LTM System and one of its Virtual Servers.

Get Latest & Actual F5 101 Exam's Question and Answers from PassLeader. 6
https://www.passleader.com/
D. The Virtual Server status is based on both the TOP and HTTP monitor; if either fails, the Virtual
Server is unavailable.
E. The Virtual Server status is based on both the TOP and HTTP monitor; if either succeeds, the
Virtual Server is available.

Answer: B

QUESTION 19
With standard DNS, assuming no DNS request failures, which process describes the normal
resolution process on a "first time" DNS request?

A. Client requests address from root server, root server returns IP address to Authoritative DNS,
Authoritative DNS returns requested IP address, LDNS returns requested IP address to client.
B. Client requests address from LDNS, LDNS requests from GTM, GTM requests from Authoritative
DNS, Authoritative DNS returns requested IP address, LDNS returns requested IP address to client.
C. Client requests address from LDNS, Authoritative DNS receives request from root server, root
server returns LDNS address, LDNS returns client address, Authoritative DNS returns requested
IP address, LDNS returns requested IP address to client.
D. Client requests address from LDNS, LDNS requests from root server, root server returns
Authoritative DNS address, LDNS requests from Authoritative DNS, Authoritative DNS returns
requested IP address, LDNS returns requested IP address to client.

Answer: D

QUESTION 20
What is the purpose of provisioning.

A. Provisioning allows modules that are not licensed to be fully tested.

B. Provisioning allows modules that are licensed be granted appropriate resource levels.
C. Provisioning allows the administrator to activate modules in nonstandard combinations.
D. Provisioning allows the administrator to see what modules are licensed, but no user action is ever
required.

Answer: B

QUESTION 21
Which three properties can be assigned to nodes. (Choose three.)

A. ratio values
B. priority values
C. health monitors
D. connection limits
E. loadbalancing mode

Answer: ACD

QUESTION 22
Where is the loadbalancing mode specified.

Get Latest & Actual F5 101 Exam's Question and Answers from PassLeader. 7
https://www.passleader.com/
A. within the pool definition
B. within the node definition
C. within the virtual server definition
D. within the pool member definition

Answer: A

QUESTION 23
Which statement accurately describes the difference between two loadbalancing modes specified
as "member" and "node".

A. There is no difference; the two terms are referenced for backward compatibility purposes.
B. When the loadbalancing choice references "node", priority group activation is unavailable.
C. Loadbalancing options referencing "nodes" are available only when the pool members are defined
for the "any" port.
D. When the loadbalancing choice references "node", the addresses' parameters are used to make
the loadbalancing choice rather than the member's parameters.

Answer: D

QUESTION 24
Which two can be a part of a virtual server's definition. (Choose two.)

A. rule(s)
B. pool(s)
C. monitor(s)
D. node address(es)
E. loadbalancing method(s)

Answer: AB

QUESTION 25
Assume a BIG-IP has no NATs or SNATs configured. Which two scenarios are possible when client
traffic arrives on a BIG-IP that is NOT destined to a self-IP. (Choose two.)

A. If the destination of the traffic does not match a virtual server, the traffic will be discarded.
B. If the destination of the traffic does not match a virtual server, the traffic will be forwarded based on
routing tables.
C. If the destination of the traffic matches a virtual server, the traffic will be processed per the virtual
server definition.If the destination of the traffic matches a virtual server, the traffic will be processed
per the virtual server. definition.
D. If the destination of the traffic matches a virtual server, the traffic will be forwarded, but it cannot be
loadbalanced since no SNAT has been configured.

Answer: AC

QUESTION 26
When configuring a pool member's monitor, which three association options are available.
(Choose three.)

Get Latest & Actual F5 101 Exam's Question and Answers from PassLeader. 8
https://www.passleader.com/
A. inherit the pool's monitor
B. inherit the node's monitor
C. configure a default monitor
D. assign a monitor to the specific member
E. do not assign any monitor to the specific member

Answer: ADE

QUESTION 27
The current status of a given pool member is nknown. Which condition could explain that state.
The current status of a given pool member is .nknown. Which condition could explain that state.

A. The member has no monitor assigned to it.

B. The member has a monitor assigned to it and the most recent monitor was successful.
C. The member has a monitor assigned to it and the monitor did not succeed during the most recent
timeout period.
D. The member's node has a monitor assigned to it and the monitor did not succeed during the most
recent timeout period.

Answer: A

QUESTION 28
The ICMP monitor has been assigned to all nodes. In addition, all pools have been assigned custom
monitors. If a pool .eb.is marked .vailable (green) which situation is sufficient to cause this.

A. All of the .eb.pool. member. nodes are responding to the ICMP monitor as expected.
B. Less than 50% of the .eb.pool. member. nodes responded to the ICMP echo request.
C. All of the members of the .eb.pool have had their content updated recently and their responses no
longer match the monitor. receive rule.
D. Over 25% of the .eb.pool. members have had their content updated and it no longer matches the
receive rule of the custom monitor.
The other respond as expected.The other. respond as expected.

Answer: D

QUESTION 29
Generally speaking, should the monitor templates be used as production monitors or should they
be customized prior to use.

A. Most templates, such as http and tcp, are as effective as customized monitors.
B. Monitor template customization is only a matter of preference, not an issue of effectiveness or
performance.
C. Most templates, such as https, should have the receive rule customized to make the monitor more
robust.
D. While some templates, such as ftp, must be customized, those that can be used without
modification are not improved by specific changes.

Answer: C

Get Latest & Actual F5 101 Exam's Question and Answers from PassLeader. 9
https://www.passleader.com/
QUESTION 30
You have a pool of servers that need to be tested. All of the servers but one should be tested every
10 seconds, but one is slower and should only be tested every 20 seconds. How do you proceed.

A. It cannot be done. All monitors test every five seconds.

B. It can be done, but will require assigning monitors to each pool member.
C. It cannot be done. All of the members of a pool must be tested at the same frequency.
D. It can be done by assigning one monitor to the pool and a different monitor to the slower pool
member.

Answer: D

QUESTION 31
When can a single virtual server be associated with multiple profiles.

A. Never. Each virtual server has a maximum of one profile.

B. Often. Profiles work on different layers and combining profiles is common.
C. Rarely. One combination, using both the TCP and HTTP profile does occur, but it is the exception.
D. Unlimited. Profiles can work together in any combination to ensure that all traffic types are
supported in a given virtual server.

Answer: B

QUESTION 32
A site needs a virtual server that will use an iRule to parse HTTPS traffic based on HTTP header
values. Which two profile types must be associated with such a virtual server. (Choose two.)

A. TCP
B. HTTP
C. HTTPS
D. ServerSSL

Answer: AB

QUESTION 33
You have created a custom profile named TEST2. The parent profile of TEST2 is named TEST1.
If additional changes are made to TEST1, what is the effect on TEST2.

A. All changes to TEST1 are propagated to TEST2.

B. Some of the changes to TEST1 may propagate to TEST2.
C. Changes to TEST1 cannot affect TEST2 once TEST2 is saved.
D. When TEST1 is changed, the administrator is prompted and can choose whether to propagate
changes to TEST2.

Answer: B

QUESTION 34
If a client's browser does not accept cookies, what occurs when the client connects to a virtual

Get Latest & Actual F5 101 Exam's Question and Answers from PassLeader. 10
https://www.passleader.com/
server using cookie persistence.

A. The connection request is not processed.

B. The connection request is sent to an pology.server.The connection request is sent to
an .pology.server.
C. The connection request is loadbalanced to an available pool member.
D. The connection request is refused and the client is sent a "server not available" message.

Answer: C

QUESTION 35
The incoming client IP address is 195.64.45.52 and the last five connections have been sent to
members A, C, E, D and B. The incoming client IP address is 195.64.45.52 and the last five
connections have been sent to members A, C, E, D and B. Given the virtual server, pool, and
persistence definitions and statistics shown in the above graphic, which member will be used for
the next connection.

A. 10.10.20.1:80
B. 10.10.20.2:80B.10.10.20.2:80
C. 10.10.20.3:80C.10.10.20.3:80

Get Latest & Actual F5 101 Exam's Question and Answers from PassLeader. 11
https://www.passleader.com/
D. 10.10.20.4:80D.10.10.20.4:80
E. 10.10.20.5:80E.10.10.20.5:80
F. It cannot be determined with the information given.

Answer: C

QUESTION 36
Which statement is true concerning cookie persistence.

A. Cookie persistence allows persistence independent of IP addresses.

B. Cookie persistence allows persistence even if the data are encrypted from client to pool member.
C. Cookie persistence uses a cookie that stores the virtual server, pool name, and member IP address
in clear text.
D. If a client's browser accepts cookies, cookie persistence will always cause a cookie to be written to
the client's file system.

Answer: A

QUESTION 37
How is persistence configured.

A. Persistence is an option within each pool's definition.

B. Persistence is a profile type; an appropriate profile is created and associated with virtual server.
C. Persistence is a global setting; once enabled, loadbalancing choices are superceded by the
persistence method that is specified.
D. Persistence is an option for each pool member. When a pool is defined, each member's definition
includes the option for persistence.

Answer: B

QUESTION 38
Assume a virtual server has a ServerSSL profile. What SSL certificates are required on the BIG-
IP.

A. No SSL certificates are required on the BIG-IP.

B. The BIG-IP's SSL certificates must only exist.
C. The BIG-IP's SSL certificates must be issued from a certificate authority.
D. The BIG-IP's SSL certificates must be created within the company hosting the BIG-IPs.

Answer: A

QUESTION 39
Assume a virtual server is configured with a ClientSSL profile. What would the result be if the virtual
server's destination port were not 443.

A. SSL termination could not be performed if the virtual server's port was not port 443.
B. Virtual servers with a ClientSSL profile are always configured with a destination port of 443.
C. As long as client traffic was directed to the alternate port, the virtual server would work as intended.
D. Since the virtual server is associated with a ClientSSL profile, it will always process traffic sent to

Get Latest & Actual F5 101 Exam's Question and Answers from PassLeader. 12
https://www.passleader.com/
port 443.

Answer: C

QUESTION 40
Which statement is true concerning SSL termination.

A. A virtual server that has both ClientSSL and ServerSSL profiles can still support cookie persistence.
B. Decrypting traffic at the BIG-IP allows the use of iRules for traffic management, but increases the
load on the pool member.
C. When any virtual server uses a ClientSSL profile, all SSL traffic sent to the BIG-IP is decrypted
before it is forwarded to servers.
D. If a virtual server has both a ClientSSL and ServerSSL profile, the pool members have less SSL
processing than if the virtual server had only a ClientSSL profile

Answer: A

QUESTION 41
A site wishes to perform source address translation on packets from some clients but not others.
The determination is not based on the client's IP address, but on the virtual servers their packets
arrive on. What could best accomplish this goal.

A. A SNAT for all addresses could be defined, and then disable the SNAT processing for select
VLANs.
B. Some virtual servers could be associated with SNAT pools and others not associated with SNAT
pools.
C. The decision to perform source address translation is always based on VLAN. Thus, the goal cannot
be achieved.
D. The decision to perform source address translation is always based on a client's address (or
network). Thus, this goal cannot be achieved.

Answer: B

QUESTION 42
Assume a client's traffic is being processed only by a NAT; no SNAT or virtual server processing
takes place. Also assume that the NAT definition specifies a NAT address and an origin address
while all other settings are left at their defaults. If a client were to initiate traffic to the NAT address,
what changes, if any, would take place when the BIG-IP processes such packets.

A. The source address would not change, but the destination address would be translated to the origin
address.
B. The destination address would not change, but the source address would be translated to the origin
address.
C. The source address would not change, but the destination address would be translated to the NAT's
address.
D. The destination address would not change, but the source address would be translated to the NAT's
address.

Answer: A

Get Latest & Actual F5 101 Exam's Question and Answers from PassLeader. 13
https://www.passleader.com/
QUESTION 43
A standard virtual server is defined with a pool and a SNAT using automap. All other settings for
the virtual server are at defaults. When client traffic is processed by the BIG-IP, what will occur to
the IP addresses.

A. Traffic initiated by the pool members will have the source address translated to a self-IP address
but the destination address will not be changed.
B. Traffic initiated to the virtual server will have the destination address translated to a pool member
address and the source addressTraffic initiated to the virtual server will have the destination
address translated to a pool member. address and the source address translated to a self-IP
address.
C. Traffic initiated by selected clients, based on their IP address, will have the source address
translated to a self-IP address but the destination will only be translated if the traffic is destined to
the virtual server.
D. Traffic initiated to the virtual server will have the destination address translated to a pool member
address and the source addressTraffic initiated to the virtual server will have the destination
address translated to a pool member. address and the source address translated to a self-IP
address. Traffic arriving destined to other destinations will have the source translated to a self-IP
address only.

Answer: B

QUESTION 44
Which VLANs must be enabled for a SNAT to perform as desired (translating only desired packets).

A. The SNAT must be enabled for all VLANs.

B. The SNAT must be enabled for the VLANs where desired packets leave the BIG-IP.
C. The SNAT must be enabled for the VLANs where desired packets arrive on the BIG-IP.
D. The SNAT must be enabled for the VLANs where desired packets arrive and leave the BIG-IP.

Answer: C

QUESTION 45
A BIG-IP has a virtual server at 150.150.10.10:80 with SNAT automap configured. This BIG-IP also
has a SNAT at 150.150.10.11 set for a source address range of 200.200.1.0 / 255.255.255.0. All
other settings are at their default states. If a client with the IP address 200.200.1.1 sends a request
to the virtual server, what is the source IP address when the associated packet is sent to the pool
member.

A. 200.200.1.1
B. 150.150.10.11
C. Floating self IP address on VLAN where the packet leaves the system
D. Floating self IP address on VLAN where the packet arrives on the system

Answer: C

QUESTION 46
Which IP address will the client address be changed to when SNAT automap is specified within a
Virtual Server configuration.

A. The floating self IP address on the VLAN where the packet leaves the system.

Get Latest & Actual F5 101 Exam's Question and Answers from PassLeader. 14
https://www.passleader.com/
B. The floating self IP address on the VLAN where the packet arrives on the system.
C. It will alternate between the floating and nonfloating self IP address on the VLAN where the packet
leaves the system so that port exhaustion is avoided.
D. It will alternate between the floating and nonfloating self IP address on the VLAN where the packet
arrives on the system so that port exhaustion is avoided.

Answer: A

QUESTION 47
A virtual server at 10.10.1.100:80 has the rule listed below applied. when HTTP_REQUEST { if
{[HTTP::uri] ends_with "htm" } { pool pool1 } elseif {[HTTP::uri] ends_with "xt" } { pool pool2 } If a
user connects to http://10.10.1.100/foo.txt which pool will receive the request.

A. pool1
B. pool2
C. None. The request will be dropped.
D. Unknown. The pool cannot be determined from the information provided.

Answer: B

QUESTION 48
Which statement is true concerning iRule events.

A. All iRule events relate to HTTP processes.

B. All client traffic has data that could be used to trigger iRule events.
C. All iRule events are appropriate at any point in the clientserver communication.
D. If an iRule references an event that doesn't occur during the client's communication, the client's
connection will be terminated prematurely.

Answer: B

QUESTION 49
Which three iRule events are likely to be seen in iRules designed to select a pool for load balancing.
(Choose 3)

A. CLIENT_DATA
B. SERVER_DATA
C. HTTP_REQUEST
D. HTTP_RESPONSE
E. CLIENT_ACCEPTED
F. SERVER_SELECTED
G. SERVER_CONNECTED

Answer: ACE

QUESTION 50
Which event is always triggered when a client initially connects to a virtual server configured with
an HTTP profile.

Get Latest & Actual F5 101 Exam's Question and Answers from PassLeader. 15
https://www.passleader.com/
A. HTTP_DATA
B. CLIENT_DATA
C. HTTP_REQUEST
D. CLIENT_ACCEPTED

Answer: D

QUESTION 51
A virtual server is listening at 10.10.1.100:80 and has the following iRule associated with it:
when HTTP_REQUEST { if {[HTTP::uri] ends_with "txt" } { pool pool1 } elseif {[HTTP::uri] ends_with
"php" } { pool pool2 } If a user connects to http://10.10.1.100/foo.html, which pool will receive the
request.

A. pool1
B. pool2
C. None. The request will be dropped.
D. Unknown. The pool cannot be determined from the information provided.

Answer: D

QUESTION 52
A virtual server is listening at 10.10.1.100:any and has the following iRule associated with it:
when CLIENT_ACCEPTED { if {[TCP::local_port] equals 80 } { pool pool1 } elseif {[TCP::local_port]
equals 443 } { pool pool2 } If a user connects to 10.10.1.100 and port 22, which pool will receive
the request.

A. pool1
B. pool2
C. None. The request will be dropped.
D. Unknown. The pool cannot be determined from the information provided.

Answer: D

QUESTION 53
Which statement is true about the synchronization process, as performed by the Configuration
Utility or by typing b config sync all.

A. The process should always be run from the standby system.

B. The process should always be run from the system with the latest configuration.
C. The two /config/BIG-IP.conf configuration files are synchronized (made identical) each time the
process is run.
D. Multiple files, including /config/BIG-IP.conf and /config/BIG-IP_base.conf, are synchronized (made
identical) each time the process is run.

Answer: C

QUESTION 54
Which statement is true concerning the default communication between a redundant pair of BIG-
IP devices.

Get Latest & Actual F5 101 Exam's Question and Answers from PassLeader. 16
https://www.passleader.com/
A. Communication between the systems cannot be effected by port lockdown settings.
B. Data for both connection and persistence mirroring are shared through the same TCP connection.
C. Regardless of the configuration, some data is communicated between the systems at regular
intervals.
D. Connection mirroring data is shared through the serial failover cable unless network failover is
enabled.

Answer: B

QUESTION 55
When upgrading a BIG-IP redundant pair, what happens when one system has been updated but
the other has not.

A. Synching should not be performed.

B. The first system to be updated will assume the Active role.
C. This is not possible since both systems are updated simultaneously.
D. The older system will issue SNMP traps indicating a communication error with the partner.

Answer: A

QUESTION 56
When using the setup utility to configure a redundant pair, you are asked to provide a "Failover
Peer IP". Which address is this.

A. an address of the other system in its management network

B. an address of the other system in a redundant pair configuration
C. an address on the current system used to listen for failover messages from the partner BIG-IP
D. an address on the current system used to initiate mirroring and network failover heartbeat
messages

Answer: B

QUESTION 57
Which two statements describe differences between the active and standby systems. (Choose two.)

A. Monitors are performed only by the active system.

B. Failover triggers only cause changes on the active system.
C. Virtual server addresses are hosted only by the active system.
D. Configuration changes can only be made on the active system.
E. Floating self-IP addresses are hosted only by the active system.

Answer: CE

QUESTION 58
Assuming other failover settings are at their default state, what would occur if the failover cable
were to be disconnected for five seconds and then reconnected.

A. As long as network communication is not lost, no change will occur.

Get Latest & Actual F5 101 Exam's Question and Answers from PassLeader. 17
https://www.passleader.com/
B. Nothing. Failover due to loss of voltage will not occur if the voltage is lost for less than ten seconds.
C. When the cable is disconnected, both systems will become active. When the voltage is restored,
unit two will revert to standby mode.
D. When the cable is disconnected, both systems will become active. When the voltage is restored,
both systems will maintain active mode.

Answer: C

QUESTION 59
Where is persistence mirroring configured.

A. It is always enabled.
B. It is part of a pool definition.
C. It is part of a profile definition.
D. It is part of a virtual server definition.

Answer: C

QUESTION 60
Given that VLAN failsafe is enabled on the external VLAN and the network that the active BIG-IP's
external VLAN is connected to has failed, which statement is always true about the results.

A. The active system will note the failure in the HA table.

B. The active system will reboot and the standby system will go into active mode.
C. The active system will failover and the standby system will go into active mode.
D. The active system will restart the traffic management module to eliminate the possibility that BIG-
IP is the cause for the network failure.

Answer: A

QUESTION 61
Where is connection mirroring configured.

A. It an option within a TCP profile.

B. It is an optional feature of each pool.
C. It is not configured; it is default behavior.
D. It is an optional feature of each virtual server.

Answer: D

QUESTION 62
Assuming there are open connections through an active system's virtual servers and a failover
occurs, by default, what happens to the connections.

A. All open connections are lost.

B. All open connections are maintained.
C. When persistence mirroring is enabled, open connections are maintained even if a failover occurs.
D. Longlived connections such as Telnet and FTP are maintained, but shortlived connections such as
HTTP are lost.

Get Latest & Actual F5 101 Exam's Question and Answers from PassLeader. 18
https://www.passleader.com/
E. All open connections are lost, but new connections are initiated by the newly active BIG-IP, resulting
in minimal client downtime.

Answer: A

QUESTION 63
How is MAC masquerading configured.

A. Specify the desired MAC address for each VLAN for which you want this feature enabled.
B. Specify the desired MAC address for each self-IP address for which you want this feature enabled.
C. Specify the desired MAC address for each VLAN on the active system and synchronize the
systems.
D. Specify the desired MAC address for each floating self-IP address for which you want this feature
enabled.

Answer: A

QUESTION 64
Which action will take place when a failover trigger is detected by the active system.

A. The active device will take the action specified for the failure.
B. The standby device also detects the failure and assumes the active role.
C. The active device will wait for all connections to terminate and then failover.
D. The standby device will begin processing virtual servers that have failed, but the active device will
continue servicing the functional virtual servers.

Answer: A

QUESTION 65
Assuming that systems are synchronized, which action could take place if the failover cable is
connected correctly and working properly, but the systems cannot communicate over the network
due to external network problems.

A. If network failover is enabled, the standby system will assume the active mode.
B. Whether or not network failover is enabled, the standby system will stay in standby mode.
C. Whether or not network failover is enabled, the standby system will assume the active mode.
D. If network failover is enabled, the standby system will go into active mode but only until the network
recovers.

Answer: B

QUESTION 66
A virtual server is defined per the charts. The last five client connections were to members C, D, A,
B, B . Given the conditions shown in the above graphic, if a client with IP address 205.12.45.52
opens a connection to the virtual server, which member will be used for the connection.

Get Latest & Actual F5 101 Exam's Question and Answers from PassLeader. 19
https://www.passleader.com/
A. 172.16.20.1:80
B. 172.16.20.2:80
C. 172.16.20.3:80
D. 172.16.20.4:80
E. 172.16.20.5:80

Answer: D

QUESTION 67
Which statement is true concerning iRule context?

A. The iRule event declaration determines the context.

B. the context must be explicitly declared.
C. The rule command determines the context.
D. The results of the iRule's conditional statement determines the context.

Answer: A

QUESTION 68
The following iRule is being used within a persistence profile on a virtual server. Assuming the
following HTTP requests are made within the same timeout window, what is the maximum number
of persistence records that will be created iRule:

rule Persist_Universal { when HTTP_REQUEST { persist uie [findstr [HTTP ::uri] "?" 8 3] } Requests:

#1 http: I/www.test.com/input.html?testl 45ABR80

#2 http ://www.test.com/input .html?testl 35PDC72
#3 http://www.test. com/input.html?testl 25ABR76
#4 http ://www.test.com/input.html?testl 45MN088
#5 http ://www.test. com/input.html?testl 55ABR98
#6 http://www.test.com/input.html?testl 45PDC6O
#7 http ://www.test. com/input.html?testl 75ABC50

Get Latest & Actual F5 101 Exam's Question and Answers from PassLeader. 20
https://www.passleader.com/
#8 http://www.test.com/input.html?testl 25MN055
#9 http://www.test. com/input.html?testl 45ABC70
#10 http://www.test.com/input.html?testl35 PDC42

A. 4
B. 3
C. 10
D. It cannot be determined from the given data.
E. 5
F. 1
G. 0

Answer: A

QUESTION 69
Which statement is true concerning SNATs using SNAT pools and SNATs using automap?

A. SNAT s using automap preferentially translate source addresses to nonfloating self-IP addresses.
B. SNAT s using a SNAT pool translate source addresses randomly to any of the addresses in the
SNAT pool.
C. SNAT s using automap translate source addresses randomly to any of the BIG-IP's floating self-IP
addresses.
D. A SNAT pool can contain virtual server addresses.

Answer: A

QUESTION 70
Why would an administrator capture monitor traffic between a BIG-IP and servers?

A. Viewing monitor traffic could help the administrator to define a more robust monitor.
B. If a client were having difficulty logging into a loadbalanced SSH server, viewing and analyzing the
connection process would determine the reason.
C. Only client traffic may be captured; monitor traffic may not be captured.
D. If client traffic to servers was failing, viewing and analyzing monitor traffic would determine the
reason.

Answer: A

QUESTION 71
When a pool is created and saved to file, where is the default file and location for the pool
configuration? When a pool is created and saved to file, where is the default file and location for
the pool configuration?

A. /config/BIG-IP_base.conf
B. lconfig/BIG-IP.conf
C. /etc/BIG-IP_base.conf
D. /config/BigDB.dat

Answer: B

Get Latest & Actual F5 101 Exam's Question and Answers from PassLeader. 21
https://www.passleader.com/
QUESTION 72
Which statement is true concerning packet filters?

A. In addition to administratorcreated filters, three always exists a "deny all" filter that processes traffic
last.
B. Filters cannot prevent access to the management port.
C. The order of filters does not affect which traffic is accepted or denied
D. Filters cannot prevent the BIG_IP synching process from taking place.

Answer: B

QUESTION 73
Which action CANNOT be performed by an iRule?

A. Direct a connection request to a specific pool.

B. Substitute a server's response with alternate data.
C. Chang the virtual server's default pool.
D. Direct a client's request to a pool based on the client's browser's language.
E. Limit a given client to a set amount of bandwidth.
F. Discard a client before connecting to a server.

Answer: C

QUESTION 74
Which persistence method will always recognize a client when the client returns to the same virtual
server?

A. SSL
B. MSRDP
C. expression [universal]
D. No persistence method work in all situations.
E. source address

Answer: D

QUESTION 75
Which are immediate results of entering the following command:
b pool PoolA . { lb method predictive member 10.10.1 .1:80 member 10.10.1.2:80 }

A. Requests sent to this BIG-IP system with a destination port of 80 are loadbalanced between the
members of PoolA.
B. No changes will take place since the command is missing the monitor component for PoolA.
C. The /config/BIG-IP.cinf file is updated to include a definition for the pool named PoolA.
D. A new pool is available for association with any iRule or virtual server.

Answer: D

QUESTION 76

Get Latest & Actual F5 101 Exam's Question and Answers from PassLeader. 22
https://www.passleader.com/
Which three statements are true about SNATs? (Choose three.)

A. SNAT s provide bidirectional traffic initiation.

B. SNAT s support UDP, TCP, and ICMP traffic.
C. SNAT s provide a manytoone mapping between IP addresses.
C. SNAT addresses can be identical to virtual server IP addresses.

Answer: BC

QUESTION 77
Given the configuration shown below, if a connection request arrived on the BIG-IP with a source
address of 200.10.10.10:1050 and a destination of 150.10.10.75:80, what would the source IP
address of the associated packet be when it arrived on the choosen member of the web_pool self
150.10.10.1 { netmask 255.255.255.0 unit I floating enable vlan external allow tcp https } self
10.10.1.1 { netmask 255.255.255.0 unit I floating enable vlan internal allow default } pool web_pool
{ member 10.10.1.11:80 member 10.10.1.12:80 member 10.10.1.13:80 }snatpool client_pool
{ member 10.10.1.100 member 150.10.10.15 }virtual VS_web { destination 150.10.10.10:80 ip
protocol tcp snat automap pool web_pool }virtual VS_network{ destination 150.10.1 0.0:any mask
255.255.255.0 snatpool client_pool ip protocol tcp pool web_pool } virtual VS_network { destination
150.10.1 0.0:any mask 255.255.255.0 snatpool client_pool ip protocol tcp pool web_pool } virtual
VS_network { destination 150.10.10.0:any mask 255.255.255.0 snatpool client_pool ip protocol tcp
pool web_pool }

A. 10.10.1.IA.10.10.1.1
B. 200.10.10.I0D.200.10.10.10
C. 10.10.1.I00B.10.10.1.100
D. 150.10.10.15C.150.10.10.15

Answer: C

QUESTION 78
When a virtual server has an HTTP profile with compression enabled, which traffic is compressed
by the BIG-IP?

A. selected traffic from the BIG-IP to the client

B. all seversid traffic for that cirtual srver
C. selected traffic from the pool member to the BIG-IP
D. all clientside traffic for that virtual server

Answer: A

QUESTION 79
An LTM has the 3 virtual servers, 2 SNATs, four self IP addresses defined, and the networks shown
in the exhibit. Selected options for each object are shown below. Settings not shown are at their
defaults. Assume port exhaustion has not been reached.

VirtualServerl
Destination: 10.10.2.102:80 netmask 255.255.255.255
Pool: Pool with 3 members in the 172.16/16 network
SNAT Automap configured

Get Latest & Actual F5 101 Exam's Question and Answers from PassLeader. 23
https://www.passleader.com/
VirtualServer2
Destination: 10.10.2.102:* netmask 255.255.255.255
Pool: Pool with 3 members in the 192.168/16 network

VirtualServer3
Destination: 10.10.2.0:80 netmask 255.255.255.0
Type: IP Forwarding
SNAT1 Source IP: 10.10.0.0 netmask 255.255.0.0
SNAT Address: SNAT Pool with 2 members 172.16.20.50 and 192.168.10.50
SNAT2 Source IP: All Addresses
SNATAddress: 10.10.2.102 Floating Self IPs 192.168.1.1; 172.16.1.1; 10.10.2.1; 10.10.1.1

A connection attempt is made with a source IP and port of 10.10.100.50:2222 and a destination IP
and port of 10.10.2.10:80. When the request is processed, what will be the source and destination
IP addresses?

A. The request will be droped.

B. Source IP: 10.10.2.1; Destination IP: 10.10.2.10
C. Source IP: 10.10.2.102; Destination IP 10.10.2.10
D. Source IP: Either 172.16.20.50 or 192.168.10.50; Destination IP: 10.10.2.10
E. Source IP: 10.10.2.1; Destination IP: pool in the 172.16/16 network C

Answer: D

QUESTION 80
Which three parameters could be used to determine whether a connection request will have the
source address translated as the request is processed? (Choose three.)

A. the client's router's IP address

B. the client's browser's preferred language
C. the client's IP netmask
D. the client's TCP port
E. the client's IP address
F. the client IP fragment offset

Answer: BDE

QUESTION 81
A BIG-IP has the following objects configured:

Get Latest & Actual F5 101 Exam's Question and Answers from PassLeader. 24
https://www.passleader.com/
- A SNAT pool with 2 members: 150.10.33.33 and 10.10.1.33
- A loadbalancing pool with 5 members: 10.10.1.110.10.1.5:80
- The BIG-IP has two self-IP addresses: 150.10.10.10 and 10.10.1.10

A virtual server at 150.10.30.30:80 that is associated with both the SNAT pool and the
loadbalancing pool. If a client at IP address 200.10.10.10 initiates a connection to the virtual server,
what will the source IP address be in the packets sent to the chosen pool member?

A. 150.10.33.33
B. 10.10.1.33
C. 10.10.1.10
D. 150.10.30.30
E. 200.10.10.10
F. It could be any of the addresses of the members of the loadbalancing pool.

Answer: B

QUESTION 82
What does the insert XForwarded option in an HTTP profile do?

A. A BIG-IP self-IP is inserted in the source address field on the serversid connection.
B. A BIG-IP self-IP is inserted in the source address field on the clintside connection.
C. The client IP addresses are inserted into messages sent to remote syslog servers.
D. The client IP addresses are inserted into HTTP header.

Answer: D

QUESTION 83
When defining a loadbalancing pool using the command line, if the loadbalancing method is not
specified, what is the result

A. The default loadbalancing method would be used.

B. The loadbalancing method of the previous pool would be used.
C. The system would prompt the user for a loadbalancing method.
D. An error would be displayed since no loadbalancing method was specified.

Answer: A

QUESTION 84
What occurs when a save-config command is issued?

A. The current configuration files are backed up.

B. The current configuration files are verified for syntax, then the running configuration is installed in
memory.
C. The current configuration files are loaded into memory.
D. The current configuration files are saved into an archive format.

Answer: A

Get Latest & Actual F5 101 Exam's Question and Answers from PassLeader. 25
https://www.passleader.com/
QUESTION 85
How many events can be referenced in a given iRule?

A. iRules are limited to one event, but a virtual server could be associated with multiple rules.
B. iRules can have multiple events.
C. Exactly one.
D. iRules can have up to event if one is clientside and one is serverside.

Answer: B

QUESTION 86
Which statement is true regarding OneConnect processing?

A. The virtual server must have UDP profile.

B. Serverside request can utilize existing clientsid connections.
C. The number of client connection is reduced.
D. Clientside request can utilized existing serverside connections.

Answer: D

QUESTION 87
Which tool is used on BIG-IP systems to capture data packets?

A. tcpdump
B. snoop
C. ethereal
D. qkview

Answer: A

QUESTION 88
Which statement concerning virtual servers is true?

A. Virtual servers can keep idle server connections open indefinitely.

B. Virtual servers can compress data between the BIG-IP and servers.
C. Virtual servers cannot perform load balancing without performing address translation.
D. Virtual servers can reuse connections between the BIG-IP and server for multiple HTTP GETs.
E. Virtual server processing always translates the virtual server address to the address of the chosen
pool member.

Answer: D

QUESTION 89
Click the Exhibit Button an LTM has the 3 virtual servers, a SNAT defined, four self IP addresses
defined and the networks shown in the exhibit. Selected options for each object are shown below.
Settings not shown are at their defaults.

VirtualServer 1

Get Latest & Actual F5 101 Exam's Question and Answers from PassLeader. 26
https://www.passleader.com/
Destination: 10.10.1.102:80 netmask 255.255.255.255
Pool: Pool with 3 members in the 172.16/16 network
SNAT Automap enabled

VirtualServer2
Destination: 10.10.1.102:* netmask 255.255.255.255
Pool: Pool with 3 members in the 192.168/16 network

VirtualServer 3
Destination: 10.10.2.0:80 netmask 255.255.255.0
Type: IP Forwarding
SNATI Source IP: All Addresses
SNAT Address: SNAT Pool with 2 members 172.16.20.50 and 192.168.10.50
Self IPs 192.168.1.1;
172.16.1.1; 10.10.2.1; 10.10.1.1

A connection attempt is made with a source IP and port of 10.20.100.50:80 and a destination IP
and port of 10.10.2.10:80. When the request is processed, what will be the source and destination
IP addresses?

A. The request will be dropped.

B. Source IP: Either 172.16.20.50 or 192.168.10.50; Destination IP: 10.10.2010
C. Source IP: 10.20.100.50; Destination IP: 10.10.2.10
D. Source IP: 10.10.2.1; Destination IP: 10.10.2.10

Answer: B

QUESTION 90
A BIG-IP has the following objects configured: A SNAT pool with 2 members:

- 150.10.33.33 and 10.10.1.33

- A loadbalancing pool with 5 members: 10.10.1.110.10.1.5:80
- The BIG-IP has two self-IP addresses: 150.10.10.10 and 10.10.1.10

A. 150.10.30.30
B. 150.10.33.33

Get Latest & Actual F5 101 Exam's Question and Answers from PassLeader. 27
https://www.passleader.com/
C. 10.10.1.10
D. It could be any of the addresses of the members of the loadbalancing pool.
E. 10.10.1.33
F. 200.10.10.10

Answer: E

QUESTION 91
Which is a potential result when a trunk is configured on a BIG-IP?

A. No additional trunks can be configuration since each BIG-IP is limited to one trunk
B. Packets flowing to the VLAN could arrive on any of the interfaces in the trunk
C. Since any VLANs associated with the trunk are necessarily associated with multiple interfaces, the
VLAN using the must use tagged packets.
D. VLAN failsafe is not available for any VLAN associated with any trunks.

Answer: B

QUESTION 92
Which two statements are true concerning capabilities of current BIG-IP platforms? (Choose two.)

A. The 1600 hosts more ports than the 3900.

B. All current BIG-IP platform use both an ASIC. And CPU(s)to process traffic.
C. All current BIG-IP platform can perform hardware compression.
D. Only 2U BIG-IP Platform have an option of a second power supply.
E. All BIG-IP have capacity to perform bulk encryption I decryption of SSL traffic independent of the
CPU.

Answer: BE

QUESTION 93
Which is the result when multiple monitors are assigned to a pool member?

A. The member is marked available if sufficient monitors succeed, and as unavailable if insufficient
monitors succeed.
B. The member is marked as available if any of the monitors succeed.
C. The member is marked as unavailable if any of the monitors fails.
D. The member is marked available if all monitors succeed, and as marginal if one or more monitors
fail(s).

Answer: A

QUESTION 94
An LTM has the 3 virtual servers, four self IP addresses defined and the networks shown in the
exhibit. Selected options for each object are shown below. Settings not shown are at their defaults.

VirtualServerl
Destination: 10.10.2.102:443 netmask 255.255.255.255
Pool: Pool with 3 members in the 172.16/16 network

Get Latest & Actual F5 101 Exam's Question and Answers from PassLeader. 28
https://www.passleader.com/
VirtualServer2
Destination: 10.10.2.102:* netmask 255.255.255.255
Pool: Pool with 3 members in the 192.168/16 network

VirtualServer3
Destination: 10.10.2.0:80 netmask 255.255.255.0
Type: IP Forwarding
SNAT1 Source IP: All Addresses
SNAT Address: SNAT Pool with 2 members 172.16.20.50 and 192.168.10.50
Self IPs 192.168.1.1; 172.16.1.1; 10.10.2.1;
10.10.1.1

A connection attempt is made with a source IP and port of 10.20.100.50:2222 and a destination IP
and port of 10.10.2.102:80.
When the request is processed, what will be the destination IP address?

A. Destination IP: 10.10.2.102

B. The request will be dropped.
C. Destination IP: pool member in the 192.168/16 network
D. Destination IP: pool member in the 172.16/16 network

Answer: C

QUESTION 95
An LTM has the 3 virtual servers, a SNAT, four self IP addresses defined and the networks shown
in the exhibit. Selected options for each object are shown below. Settings not shown are at their
defaults.

VirtualServerl
Destination: 10.10.2.102:80 netmask 255.255.255.255
Pool: Pool with 3 members in the 172.16/16 network

VirtualServer2
Destination: 10.10.2.102:* netmask 255.255.255.255
Pool: Pool with 3 members in the 192.168/16 network

VirtualServer3
Destination: 10.10.2.0:80 netmask 255.255.255.0
Type: IP Forwarding
SNAT1

Get Latest & Actual F5 101 Exam's Question and Answers from PassLeader. 29
https://www.passleader.com/
Source IP: All Addresses
SNATAddress: SNAT Pool with 2 members 172.16.20.50 and 192.168.10.50 Self IPs 192.168.1.1;
172.16.1.1; 10.10.2.1; 10.10.1.1

A connection attempt is made with a source IP and port of 10.20.100.50:2222 and a destination IP
and port of 10.10.2.10:80.
When the request is processed, what will be the destination IP address?

A. Destination IP: 10.10.2.10

B. Destination IP: pool member in the 192.168/16 network.
C. Destination IP: pool member in the 172.16/16 network
D. The request will be dropped.

Answer: A

QUESTION 96
A site wishes to use an external monitor. Other than what is coded in the monitor script, what
information must be configured on the BIG-IP for the monitor to be functional? (Choose two.)

A. BIG-IP services that are running on the system to be tested.

B. BIG-IP the IP addresses of the devices that will be tested. Must know which
C. BIG-IP node or member the result are to be applied to. Must know all
D. BIG-IP must know the name of the program.
E. BIG-IP must know which function the program is going to test. Must know

Answer: CD

QUESTION 97
Which statement describes advanced shell access correctly?

A. Users with advanced shell access can always change, add, or delete LTM objects in all partition.
B. Users with advance shell access are limited to changing, adding, or deleting LTM object in any
single partition.
C. Users with advance shell access have the same right as those with msh access, but right extend
to all partition rather than to a single partition.
D. All Users can be given advanced shell access.

Answer: A

Get Latest & Actual F5 101 Exam's Question and Answers from PassLeader. 30
https://www.passleader.com/
QUESTION 98
Which statement describes advanced shell access correctly? Which statement describes advanced
shell access correctly?

A. The context determines the values of commands that vary between client and server.
B. The context has no impact on events.
C. The context determines which events are available for iRule processing.
D. The context determines which pools are available for load balancing.

Answer: A

QUESTION 99
An LTM has the 3 virtual servers, 2 SNATs, four self IP addresses defined and the networks shown
in the graphic below. Selected options for each object are shown below. Settings not shown are at
their defaults. Assume port exhaustion has not been reached.

VirtualServerl
Destination: 10.10.2.102:80 netmask 255.255.255.255
Pool: Pool with 3 members in the 172.16/16 network SNAT Automap configured

VirtualServer2
Destination: 10.10.2.102:* netmask 255.255.255.255
Pool: Pool with 3 members in the 192.168/16 network

VirtualServer3
Destination: 10.10.2.0:80 netmask 255.255.255.0
Type: IP Forwarding
SNATI Source IP: 10.10.0.0 netmask 255.255.0.0
SNATAddress: SNAT Pool with 2 members 172.16.20.50 and 192.168.10.50 SNAT2
Source IP: All Addresses
SNAT Address: 10.10.2.102 Floating Self IPs 192.168.1.1; 172.16.1.1; 10.10.2.1; 10.10.1.1

A connection attempt is made with a source IP and port of 10.20.10.50:2222 and a destination IP
and port of 10.10.2.102:80.
When the request is processed, what will be the source and destination IP addresses?

A. Source IP: 10.20.10.50; Destination IP: pool member in the 172.16/16 network
B. Source IP: 172316.20.50; Destination IP: pool member in the 182.16/16 network
C. Source IP: 192.168.1.1; Destination IP: pool member in the 192.168/16 network

Get Latest & Actual F5 101 Exam's Question and Answers from PassLeader. 31
https://www.passleader.com/
D. The request will be dropped.
E. Source IP: 10.20.10.50; Destination IP: pool member in the 192.168/16 network
F. Source IP: 182.16.1.1; Destination IP: pool member in the 172316/16 network
G. Source IP: 192.168.10.50; Destination IP: pool member in the 192.168/16 network
H. Source IP:192.168.10.50; Destination IP: pool member in the 192.168./16 network

Answer: F

QUESTION 100
The partial configuration below includes an iRule, a virtual server, and pools. When traffic from the
client at 160.10.10.10:2056 connects to the virtual server Test_VS and sends an HTTP request,
what will the client's source address be translated to as the traffic is sent to the chosen pool member?

pool Test_Pool { member 10.10.10.10:80 member 10.10.10.11:80 } snatpool lower_range

{ member 10.10.10.1 } snatpool upper_range { member 10.10.10.2 }
rule Test_iRule { when CLIENT_ACCEPTED.{ if { [TCP::local_port] < 2024 }{ snatpool
lower_range } else { snatpool upper_range }
virtual Test_VS { destination 200.10.10.1 :http pool Test_Pool rule Test_i Rule }

A. 160.10.10.IOC.160.10.10.10
B. It could be either 10.10.10.10 or 10.10.10.11.E.It could be either 10.10.10.10 or 10.10.10.11.
C. 10.10.10.2
D. 200.10.10.1D.200.10.10.1
E. 10.10.10.1

Answer: E

QUESTION 101
What is the expected difference between two source address persistence profiles if profile A has a
mask of 255.255.255.0 and profile B has a mask of 255.255.0.0?

A. Profile A will have more clients matching existing persistence records.

B. There are no detectable differences.
C. Profile B has a greater potential number of persistence records.
D. Profile B will have fewer persistence records for the sane client base.

Answer: D

QUESTION 102
A BIG-IP has two SNATs, a pool of DNS servers and a virtual server configured to loadbalance
UDP traffic to the DNS servers. One SNAT's address is 64.100.130.10; this SNAT is defined for all
addresses. The second SNAT's address is 64.100.130.20; this SNAT is defined for three specific
addresses, 172.16.3.54, 172.16.3.55, and 172.16.3.56. The virtual server's destination is
64.100.130.30:53. The SNATs and virtual server have default VLAN associations. If a client with
IP address 172.16.3.55 initiates a request to the virtual server, what is the source IP address of the
packet as it reaches the chosen DNS server?

A. 64.100.130.30
B. 172.16.3.55
C. 64.100.130.20

Get Latest & Actual F5 101 Exam's Question and Answers from PassLeader. 32
https://www.passleader.com/
D. 64.100.130.10

Answer: C

QUESTION 103
A, steaming profile will do which of the following?

A. Search and replace all occurrences of a specified string only is responses processed by a virtual
server.
B. Search and replace all occurrences of a specified string only in request processed by a virtual
server.
C. Search and replace all occurrences of a specified string in requests and responses processed by
a virtual server.
D. Search and replace the first occurrence of a specified of a specified string in either a request or
response processed by a virtual server.

Answer: C

QUESTION 104
A monitor has been defined using the HTTP monitor template. The send and receive strings were
customized, but all other settings were left at their defaults. Which resources can the monitor be
assigned to?

A. only specific pool members

B. most virtual severs
C. most nodes
D. most pools

Answer: D

QUESTION 105
When DNS_REV is used as the probe protocol by the GTM System, which information is expected
in the response from the probe?

A. a reverse name lookup of the GTM System

B. the list of root servers known by the local DNS
C. the FQDN of the local DNS being probed for metric information
D. the revision number of BIND running on the requesting DNS server

Answer: C

QUESTION 106
Which three can be a part of a pool's definition? (Choose three.)

A. Link
B. Monitors
C. Wide IPs
D. Persistence
E. Data Centers

Get Latest & Actual F5 101 Exam's Question and Answers from PassLeader. 33
https://www.passleader.com/
F. Virtual Servers

Answer: BDF

QUESTION 107
Which two must be included in a WidelP definition for the WidelP to resolve a DNS query? (Choose
two.)

A. a name
B. a monitor
C. a load balancing method
D. one or more virtual servers

Answer: AC

QUESTION 108
A GTM System would like to ensure that a given LTM System is reachable and iQuery
communication is allowed prior to sending it client request. What would be the simplest monitor
template to use?

A. TCP
B. ICMP
C. HTTP
D. BIG-IP
E. SNMP

Answer: D

QUESTION 109
Which two ports must be enabled to establish communication between GTM Systems and other
BIG IP Systems? (Choose two.)

A. 22
B. 53
C. 443
D. 4353
E. 4354

Answer: AD

QUESTION 110
When probing LDNSs, which protocol is used by default?

A. TCP
B. ICMP
C. DNS_REV
D. DNS_DOT

Answer: B

Get Latest & Actual F5 101 Exam's Question and Answers from PassLeader. 34
https://www.passleader.com/
QUESTION 111
Which of the following platforms support both standalone and modular BIG-IP ASM
implementations? (Choose 2)

A. 3900
B. 6800
C. 6900
D. 8800

Answer: AC

QUESTION 112
use a proprietary syntax language. must contain at least one event declaration. must contain at
least one conditional statement. must contain at least one pool assignment statement. What must
be sent to the license server to generate a new license'?

A. the system's dossier

B. the system's base license
C. the system's serial number
D. the system's purchase order number

Answer: A

QUESTION 113
What is the difference between primary and secondary DNS servers?

A. Only primary servers can issue authoritative responses.

B. Primary servers host the original copy of the zone database file.
C. Primary servers resolve names more efficiently than secondary servers.
D. Secondary servers act as backups and will respond only if the primary fails.

Answer: B

QUESTION 114
If the config tool is complete, which two access methods are available by default for GTM
administration and configuration? (Choose two.)

A. network access via http

B. network access via https
C. network access via telnet
D. direct access via serial port

Answer: BD

QUESTION 115
A GTM System performs a name resolution that is not a WideIP. The name is in a domain for which
the GTM System is authoritative. Where does the information come from?

Get Latest & Actual F5 101 Exam's Question and Answers from PassLeader. 35
https://www.passleader.com/
A. It comes from BIND database (zone) files on the GTM System.
B. GTM System cannot resolve a host name that is not a WideIP.
C. It comes from the database of previously cached name resolutions.
D. It comes from a zone transfer initiated when the request was received.

Answer: A

QUESTION 116
A site wishes to delegate the name .wmysite.com to a GTM System. Which entry would be
appropriate in their current DNS servers?

A. vww.mysite.com. IN A 132.26.33.15
B. 15.33.addrin.arpa.com IN PRT .wiw.mysite.com.
C. iw.mysite.com. IN CNAME wwip.mysite.com.
D. wwmysite.com. IN DEL wiwGTM.mysite.com.

Answer: C

QUESTION 117
Which statement about root DNS servers is true?

A. Root servers have databases of all registered DNS servers.

B. Root servers have databases of the DNS servers for toplevel domains.
C. Root servers have databases of DNS servers for each geographical area. They direct requests to
appropriate LDNS servers.
D. Root servers have databases of commonly accessed sites. They also cache entries for additional
servers as requests are made.

Answer: B

QUESTION 118
What is the advantage of specifying three load balancing methods when load balancing within pools?

A. Specifying three methods allows the GTM System to use all three methods simultaneously.
B. Specifying three methods allows the GTM System to choose the optimal method for each name
resolution.
C. Specifying three methods allows the GTM System alternate methods if insufficient data is available
for other methods.
D. Specifying three methods allows the GTM System to rotate between the three methods so that no
one method is used too often.

Answer: C

QUESTION 119
A pool is using Round Trip Time as its load balancing method (Alternate: Round Robin; Fallback:
None). The last five resolutions have been C, D, C, D, C . Given the current conditions shown in
the table below, which address will be used for the next resolution?

Get Latest & Actual F5 101 Exam's Question and Answers from PassLeader. 36
https://www.passleader.com/
A. A
B. B
C. C
D. D

Answer: B

QUESTION 120
A pool is using Global Availability as its load balancing method (Alternate:
Round Robin; Fallback: Return to DNS). The last five resolutions have been C, D, C, D, C . Given
the current conditions shown in the table, which address will be used for the next resolution?

A. A
B. B
C. C
D. D

Answer: B

QUESTION 121
What are some changes that must be made on the GTM System so that log messages are sent to
centralized System Log servers?

A. The IP address of the server must be added to the wideip.conf file.

B. The IP address of the server must be added to the syslogng.conf file.
C. The IP address of the server and valid userid/password combination must be added to the
hosts.allow file.
D. The IP address of the server and valid userid/password combination must be added to the syslog
ng.conf file.

Answer: B

QUESTION 122
What are two advantages of the Quality of Service (QoS) load balancing method? (Choose two.)

A. It resolves requests to the site with the highest QoS value in the IP header.
B. It combines multiple load balancing metric values in a single load balancing method.
C. It allows the GTM administrator to place relative values on each metric used to determine the
optimum site.
D. It allows the GTM System to select the optimum virtual server based on all available path and server
metrics.

Get Latest & Actual F5 101 Exam's Question and Answers from PassLeader. 37
https://www.passleader.com/
Answer: BC

QUESTION 123
When is a Virtual Server hosted by an LTM System defined with two IP addresses?

A. Two addresses are used to define the Virtual Server when it is managed by redundant LTM
Systems.
B. Two addresses are used to define some Virtual Servers so that the GTM System can choose the
better address when resolving the name.
C. Two addresses are used to define Virtual Servers when the LTM System hosting it is behind a
firewall that is translating the Virtual Server address.
D. Two addresses are used to define a Virtual Server when the WideIP should resolve to a different
address depending on which LTM System is active.

Answer: C

QUESTION 124
What is a characteristic of iQuery?

A. It uses SSH.
B. It uses SSL.
C. It uses SCP.
D. It uses HTTPS.

Answer: B

QUESTION 125
Listeners that correspond to nonfloating self lP addresses are stored in which configuration file?

A. /config/BIG-IP.conf
B. /config/BIG-IP_base.conf
C. /config/gtm/wideip.conf
D. /config/BIG-IP_local.conf

Answer: D

QUESTION 126
What is the primary benefit of associating Servers with Data Centers?

A. The primary benefit is in assigning a single IP address to identify a Data Center.

B. The primary benefit is in combining probing metrics. Load balancing decisions can be made more
intelligently.
C. The primary benefit is administrative. It is easier to remember to add servers when they are
categorized by a physical location.
D. The primary benefit is in load balancing. Clients will not be directed to Data Centers that are
separated from them by great distances.

Answer: B

Get Latest & Actual F5 101 Exam's Question and Answers from PassLeader. 38
https://www.passleader.com/
QUESTION 127
Which two are events that can be used to trigger GTM iRule data processing? (Choose two.)

A. LB_FAILED
B. DNS_REQUEST
C. HTTP REQUEST
D. CLIENT_ACCEPTED

Answer: AB

QUESTION 128
Which statement is correct if a TOPbased monitor is assigned to an LTM System and an
HTTPbased monitor is assigned to one of that LTM System's Virtual Servers?

A. The Virtual Server status is based on the TCP monitor only.

B. The Virtual Server status is based on the HTTP monitor only.
C. GTM Systems do not allow monitors on both an LTM System and one of its Virtual Servers.
D. The Virtual Server status is based on both the TOP and HTTP monitor; if either fails, the Virtual
Server is unavailable.
E. The Virtual Server status is based on both the TOP and HTTP monitor; if either succeeds, the
Virtual Server is available.

Answer: B

QUESTION 129
With standard DNS, assuming no DNS request failures, which process describes the normal
resolution process on a "first time" DNS request?

Answer: D

QUESTION 130
How do you support nonintelligent DNS resolution in an environment with GTM Systems and
standard DNS servers? (Choose two.)

A. The GTM System must be a secondary server in all of your zones.

B. Your GTM System must delegate some DNS names to the DNS Servers.
C. Your DNS servers may delegate some DNS names to the GTM Systems.
D. The GTM System may have a Listener set for your DNS server's address.

Get Latest & Actual F5 101 Exam's Question and Answers from PassLeader. 39
https://www.passleader.com/
E. The GTM System may have a Listener set for the GTM's loopback address.

Answer: CD

QUESTION 131
iQuery is a proprietary protocol that distributes metrics gathered from which three sources?
(Choose three.)

A. SNMP
B. DNS root servers
C. path probes such as ICMP
D. monitors from LTM Systems
E. monitors from Generic Host Servers

Answer: ACD

QUESTION 132
What is the purpose of the GTM Systems Address Exclusion List concerning local DNS servers?

A. to prevent probing of specific local DNSs

B. to prevent name resolution to specific Virtual Servers
C. to prevent name resolution for requests from specific local DNSs
D. to prevent probing of any local DNS servers by specific F5 devices

Answer: A

QUESTION 133
Which three must be done so that Generic Host Servers can be monitored using SNMP? (Choose
three.)

A. The SNMP monitor must be added to all BIG-IP Systems.

B. The Generic Host Server must be running the big3d agent.
C. The GTM System must be configured for the appropriate MIB .
D. The Generic Host Server must be added to the GTM Configuration.
E. The Generic Host Server must be enabled to answer SNMP queries.

Answer: CDE

QUESTION 134
Monitors can be assigned to which three resources? (Choose three.)

A. Pools
B. Servers
C. Wide IPs
D. Data Centers
E. Pool Members

Answer: ABE

Get Latest & Actual F5 101 Exam's Question and Answers from PassLeader. 40
https://www.passleader.com/
QUESTION 135
What will likely happen if you were to define a LTM System in the wrong Data Center?

A. There would be no effect if the LTM System is defined in the wrong Data Center.
B. The GTM System would not be able to communicate with that LTM System.
C. Data from probes from that LTM System might result in inaccurate path metrics and load balancing
decisions.
D. The GTM System would not be able to resolve Wide-IPs to the addresses associated with that LTM
System's Virtual Servers.

Answer: C

QUESTION 136
When initially configuring the GTM System using the config tool, which two parameters can be set?
(Choose two.)

A. System hostname
B. IP Address of management port
C. IP Address of the external VLAN
D. Default route for management port
E. Port lockdown of management port

Answer: BD

QUESTION 137
Without creating a userdefined region, what is the most specific group a topology record can identify?

A. city
B. country
C. continent
D. state/province
E. region of country

Answer: D

QUESTION 138
The SNMP monitor can collect data based on which three metrics? (Choose three.)

A. packet rate
B. memory utilization
C. content verification
D. current connections
E. hops along the network path

Answer: ABD

QUESTION 139
Which facility logs messages concerning GTM System parameters?

Get Latest & Actual F5 101 Exam's Question and Answers from PassLeader. 41
https://www.passleader.com/
A. local0
B. local1
C. local2
D. local3

Answer: C

QUESTION 140
When users are created, which three access levels can be granted through the GTM Configuration
Utility? (Choose three.)

A. Root
B. Guest
C. Operator
D. Administrator
E. CLI + Web Read Only

Answer: BCD

QUESTION 141
The BIG-IP ASM System is configured with a virtual server that contains an HTTP class profile and
the protected pool members are associated within the HTTP class profile pool definition. The status
of this virtual server is unknown (Blue). Which of the following conditions will make this virtual server
become available (Green)?

A. Assign a successful monitor to the virtual server

B. Assign a successful monitor to the members of the HTTP class profile pool
C. Associate a fallback host to the virtual server and assign a successful monitor to the fallback host
D. Associate a default pool to the virtual server and assign a successful monitor to the pool members

Answer: D

QUESTION 142
Which of the following does not pertain to protecting the Requested Resource (URI) element?

A. File type validation

B. URL name validation
C. Domain cookie validation
D. Attack signature validation

Answer: C

QUESTION 143
Which of the following protocol protections is not provided by the Protocol Security Manager?

A. FTP
B. SSH
C. HTTP

Get Latest & Actual F5 101 Exam's Question and Answers from PassLeader. 42
https://www.passleader.com/
D. SMTP

Answer: B

QUESTION 144
Which of the following is correct regarding Userdefined Attack signatures?

A. Userdefined signatures use an F5supplied syntax

B. Userdefined signatures may only use regular expressions
C. Attack signatures may be grouped within systemsupplied signatures
D. Userdefined signatures may not be applied globally within the entire policy

Answer: A

QUESTION 145
Which of the following methods of protection is not available within the Protocol Security Manager
for HTTP traffic?

A. Data guard
B. Attack signatures
C. Evasion techniques
D. File type enforcement

Answer: B

QUESTION 146
There are many user roles configurable on the BIG-IP ASM System. Which of the following user
roles have access to make changes to ASM policies? (Choose 3)

A. Guest
B. Operator
C. Administrator
D. Web Application Security Editor
E. Web Application Security Administrator

Answer: CDE

QUESTION 147
Which statement is true concerning packet filters?

Answer: B

Get Latest & Actual F5 101 Exam's Question and Answers from PassLeader. 43
https://www.passleader.com/
QUESTION 148
Which action CANNOT be performed by an iRule?

A. Direct a connection request to a specific pool.

Answer: C

QUESTION 149
Which of the following statements are correct regarding positive and negative security models?
(Choose 2)

A. Positive security model allows all transactions by default.

B. Negative security model denies all transactions by default.
C. Negative security model allows all transactions by default and rejects only transactions that contain
attacks.
D. Positive security model denies all transactions by default and uses rules that allow only those
transactions that are considered safe and valid.

Answer: CD

QUESTION 150
Which events are valid iRule events triggered by BIG-IP ASM processing? (Choose 2)

A. ASM_REQUEST_BLOCKING
B. ASM_REQUEST_ACCEPTED
C. ASM_REQUEST_VIOLATION
D. ASM_RESPONSE_BLOCKING

Answer: AC

QUESTION 151
Which of the following methods of protection is not available within the Protocol Security Manager
for FTP protection?

A. Session timeout
B. Command length
C. Allowed commands
D. Anonymous FTP restriction

Answer: A

QUESTION 152
Logging profiles are assigned to?

Get Latest & Actual F5 101 Exam's Question and Answers from PassLeader. 44
https://www.passleader.com/
A. HTTP class
B. Security policies
C. Web applications
D. Attack signatures

Answer: C

QUESTION 153
Which of the following is a language used for content provided by a web server to a web client?

A. FTP
B. TCP
C. HTTP
D. HTML

Answer: D

QUESTION 154
Which of the following methods are used by the BIG-IP ASM System to protect against SQL
injections?

A. HTTP RFC compliancy checks

B. Metacharacter enforcement and attack signatures
C. HTTP RFC compliancy checks and length restrictions
D. Response scrubbing, HTTP RFC compliancy checks, and metacharacter enforcement

Answer: B

QUESTION 155
Which of the following can be associated with an XML profile?

A. Flow
B. Method
C. Parameter
D. File type

Answer: C

QUESTION 156
An HTTP class is available

A. on any BIG-IP LTM system

B. only when ASM is licensed.
C. only when ASM or WA are licensed.
D. only when a specific license key is required.

Answer: A

Get Latest & Actual F5 101 Exam's Question and Answers from PassLeader. 45
https://www.passleader.com/
QUESTION 157
Which of the following methods of protection operates on server responses?

A. Dynamic parameter protection

B. Response code validation and response scrubbing
C. Response code validation and HTTP method validation
D. HTTP RFC compliancy check and metacharacter enforcement

Answer: B

QUESTION 158
Which of the following is not a configurable parameter data type?

A. Email
B. Array
C. Binary
D. Decimal

Answer: B

QUESTION 159
When we have a * wildcard entity configured in the File Type section with tightening enabled, the
following may occur when requests are passed through the policy. Which is the most accurate
statement?

A. File type violations will not be triggered.

B. File type violations will be triggered and learning will be available based on these violations.
C. File type entities will automatically be added to the policy (policy will tighten).
D. File type violations will not be triggered and the entity learning section will be populated with file
type recommendations.

Answer: B

QUESTION 160
A request is sent to the BIG-IP ASM System that generates a Length error violation. Which of the
following length types provides a valid learning suggestion? (Choose 3)

A. URL
B. Cookie
C. Response
D. POST data
E. Query string

Answer: ADE

QUESTION 161
There is multiple HTTP class profiles assigned to a virtual server. Each profile has Application
Security enabled. Which statement is true?

Get Latest & Actual F5 101 Exam's Question and Answers from PassLeader. 46
https://www.passleader.com/
A. Traffic will process through every HTTP class profile every time.
B. Traffic will process through the first HTTP class profile that it matches and then stops.
C. Traffic will process through one HTTP class profile and if the traffic matches another profile, BIG-
IP System will send a redirect to the client.
D. Traffic will only process through the HTTP class profile that it matches but always processes
through the whole list and will process through each HTTP class profile it matches.

Answer: B

QUESTION 162
A security audit has determined that your web application is vulnerable to a crosssite scripting
attack. Which of the following measures are appropriate when building a security policy? (Choose
2)

A. Cookie length must be restricted to 1024 bytes.

B. Attack signature sets must be applied to any user input parameters.
C. Parameter data entered for explicit objects must be checked for minimum and maximum values.
D. Parameter data entered for flowlevel parameters must allow some metacharacters but not others.

Answer: BD

QUESTION 163
The BIG-IP ASM System sets two types of cookies to enforce elements in the security policy. The
two types are main and frame cookies. What is the purpose of the frame cookie? (Choose 2)

A. Validates domain cookies

B. Detects session expiration
C. Stores dynamic parameters and values
D. Handles dynamic parameter names and flow extractions

Answer: CD

QUESTION 164
Which statement is correct concerning differences between BIG-IP ASM platforms?

A. The 3900 has more ports than the 6800.

B. The 3900 and 6800 have the same number of ports.
C. The 3900 and 6800 can support both the module and standalone versions of BIG-IP ASM.
D. The 3900 can support both module and standalone versions of BIG-IP ASM whereas the 6800 can
support only the module version of BIG-IP ASM.

Answer: D

QUESTION 165
Which of the following mitigation techniques is based on anomaly detection? (Choose 2)

A. Brute force attack prevention

B. Crosssite request forgery prevention
C. Web scraping attack prevention

Get Latest & Actual F5 101 Exam's Question and Answers from PassLeader. 47
https://www.passleader.com/
D. Parameter tampering prevention

Answer: AC

QUESTION 166
Which of the following are default settings when using the Policy Builder to build a security policy
based on the QA lab deployment scenario? (Choose 2)

A. All learned entities are placed in staging.

B. Attack signatures are not placed in staging
C. The security policy is placed in blocking mode
D. Tightening is enabled only on file types and parameters.

Answer: BC

QUESTION 167
Which of the following statements are incorrect regarding protection of web services? (Choose 2)

A. The BIG-IP ASM System checks to ensure web services use cookies.
B. The BIG-IP ASM System parses XML requests and XML responses.
C. The BIG-IP ASM System checks to ensure XML documents are well formed.
D. The BIG-IP ASM System uses attack signatures to enforce negative security logic.
E. The BIG-IP ASM System checks for XML syntax, schema validation, and WSDL validation.

Answer: AB

QUESTION 168
Which of the following is correct regarding static parameters?

A. A static parameter is stored in a frame cookie.

B. A static parameter is predefined by the web application logic.
C. A static parameter is learned only by using the Deployment Wizard.
D. A static parameter is mapped once when creating the application flow model.

Answer: B

QUESTION 169
When configuring the BIG-IP ASM System in redundant pairs, which of the following are
synchronized? (Choose 2)

A. License file
B. Security policies
C. Web applications
D. Request information
E. Traffic learning information

Answer: BC

Get Latest & Actual F5 101 Exam's Question and Answers from PassLeader. 48
https://www.passleader.com/
QUESTION 170
Sensitive parameter is a feature used to hide sensitive information from being displayed in which
of the following?

A. Client request
B. Server response
C. GUI and logs of BIG-IP ASM System
D. Configuration file of BIG-IP ASM System

Answer: C

QUESTION 171
Tightening is a feature of which type of entity?

A. Explicit URLs
B. Attack signatures
C. Flow login URLs
D. Wildcard parameters

Answer: D

QUESTION 172
A client sends a request to a virtual server http://www.foo.com configured on the BIG-IP ASM
System. The virtual server has an HTTP class profile associated with Application Security enabled,
all class filters set to match all, and a pool consisting of foo.com members. The virtual server also
has a default pool associated with it. When the client sends a request for http://www.foo.com, this
traffic will be forwarded to which of the following?

A. The fallback host

B. The default pool
C. The HTTP class profile pool
D. The request will be dropped

Answer: C

QUESTION 173
Which of the following is correct concerning HTTP classes?

A. A single web application can be used by several HTTP classes

B. A virtual server can only have one web application associated with it
C. A single ASM enabled HTTP class can be used by multiple virtual servers
D. Each ASM enabled HTTP class can have several active security policies associated with it

Answer: C

QUESTION 174
Which of the following statements are correct regarding Attack signatures? (Choose 2)

A. Attack signatures can apply to requests, responses, and parameters.

Get Latest & Actual F5 101 Exam's Question and Answers from PassLeader. 49
https://www.passleader.com/
B. Attack signatures are the basis for positive security logic with the BIG-IP ASM System.
C. Any new Attack signature downloaded manually or automatically will be active and assigned directly
to the security policy.
D. Individual Attack signatures can be assigned to the security policy.
Only Attack signature sets can apply to the security policy.

Answer: AD

QUESTION 175
Which of the following is not a feature of a standalone BIG-IP ASM System?

A. Attack signatures
B. Multiple pool members
C. Positive security model
D. Realtime traffic policy builder
E. Predefined security policy templates

Answer: B

QUESTION 176
What are the best reasons for using the Deployment Wizard? (Choose 3)

A. Flowlevel parameters checking is required.

B. The application encoding scheme needs to be determined by the BIG-IP ASM System.
C. Sufficient time is available to allow completely automated policy building based on observing live
traffic.
D. The application platform must be protected against known attacks for the specific operating system,
web server, and database.

Answer: BCD

QUESTION 177
When initially configuring the BIG-IP System using the config tool, which of the following
parameters can be configured? (Choose 3)

A. System hostname
B. Netmask of the management port
C. IP address of the management port
D. Default route of the management port
E. Port lockdown of the management port

Answer: BCD

QUESTION 178
When building a policy based on live traffic using the automated policy builder, which of the
following elements will not be taken into account when analyzing the traffic?

A. The size of the response

B. The requested resource (URI)

Get Latest & Actual F5 101 Exam's Question and Answers from PassLeader. 50
https://www.passleader.com/
C. The response code from the web server
D. The parameter values of static based parameters

Answer: A

QUESTION 179
A user is building a security policy using the Deployment Wizard and the Rapid Deployment
application template. By default, which settings will be applied to the security policy? (Choose 3)

A. Data Guard will be enabled.

B. The enforcement mode will be set to transparent.
C. The encoding language will be set to auto detect.
D. Wildcard tightening will be enabled on file types and parameters.
E. The Attack signature set applied will be Generic Detection Signatures.

Answer: ABE

QUESTION 180
Which method of protection is not provided by the Rapid Deployment policy template?

A. Data leakage
B. Buffer overflow
C. HTTP protocol compliance
D. Dynamic parameter validation

Answer: D

QUESTION 181
Which of the following are properties of an ASM logging profile? (Choose 2)

A. storage type
B. storage filter
C. storage policy
D. web application

Answer: AB

QUESTION 182
Which of the following methods of protection are used by the BIG-IP ASM System to mitigate buffer
overflow attacks?

A. HTTP RFC compliancy checks

B. Length restrictions and attack signatures
C. Length restrictions and site cookie compliancy checks
D. Metacharacter enforcement and HTTP RFC compliancy check

Answer: B

Get Latest & Actual F5 101 Exam's Question and Answers from PassLeader. 51
https://www.passleader.com/
QUESTION 183
Which HTTP response code ranges indicate an error condition? (Choose 2)

A. 1xx
B. 2xx
C. 3xx
D. 4xx
E. 5xx

Answer: DE

QUESTION 184
The Web Application Security Administrator user role can perform which of the following functions?
(Choose 2)

A. Modify HTTP class profiles

B. Create new HTTP class profiles
C. Create new Attack signature sets
D. Assign HTTP class profiles to virtual servers
E. Configure Advanced options within the BIG-IP ASM System

Answer: CE

QUESTION 185
On a BIG-IP ASM 3600, in standalone mode, which of the following pool configurations is valid?

A. Pool named vs_pool with 1 pool member, no persistence, and no load balancing method
B. Pool named vs_pool with 1 pool member, cookie persistence, and ratio load balancing method
C. Pool named vs_pool with 2 pool members, cookie persistence, and ratio load balancing method
D. Pool named vs_pool with 3 pool members, source IP persistence, and least connections load
balancing method

Answer: A

QUESTION 186
The following request is sent to the BIG-IP ASM System:

GET http://www.example.local/financials/week1.xls?display=yes&user=john&logon=true

Which of the following components in this requests line represent the query string?

A. .xls
B. /week1.xls
C. /financials/week1.xls
D. display=yes&user=john&logon=true

Answer: D

QUESTION 187

Get Latest & Actual F5 101 Exam's Question and Answers from PassLeader. 52
https://www.passleader.com/
Which level of parameter assumes the highest precedence in BIG-IP ASM System processing logic?

A. Flow
B. Object
C. Global
D. URL

Answer: A

QUESTION 188
Which of the following storage type combinations are configurable in an ASM logging profile?

A. Local and Syslog

B. Local and Remote
C. Remote and Syslog
D. Remote and Reporting Server

Answer: B

QUESTION 189
Which must be sent to the license server to generate a new license.

A. the system's dossier

B. the system's host name
C. the system's base license
D. the system's purchase order number

Answer: A

QUESTION 190
What is the purpose of provisioning.

A. Provisioning allows modules that are not licensed to be fully tested.

Answer: B

QUESTION 191
When initially configuring the BIG-IP system using the config utility, which two parameters can be
set. (Choose two.)

A. the netmask of the SCCP

B. the IP address of the SCCP
C. the port lockdown settings for the SCCP
D. the netmask of the host via the management port
E. the IP address of the host via the management port

Get Latest & Actual F5 101 Exam's Question and Answers from PassLeader. 53
https://www.passleader.com/
F. the port lockdown settings for the host via the management port

Answer: DE

QUESTION 192
A site has six members in a pool. All of the servers have been designed, built, and configured with
the same applications. It is known that each client's interactions vary significantly and can affect
the performance of the servers. If traffic should be sent to all members on a regular basis, which
loadbalancing mode is most effective if the goal is to maintain a relatively even load across all
servers.

A. Ratio
B. Priority
C. Observed
D. Round Robin

Answer: C

QUESTION 193
The incoming client IP address is 205.12.45.52. The last five connections have been sent to
members C, D, A, B, B. The incoming client. IP address is 205.12.45.52. The last five connections
have been sent to members C, D, A, B, B. Given the virtual server and pool definitions and the
statistics shown in the graphic, which member will be used for the next connection.

A. 10.10.20.1:80
B. 10.10.20.2:80
C. 10.10.20.3:80
D. 10.10.20.4:80
E. 10.10.20.5:80

Answer: A

Get Latest & Actual F5 101 Exam's Question and Answers from PassLeader. 54
https://www.passleader.com/
QUESTION 194
A site has six members in a pool. Three of the servers are new and have more memory and a faster
processor than the others. Assuming all other factors are equal and traffic should be sent to all
members, which two loadbalancing methods are most appropriate. (Choose two.)

A. Ratio
B. Priority
C. Observed
D. Round Robin

Answer: AC

QUESTION 195
Which two can be a part of a pool's definition. (Choose two.)

A. rule(s)
B. profile(s)
C. monitor(s)
D. persistence type
E. loadbalancing mode

Answer: CE

QUESTION 196
What is required for a virtual server to support clients whose traffic arrives on the internal VLAN
and pool members whose traffic arrives on the external VLAN.

A. That support is never available.

B. The virtual server must be enabled for both VLANs.
C. The virtual server must be enabled on the internal VLAN.
D. The virtual server must be enabled on the external VLAN.

Answer: C

QUESTION 197
A standard virtual server has been associated with a pool with multiple members. Assuming all
other settings are left at their defaults, which statement is always true concerning traffic processed
by the virtual server.

A. The client IP address is unchanged between the clientside connection and the serverside
connection.
B. The server IP address is unchanged between the clientside connection and the serverside
connection.
C. The TCP ports used in the clientside connection are the same as the TCP ports serverside
connection.
D. The IP addresses used in the clientside connection are the same as the IP addresses used in the
serverside connection.

Answer: A

Get Latest & Actual F5 101 Exam's Question and Answers from PassLeader. 55
https://www.passleader.com/
QUESTION 198
Monitors can be assigned to which three resources. (Choose three.)

A. NATs
B. pools
C. iRules
D. nodes
E. SNATs
F. pool members
G. virtual servers

Answer: BDF

QUESTION 199
A site has assigned the ICMP monitor to all nodes and a custom monitor, based on the HTTP
template, to a pool of web servers. The HTTPbased monitor is working in all cases. The ICMP
monitor is failing for 2 of the pool member 5 nodes. All other settings are default. What is the status
of the monitor is working in all cases. The ICMP monitor is failing for 2 of the pool member. 5 nodes.
All other settings are default. What is the status of the pool members.

A. All pool members are up since the HTTPbased monitor is successful.

B. All pool members are down since the ICMPbased monitor is failing in some cases.
C. The pool members whose nodes are failing the ICMPbased monitor will be marked disabled.
D. The pool members whose nodes are failing the ICMPbased monitor will be marked unavailable.

Answer: D

QUESTION 200
A site would like to ensure that a given web server's default page is being served correctly prior to
sending it client traffic. They assigned the A site would like to ensure that a given web server's
default page is being served correctly prior to sending it client traffic. They.e assigned the default
HTTP monitor to the pool. What would the member status be if it sent an unexpected response to
the GET request. default HTTP monitor to the pool. What would the member. status be if it sent an
unexpected response to the GET request.

A. The pool member would be marked offline (red).

B. The pool member would be marked online (green).
C. The pool member would be marked unknown (blue).
D. The pool member would alternate between red and green.

Answer: B

QUESTION 201
A site is load balancing to a pool of web servers. Which statement is true concerning BIG-IP's ability
to verify whether the web servers are functioning properly or not.

A. Web server monitors can test the content of any page on the server.
B. Web server monitors always verify the contents of the index.html page.

Get Latest & Actual F5 101 Exam's Question and Answers from PassLeader. 56
https://www.passleader.com/
C. Web server monitors can test whether the server's address is reachable, but cannot test a page's
content.
D. Web server monitors can test the content of static web pages, but cannot test pages that would
require the web server to dynamically build content.

Answer: A

QUESTION 202
The current status of a given pool is ffline.(red). Which condition could explain that state. Assume
the descriptions below include all monitorsThe current status of a given pool is .ffline.(red). Which
condition could explain that state. Assume the descriptions below include all monitors assigned for
each scenario.

A. No monitors are currently assigned to any pool, member or node.

B. The pool has a monitor assigned to it, and none of the pool members passed the test. The pool has
a monitor assigned to it, and none of the pool. members passed the test.
C. The pool has a monitor assigned to it, and only some of the pool's members passed the test.
D. A monitor is assigned to all nodes and all nodes have passed the test. The pool's members have
no specific monitor assigned to them.

Answer: B

QUESTION 203
You need to terminate client SSL traffic at the BIG-IP and also to persist client traffic to the same
pool member based on a BIG-IP supplied cookie. Which four are profiles that would normally be
included in the virtual server's definition. (Choose four.)

A. TCP
B. HTTP
C. HTTPS
D. ClientSSL
E. ServerSSL
F. CookieBased Persistence

Answer: ABDF

QUESTION 204
A site needs to terminate client HTTPS traffic at the BIG-IP and forward that traffic unencrypted.
Which two are profile types that must be associated with such a virtual server. (Choose two.)

A. TCP
B. HTTP
C. HTTPS
D. ClientSSL
E. ServerSSL

Answer: AD

QUESTION 205

Get Latest & Actual F5 101 Exam's Question and Answers from PassLeader. 57
https://www.passleader.com/
Which three statements describe a characteristic of profiles. (Choose three.)

A. Default profiles cannot be created or deleted.

B. Custom profiles are always based on a parent profile.
C. A profile can be a child of one profile and a parent of another.
D. All changes to parent profiles are propagated to their child profiles.
E. While most virtual servers have at least one profile associated with them, it is not required.

Answer: ABC

QUESTION 206
A virtual server is defined using a sourceaddress based persistence profile. The last five
connections were A, B, C, A, C . Given the conditions shown in the graphic, if a client with IP
address 205.12.45.52 opens a connection to the virtual server, which member will be used for the
connection.

A. 10.10.20.1:80
B. 10.10.20.2:80
C. 10.10.20.3:80
D. 10.10.20.4:80
E. 10.10.20.5:80

Answer: B

Get Latest & Actual F5 101 Exam's Question and Answers from PassLeader. 58
https://www.passleader.com/
QUESTION 207
How is persistence configured.

A. Persistence is an option within each pool's definition.

Answer: B

QUESTION 208
Which cookie persistence method requires the fewest configuration changes on the web servers to
be implemented correctly.

A. insert

Get Latest & Actual F5 101 Exam's Question and Answers from PassLeader. 59
https://www.passleader.com/
B. rewrite
C. passive
D. session

Answer: A

QUESTION 209
Which statement is true concerning cookie persistence.

A. Cookie persistence allows persistence independent of IP addresses.

Answer: A

QUESTION 210
Assume a virtual server has a ServerSSL profile. What SSL certificates are required on the pool
members.

A. No SSL certificates are required on the pool members.

B. The pool members.SSL certificates must only exist.
C. The pool members.SSL certificates must be issued from a certificate authority.
D. The pool members.SSL certificates must be created within the company hosting the BIG-IPs.

Answer: B

QUESTION 211
Assume a virtual server is configured with a ClientSSL profile. What would the result be if the virtual
server's destination port were not 443.

Answer: C

QUESTION 212
Which is an advantage of terminating SSL communication at the BIG-IP rather than the ultimate
web server.

A. Terminating SSL at the BIG-IP can eliminate SSL processing at the web servers.
B. Terminating SSL at the BIG-IP eliminates all unencrypted traffic from the nternal.network.
C. Terminating SSL at the BIG-IP eliminates all unencrypted traffic from the .nternal.network.
D. Terminating SSL at the BIG-IP eliminates the need to purchase SSL certificates from a certificate

Get Latest & Actual F5 101 Exam's Question and Answers from PassLeader. 60
https://www.passleader.com/
authority.
E. Terminating SSL at the BIG-IP eliminates the need to use SSL acceleration hardware anywhere in
the network.

Answer: A

QUESTION 213
A BIG-IP has two load balancing virtual servers at 150.150.10.10:80 and 150.150.10.10:443. The
port 80 virtual server has SNAT automap configured. There is also a SNAT configured at
150.150.10.11 set for a source address range of 200.200.1.0 / 255.255.255.0. All other settings
are at their default states. If a client with the IP address 200.200.1.1 sends a request to
https://150.150.10.10, what is the source IP address when the associated packet is sent to the pool
member.

A. 200.200.1.1
B. 150.150.10.11
C. Floating self IP address on VLAN where the packet leaves the system
D. Floating self IP address on VLAN where the packet arrives on the system

Answer: B

QUESTION 214
Which statement is true concerning SNATs using automap.

A. Only specified self-IP addresses are used as automap addresses.

B. SNATs using automap will translate all client addresses to an automap address.
C. A SNAT using automap will preferentially use a floating self-IP over a nonfloating self-IP.
D. A SNAT using automap can be used to translate the source address of all outgoing traffic to the
same address regardless of which VLAN the traffic is sent through.

Answer: C

QUESTION 215
Which two statements are true about NATs. (Choose two.)

A. NATs support UDP, TCP, and ICMP traffic.

B. NATs can be configured with mirroring enabled or disabled.
C. NATs provide a onetoone mapping between IP addresses.
D. NATs provide a manytoone mapping between IP addresses.

Answer: AC

QUESTION 216
Which statement describes a typical purpose of iRules.

A. iRules can be used to add individual control characters to an HTTP data stream.
B. iRules can be used to update the timers on monitors as a server load changes.
C. iRules can examine a server response and remove it from a pool if the response is unexpected
D. iRules can be used to look at client requests and server responses to choose a pool member to

Get Latest & Actual F5 101 Exam's Question and Answers from PassLeader. 61
https://www.passleader.com/
select for load balancing

Answer: A

QUESTION 217
A virtual server is listening at 10.10.1.100:80 and has the following iRule associated with it:

when HTTP_REQUEST { if { [HTTP::header UserAgent] contains "MSIE" } { pool MSIE_pool }

else { pool Mozilla_pool }

If a user connects to http://10.10.1.100/foo.html and their browser does not specify a UserAgent,
which pool will receive the request.

A. MSIE_pool
B. Mozilla_pool
C. None. The request will be dropped.
D. Unknown. The pool cannot be determined from the information provided.

Answer: B

QUESTION 218
Which event is always triggered when the client sends data to a virtual server using TCP.

A. HTTP_DATA
B. CLIENT_DATA
C. HTTP_REQUEST
D. VS_CONNECTED

Answer: B

QUESTION 219
A virtual server is listening at 10.10.1.100:any and has the following iRule associated with it:

when CLIENT_ACCEPTED { if {[TCP::local_port] equals 21 } { pool ftppool } elseif {[TCP::local_port]

equals 23 } { pool telnetpool }

If a user connects to 10.10.1.100 and port 22, which pool will receive the request.

A. ftppool
B. telnetpool
C. None. The request will be dropped.
D. Unknown. The pool cannot be determined from the information provided.

Answer: D

QUESTION 220
When configuring a Virtual Server to use an iRule with an HTTP_REQUEST event, which lists
required steps in a proper order to create all necessary objects.

A. create profiles, create the iRule, create required pools, create the Virtual Server

Get Latest & Actual F5 101 Exam's Question and Answers from PassLeader. 62
https://www.passleader.com/
B. create the Virtual Server, create required pools, create the iRule, edit the Virtual Server
C. create a custom HTTP profile, create required pools, create the Virtual Server, create the iRule
D. create required pools, create a custom HTTP profile, create the iRule, create the Virtual Server

Answer: B

QUESTION 221
Which statement is true concerning a functional iRule.

A. iRules use a proprietary syntax language.

B. iRules must contain at least one event declaration.
C. iRules must contain at least one conditional statement.
D. iRules must contain at least one pool assignment statement.

Answer: B

QUESTION 222
What is the purpose of provisioning?

A. Provisioning allows modules that are not licensed to be fully tested.

Answer: B

QUESTION 223
What is the purpose of Zonerunner?

A. Zonerunner adds a GUI interface for configuration of WideIP names.

B. Zonerunner adds a GUI interface for configuration of BIND database files for zones where the GTM
System is a primary name server.
C. Zonerunner adds a GUI interface for configuration of BIND database files where the GTM System
is not a primary or secondary server.
D. Zonerunner adds a GUI interface for configuration of BIND database files for zones where the GTM
System is a primary or secondary name server.

Answer: D

QUESTION 224
GTM can sign a DNS response using DNSSEC only if the DNS request ?GTM can sign a DNS
response using DNSSEC only if the DNS request

A. has the S?bit set. has the ?S?bit set.

B. is a part of a DNSSEC zone.
C. is for a WideIP name on the GTM.
D. is answered by BIND running on the GTM.

Get Latest & Actual F5 101 Exam's Question and Answers from PassLeader. 63
https://www.passleader.com/
Answer: B

QUESTION 225
Which statement about Generic Host Servers is true?

A. GTM Systems can initiate a big3d agent on Generic Host Servers.

B. GTM Systems cannot provide path metrics for Virtual Servers managed by a Generic Host Server.
C. GTM Systems can monitor a Generic Host Server and can cause a Generic Host Server to act as
a Statistics Collection Server.
D. GTM Systems can monitor a Generic Host Server but cannot cause a Generic Host Server to act
as a Statistics Collection Server.

Answer: D

QUESTION 226
By default, how frequently are log files rotated?

A. hourly
B. daily
C. weekly
D. There is no default; the administrator sets the frequency.

Answer: B

QUESTION 227
When configuring monitors for individual pool members, which three options can be selected?
(Choose three.)

A. inherit the pool's monitor

B. choose a default monitor
C. inherit the WideIP's monitor
D. assign a monitor to the specific pool member
E. do not assign any monitor to the specific pool member

Answer: ADE

QUESTION 228
Which two daemons only run after the entire license process has been completed? (Choose two.)

A. zrd
B. tmm
C. ntpd
D. gtmd

Answer: AD

QUESTION 229
What does the BIG-IP_add script do?

Get Latest & Actual F5 101 Exam's Question and Answers from PassLeader. 64
https://www.passleader.com/
A. add BIG-IP servers to the wideip.conf file
B. add an existing GTM System to a sync group
C. synchronize configuration files between BIG-IP Systems
D. exchange web certificates and keys between BIG-IP Systems

Answer: D

QUESTION 230
Which dynamic load balancing mode affects loadbalancing decisions based on path metrics?

A. Packet Rate
B. Completion Rate
C. Least Connections
D. Virtual Server Capacity

Answer: B

QUESTION 231
If the GTM System receives a packet destined for one of its Listener addresses the GTM will
process the request _____

A. either through WideIP processing or BIND processing

B. through WideIP processing and may process it through BIND processing
C. through BIND processing and may process it through WideIP processing
D. through WideIP processing and BIND processing and choose the best answer between the two

Answer: B

QUESTION 232
Which file contains the list of events for which the GTM System will send traps to an SNMP manager?

A. /etc/snmpd.conf
B. /etc/syslogng.conf
C. /etc/alertd/alert.conf
D. /etc/gtm_snmptrap.conf

Answer: C

QUESTION 233
Which three parameters can be specified within the Setup Utility? (Choose three.)

A. password of the "root" user

B. IP address of an NTP server
C. IP address of an initial WideIP
D. IP address restrictions for ssh access
E. all necessary administrative IP addresses (including floating addresses)

Get Latest & Actual F5 101 Exam's Question and Answers from PassLeader. 65
https://www.passleader.com/
Answer: ADE

QUESTION 234
Which of the following are correct regarding Wildcard entities? (Choose 2)

A. Wildcard entities are the basis for positive security logic.

B. Wildcard entities are the basis for negative security logic.
C. Wildcard entities require the need to learn only from violations.
D. Wildcard entities can be applied to file types, URLs, cookies and parameters.

Answer: AD

QUESTION 235
Flow login allows for more granular protection of login and logout URLs within web applications.
Which of the following are components of flow login? (Choose 3)

A. Schema
B. Login URLs
C. Login pages
D. Attack signatures
E. Access validation

Answer: BCE

QUESTION 236
What occurs when a load?command is issued?What occurs when a ? load?command is issued?

A. The running configuration is replaced by the any portion of the configuration files that are
syntactically correct.
B. The running configuration is loaded into files for storage.
C. The running configuration is compared to the configuration in files and, when changes are noted,
the version in the files is loaded over what is in money.
D. the running configuration is replaced by the configuration in the files, but only if they are syntactically
correct.

Answer: D

QUESTION 237
What occurs when a load?command is issued?What occurs when a ? load?command is issued?

A. rootBIG-IPsystem[Active][tmos.Itm.pool]#create pooh members add {170.16.20.1:80}

B. rootBIG-IPsystem[Active][tmos.Itm.pool]#create pooh members add {172.16.20.1:80}
C. rootBIG-IPsystem[Active][tmos.Itm.pool]#create pooh members add {172.16.20.1:80{} }
D. rootBIG-IPsystem[Active][tmos.Itm.pool]#create pooh members add {172.16.20.1:80{priority group
2}}

Answer: A

Get Latest & Actual F5 101 Exam's Question and Answers from PassLeader. 66
https://www.passleader.com/
QUESTION 238
Which three files/data items are included in a BIG-IP UCS backup file? (Choose three.)

A. the BIG-IP administrative addresses

B. the BIG-IP license
C. the BIG-IP log files
D. the BIG-IP default traps
E. the BIG-IP host name

Answer: ABE

QUESTION 239
Could an iRule perform persistence based on a cookie?

A. Yes An iRule could be designed to persist based on the contents of a cookie.

B. No. iRules cannot affect persistence.
C. Yes. An iRule could be desiged to persist based on the contents of a cookie.
D. No. Cookie persistence is only is based on a cookie persistence profile.

Answer: C

QUESTION 240
An LTM has the 3 virtual servers, 2 SNATs, four self IP addresses defined and the networks shown
in the exhibit. Selected options for each object are shown below. Settings not shown are at their
defaults. Assume port exhaustion has not been reached.

VirtualServerl
Destination: 10.10.2.102:80 netmask 255.255.255.255
Pool: Pool with 3 members in the 172.1 61.16 network
SNAT Automap configured V
VirtualServer2
Destination: 10.10.2.102:* netmask 255.255.255.255
Transparent with 3 pool members in the 192.168/16 network
VirtualServer3
Destination: 10.10.2.0:80 netmask 255.255.255.0
Type: IP Forwarding
SNATI Source IP: 10.10.0.0 netmask 255.255.0.0
SNAT Address: SNAT Pool with 2 members 172.16.20.50 and 192.168.10.50
SNAT2 Source IP: All Addresses
SNAT Address: 10.10.2.103
Floating Self IPs 192.168.1.1; 172.16.1.1; 10.10.2.1; 10.10.1.1

A connection attempt is made with a source IP and port of 10.20.100.50:2222 and a destination IP
and port of 10.10.2.102:443.
When the request is processed, what will be the source and destination IP addresses?

Get Latest & Actual F5 101 Exam's Question and Answers from PassLeader. 67
https://www.passleader.com/
A. Source IP: 10.10.2.103; Destination IP: pool member in the 192.168/16 network
B. Source IP: 10.10.201; Destination IP: pool member in the 192.168/16 network G
C. Source IP: 10.10.2.103; Destination IP: 10.10.2.102
D. The request will be dropped.
E. Source IP: 10.20.10.50; Destination IP: pool member in the 192.168/16 network
F. Source IP: 10.10.201; Destination IP: 10.102.102

Answer: C

QUESTION 241
How is traffic flow through transparent virtual servers different from typical virtual servers?

A. traffic flow through transparent virtual servers must be forwarded through a single routing device.
B. traffic flow through transparent virtual servers soes not have IP address translation performed.
C. Traffic flow through transparent virtual severs is not load balabced.
D. Traffic flow through transparent virtual servers is bridged ( leave IP and MAC.addresses intact)
rather than routed (leave IP address intact but change the MAC.addresses).

Answer: B

QUESTION 242
How is traffic flow through transparent virtual servers different from typical virtual servers?

A. any text string within a cookie

B. any bytes within the initial client request packet
C. an IP address
D. the value in the tcp acknowledgement field

Answer: AC

QUESTION 243
A monitor has been defined with an alias port of 443. All other options are left at their defaults. The
administrator wishes to assign it to a pool of members where the members' ports vary. Which is
the result?

A. For each member, if the member port is not 443, the member will be marked down. For each
member,if the member? Port is not 443, the member will be marked down.

Get Latest & Actual F5 101 Exam's Question and Answers from PassLeader. 68
https://www.passleader.com/
B. For each member, the monitor will test member node at port 443. For each member, the monitor
will test the member ? node at port 443.
C. For each member. If it is running an SSL service at the member port, the monitor may work.
Otherwise, the monitor will fail and the member for each member, if it is running an SSL service at
the member port, the monitor may work. Otherwise, the monitor will fail and the member will be
marked down.
D. This assignment is not allowed since the port do not match.

Answer: B

QUESTION 244
Which two processes are involved when BIG-IP systems issue traps? (Choose two.)

A. bigd
B. alertd
C. smtpd
D. syslogng

Answer: BD

QUESTION 245
A monitor has been defined using the HTTP monitor template. The send and receive strings were
customized, but all other settings were left at their defaults. Which resources can the monitor be
assigned to?

A. only specific pool members

B. most virtual severs
C. most nodes
D. most pools

Answer: D

QUESTION 246
After editing and saving changes to the configuration file containing virtual servers, what is the
immediate result?

A. The new configuration is verified and loaded.

B. The new configuration is verified not loaded.
C. The new configuration is verified
D. The new configuration is loaded but not verified.
E. The new configuration is neither verified nor loaded.
F. The new configuration is verified and loaded if is it syntactically correct.

Answer: E

QUESTION 247
In the following configuration, a virtual server has the following HTTP class configuration:

HTTP Class 1 = Host pattern www.f5.com

Get Latest & Actual F5 101 Exam's Question and Answers from PassLeader. 69
https://www.passleader.com/
HTTP Class 2 = No filters

A request arriving for WWW.F5.COM will be matched by which class(es)?

A. Class 1
B. Class 2
C. Both Class 1 and Class 2
D. The request will be dropped

Answer: B

QUESTION 248
Learning suggestions in the Policy Building pages allow for which of the following? (Choose 2)

A. XMLbased parameters and associated schema are automatically learned.

B. Blocking response pages can be automatically generated from web site content.
C. Flow level parameters are displayed when found and can be accepted into the current policy.
D. The administrator may modify whether the BIG-IP ASM System will learn, alarm, or block detected
violations.
E. Maximum acceptable values for length violations are calculated and can be accepted into the
security policy by the administrator.

Answer: CE

QUESTION 249
Under what condition must an appliance license be reactivated.

A. Licenses only have to be reactivated for RMAs no other situations.

B. Licenses generally have to be reactivated during system software upgrades.
C. Licenses only have to be reactivated when new features are added (IPv6, Routing Modules, etc)
no other situations.
D. Never. Licenses are permanent for the platform regardless the version of software installed.

Answer: B

QUESTION 250
Which three methods can be used for initial access to a BIG-IP system. (Choose three.)

A. CLI access to the serial console port

B. SSH access to the management port
C. SSH access to any of the switch ports
D. HTTP access to the management port
E. HTTP access to any of the switch ports
F. HTTPS access to the management port
G. HTTPS access to any of the switch ports

Answer: ABF

QUESTION 251

Get Latest & Actual F5 101 Exam's Question and Answers from PassLeader. 70
https://www.passleader.com/
When implementing Data Guard, BIG-IP ASM scans for suspicious patterns in? (Choose 2)

A. All client requests

B. All server responses
C. Specific client requests
D. Specific server responses

Answer: BD

QUESTION 252
A web client accesses a web application using what protocol?

A. TCP
B. XML
C. HTML
D. HTTP

Answer: D

QUESTION 253
In the following request, which portion represents a parameter name?

A. Yes
B. User
C. Week1
D. Financials

Answer: B

QUESTION 254
Which of the following is not a method of protection for user-input parameters?

A. Value extraction
B. Attack signatures
C. Length restriction
D. Meta character enforcement

Answer: A

QUESTION 255
By default, BIG-IP ASM allows which of the following HTTP methods in a client request? (Choose
3)

A. PUT
B. GET
C. POST
D. HEAD
E. TRACE

Get Latest & Actual F5 101 Exam's Question and Answers from PassLeader. 71
https://www.passleader.com/
Answer: BCD

QUESTION 256
The Flow Login feature prevents which web vulnerability from occurring?

A. Buffer overflow
B. Cookie poisoning
C. Forceful browsing
D. Cross site scripting

Answer: C

QUESTION 257
On a standalone BIG-IP ASM system, which of the following configuration is valid?

A. Pool named http_pool with 1 pool member, no persistence, and no load balancing method
B. Pool named http_pool with 3 pool members, cookie persistence, and ratio load balancing method
C. Pool named http_pool with 2 pool members, source IP persistence, and least connections load
balancing method
D. Pool named http_pool with 3 pool members, cookie persistence, and least connections load
balancing method

Answer: A

QUESTION 258
Which of the following violations cannot be learned by Traffic Learning?

A. RFC violations
B. File type length violations
C. Attack signature violations
D. Meta character violations on a specific parameter.

Answer: A

QUESTION 259
What is the purpose of the IP addresses listed in the Trusted IP section when using Policy Builder?

A. Incoming requests with these IP addresses will never get blocked by BIG-IP ASM.
B. Incoming requests with these IP addresses will not be taken into account as part of the learning
process, they will be allowed to do anything.
C. Incoming requests with these IP addresses will automatically be accepted into the security
www.braindumps.com 87
F5 101 Exam
policy, Policy Builder will validate that future requests with this traffic will not create a violation.
D. Incoming requests with these IP addresses will be used by Policy Builder to create an alternate
more advanced security policy, this additional policy will not be enabled unless forced by the
administrator.

Get Latest & Actual F5 101 Exam's Question and Answers from PassLeader. 72
https://www.passleader.com/
Answer: C

QUESTION 260
Which of the following protocols can be protected by Protocol Security Manager? (Choose 3)

A. FTP
B. SSH
C. HTTP
D. SMTP
E. Telnet

Answer: D

QUESTION 261
Which of the following user roles have access to make changes to security policies? (Choose 2)

A. Guest
B. Operator
C. Administrator
D. Web Application Security Editor

Answer: CD

QUESTION 262
Which of the following are methods BIG-IP ASM utilizes to mitigate web scraping vulnerabilities?
(Choose 2)

A. Monitors mouse and keyboard events

B. Detects excessive failures to authenticate
C. Injects JavaScript code on the server side
D. Verifies the client supports JavaScript and cookies

Answer: AD

QUESTION 263
When choosing Fundamental as the Policy Builder security policy type, BIG-IP ASM will learn and
enforce the following components? (Choose 2)

A. Attack signatures
B. Global parameters
C. HTTP protocol compliance
D. URLs and meta characters

Answer: AC

QUESTION 264
The default staging-tightening period for attack signatures and wildcard entities is?

Get Latest & Actual F5 101 Exam's Question and Answers from PassLeader. 73
https://www.passleader.com/
A. 5 days
B. 7 days
C. 10 days
D. 30 days

Answer: B

QUESTION 265
To make complex access policies easier to manage, an administrator can create a _______
containing several policy actions, and then add instances of it within the policy? (Fill in)

A. Visual Policy Editor

B. Policy Editor
C. Visual Editor
D. Policy creator

Answer: A

QUESTION 266
To make complex access policies easier to manage, an administrator can create a policy containing
several policy actions, and then add instances of it within the policy using the ________. (Fill in)

A. Deployment Wizard
B. Setup Wizard
C. Policy Wizard
D. Visual Wizard

Answer: A

QUESTION 267
The Policy Builder benefits include:

A. Doesn't require in depth web application knowledge

B. Only requires limited ASM knowledge
C. All of the above
D. Very low administrative impact

Answer: C

QUESTION 268
APM administrators can configure access policies granting users which two types of access?

A. CIFS access
B. Client/server access
C. Web application access
D. Proxy access
E. RDC access

Get Latest & Actual F5 101 Exam's Question and Answers from PassLeader. 74
https://www.passleader.com/
Answer: D

QUESTION 269
Which of the following is a benefit of using iRules?

A. They provide a secure connection between a client and LTM

B. They enable granular control of traffic
C. They can be used as templates for creating new applications
D. They can use Active Directory to authenticate and authorize users
E. They provide an automated way to create LTM objects

Answer: B

QUESTION 270
APM provides access control lists at which two OSI layers? (Choose two.)

A. Layer 5
B. Layer 4
C. Layer 7
D. Layer 6
E. Layer 2

Answer: BC

QUESTION 271
TMOS is an F5 software module that runs on the BIG-IP platform.

A. True
B. False

Answer: B

QUESTION 272
Which four F5 products are on the TMOS platform? (Choose four.)

A. ARX
B. GTM
C. WOM
D. APM
E. ASM
F. Firepass

Answer: BCDE

QUESTION 273
Which of the following is NOT a profile type on the BIG-IP?

A. Protocol

Get Latest & Actual F5 101 Exam's Question and Answers from PassLeader. 75
https://www.passleader.com/
B. Application
C. Persistence
D. Authentication
E. SSL

Answer: B

QUESTION 274
The BIG-IP determines the lowest connection speed between the client and the server and then
uses that for both connections.

A. True
B. False

Answer: B

QUESTION 275
Another name for the F5 OneConnect feature is TCP multiplexing.

A. True
B. False

Answer: A

QUESTION 276
LTM runs on______F5's proprietary product platform. (Fill in the correct answer)

A. ARX
B. Firepass
C. Acopia
D. TMOS

Answer: D

QUESTION 277
Which programming language is the basis for F5 iRules?

A. Lisp
B. C++
C. Java
D. TCL
E. AWK

Answer: D

QUESTION 278
What are the two most common methods of placing a BIG-IP device into a network environment?
(Choose two.)

Get Latest & Actual F5 101 Exam's Question and Answers from PassLeader. 76
https://www.passleader.com/
A. Channeled configuration
B. VLAN configuration
C. NAT configuration
D. SNAT configuration
E. Asymmetric configuration
F. Routed configuration

Answer: DF

QUESTION 279
Which of the following is NOT a benefit of using SSL offload?

A. It increases the bandwidth between the client and LTM.

B. It enables LTM to decrypt traffic, examine the payload, and then re-encrypt before sending it to a
pool member.
C. The organization requires far less SSL certificates.
D. The CPU processing load on backend servers is reduced.
E. It enables iRules to be used on traffic arriving to LTM that is encrypted.

Answer: A
Explanation:
SSL offload:
It enables LTM to decrypt traffic, examine the payload, and then re-encrypt before sending it to a
pool member.
The organization requires far less SSL certificates.
The CPU processing load on backend servers is reduced. It enables iRules to be used on traffic
arriving to LTM that is encrypted.

QUESTION 280
When using a routed configuration, the real server must point to the LTM as the ________.

A. NTP Server
B. DNS Server
C. Virtual IP
D. WINS server
E. Default gateway

Answer: E

QUESTION 281
TCP Express is licensed separately from LTM

A. True
B. False

Answer: B
Explanation:
TCP Express is licensed including in LTM.

Get Latest & Actual F5 101 Exam's Question and Answers from PassLeader. 77
https://www.passleader.com/
QUESTION 282
LTM can only load balance outbound traffic by using iRules

A. True
B. False

Answer: A

QUESTION 283
Which two of these statements about OneConnect are true? (Choose two.)

A. It decreases the CPU load on LTM

B. It aggregates multiple client connections into a single server connection
C. It decreases the amount of traffic between multiple clients and LTM
D. It requires SNAT to be configured
E. It decreases the CPU load on pool members

Answer: BE

QUESTION 284
GTM solves which three of these standard DNS limitations? (Choose three.)

A. It can verify that a host is available before resolving a host name for a client.
B. It can use HTTPS for the connection between itself and the client.
C. It can ensure that clients remain at the same data center for stateful applications.
D. It can verify that a client does not have any viruses before sending the IP address.
E. It has more complex load balancing methods.

Answer: ACE
Explanation:
GTM solves three of these standard DNS limitations.
It can verify that a host is available before resolving a hostname for a client It can ensure that clients
remain at the same data center for stateful applications It has more complex load balancing
methods.

QUESTION 285
Using IP Geolocation, an organization can always direct a client request from France to a
datacenter in Dublin.

A. True
B. False

Answer: A

QUESTION 286
Which three of these software modules can you layer on top of LTM on a BIG-IP device? (Choose
three.)

Get Latest & Actual F5 101 Exam's Question and Answers from PassLeader. 78
https://www.passleader.com/
A. Web Accelerator
B. APM
C. ARX
D. GTM
E. Firepass
F. Enterprise Manager

Answer: ABD
Explanation:
These software modules can you layer on top of LTM on a BIG-IP device are AAM, APM and GTM.

QUESTION 287
Customers can purchase LTM as a stand-alone product, or layer it with additional software modules
to increase the functionality of the BIG-IP device.

A. True
B. False

Answer: A

QUESTION 288
Which two of the following options can LTM use when all of the pool members are not available or
if the pool is overloaded?

A. Floating IPs
B. Fallback host
C. Auto last hop
D. SNAT automap
E. Pool offload
F. Priority group activation

Answer: D
Explanation:
http://support.f5.com/kb/en-
us/products/bigip_ltm/manuals/product/ltm_configuration_guide_10_0_0/ltm_pools.html

QUESTION 289
The least connections load balancing method functions best when all pool members share similar
characteristics.

A. True
B. False

Answer: A

QUESTION 290
A top-level DNS zone uses a CNAME record to point to a sub-zone. Which of the following is an
example of a sub-zone?

Get Latest & Actual F5 101 Exam's Question and Answers from PassLeader. 79
https://www.passleader.com/
A. www.F5.com/sub
B. www.F5.com
C. www.gslb.F5.com
D. .com
E. f5.com

Answer: C

QUESTION 291
Which three of the following must be done in order for GTM to properly communicate LTM?
(Choose three.)

A. Connect the GTM and LTM with a network crossover cable.

B. Synchronize the big3d versions between GTM and LTM.
C. Add the LTM object to the GTM configuration.
D. Configure the GTM and LTM to we MAC masquerading.
E. Ensure that GTM and LTM use the same floating IP address.
F. Exchange SSL certificates between the two devices.

Answer: BCF
Explanation:
Integrating LTM systems with GTM systems on a network
Running the bigip_add utility
Determine the self IP addresses of the BIG-IP LTM systems that you want to communicate with
BIG-IP GTM.
Run the bigip_add utility on BIG-IP GTM. This utility exchanges SSL certificates so that each
system isauthorized to communicate with the other.
When the LTM and GTM systems use the same version of the big3d agent, you run the bigip_add
utility toauthorize communications between the systems.
http://support.f5.com/kb/en-us/products/big-ip_gtm/manuals/product/gtm-implementations11-3-
0/7.html
Note:
The BIG-IP GTM and BIG-IP LTM systems must have TCP port 4353 open through the firewall
between the systems. The BIG-IP systems connect and communicate through this port.

QUESTION 292
DNSSEC is a GTM add-on licensing feature.

A. True
B. False

Answer: A

QUESTION 293
Which four of the monitoring methods listed below can GTM use to determine the status and
performance of BIG-IP and servers? (Choose four.)

A. ping
B. Application monitors
C. Inband monitors

Get Latest & Actual F5 101 Exam's Question and Answers from PassLeader. 80
https://www.passleader.com/
D. SSH
E. iQuery
F. SNMP

Answer: ABEF
Explanation:
http://support.f5.com/kb/en-us/products/big-ip_gtm/manuals/product/gtm-concepts-11-30/1.html
Configuring GTM to determine packet gateway health and availability
http://support.f5.com/kb/en-us/products/big-ip_gtm/manuals/product/gtm-implementations11-5-
0/9.html
sol13690:
Troubleshooting BIG-IP GTM synchronization and iQuery connections (11.x)
http://support.f5.com/kb/en-us/solutions/public/13000/600/sol13690.html

QUESTION 294
What happens when the data center that GTM recommends for a client is unavailable?

A. GTM uses cached information to determine an alternate route.

B. GTM queries the local DNS server.
C. GTM sends subsequent queries to the next preferred data center.
D. GTM directs the client to use its DNS cache to select an alternate location.
E. The client continues to attempt to access the preferred data center.

Answer: C

QUESTION 295
GTM can load balance to LTM in addition to non-BIG-IP hosts.

A. True
B. False

Answer: A

QUESTION 296
Which of the following is NOT included on the F5 DevCentral site?

A. Subscription purchasing options

B. Actual iRules written by other customers
C. iRules reference materials
D. Forums
E. The F5 iRule editor

Answer: A
Explanation:
Subscription purchasing options is in Partner Resource Center

QUESTION 297
If LTM uses the least connections load balancing method, which pool member in the following
diagram receives the next request?

Get Latest & Actual F5 101 Exam's Question and Answers from PassLeader. 81
https://www.passleader.com/
A. A
B. B
C. C
D. D

Answer: B

QUESTION 298
Why does deploying LTM into an existing network immediately improve security?

A. Only requests for specific ports are allowed through LTM.

B. All traffic through LTM is checked for DDoS attacks.
C. No traffic A allowed through LTM until it has been specified.
D. All users must authenticate before accessing applications through LTM.
E. Only LAN administrators can access resources through LTM.

Answer: C

QUESTION 299
You can use an HTTP class profile to forward traffic that matches which three of these types of
criteria? (Choose three.)

A. Port
B. HTTP header
C. URI path
D. User name
E. Protocol
F. Host name

Answer: BCF

QUESTION 300

Get Latest & Actual F5 101 Exam's Question and Answers from PassLeader. 82
https://www.passleader.com/
When an optimized TCP connection exists between LTM and the pool member, LTM can accept
server responses faster than the client. What is the name of this feature?

A. HTTP caching
B. OneConnect
C. TCP connection queuing
D. Content spooling
E. Priority activation

Answer: D

QUESTION 301
As a full TCP proxy, LTM acts as the termination point for both requests from the client and
responses from the server.

A. True
B. False

Answer: A

QUESTION 302
FastCache will NOT work with compressed objects.

A. True
B. False

Answer: A

QUESTION 303
Which of the following can be accomplished using iRules?

A. Track inbound and outbound traffic

B. Perform deep packet inspection
C. Inspect traffic and drop it
D. All of the above
E. Intercept traffic and redirect it

Answer: D

QUESTION 304
GTM uses Auto Discovery to add virtual servers from both LTM and non-BIG-IP load balancers.

A. True
B. False

Answer: B

QUESTION 305

Get Latest & Actual F5 101 Exam's Question and Answers from PassLeader. 83
https://www.passleader.com/
Which four of the following statements about LDNS probes are true? (Choose four.)

A. Only GTM devices can act as a prober.

B. They check each requesting LDNS that has made a request of the GTM.
C. They can determine available cache size on the client.
D. They are used to develop path metrics.
E. They verify the link between a data center and an LDNS.
F. Probing only takes place if GTM is configured to use dynamic load balancing.

Answer: BDEF

QUESTION 306
Similar to LTM monitors, GTM monitors use both an Interval and a Timeout value.

A. True
B. False

Answer: A

QUESTION 307
Since F5 built GTM on the TMOS platform it can exist on the same BIGIP device as LTM:

A. True
B. False

Answer: A

QUESTION 308
An administrator is adding GTM to the network infrastructure. Which of the following requirements
would lead them to select an Authoritative Screening architecture rather than Delegation?

A. They want GTM to examine all DNS queries.

B. They want GTM to make load balancing decisions based on metrics.
C. They have data centers in several countries.
D. They are using several operating systems for the local DNS servers.

Answer: C

QUESTION 309
The BIG-IP full proxy architecture has full visibility from the client to the server and from the server
to the client.
What security benefit does this provide to customers?

A. Offloads security functionality from other devices such as network firewalls and Intrusion Prevention
Systems (IPS), which may experience performance degradation when inspecting DNS queries and
responses.
B. provides enhanced support for DNS servers.
C. Establishes highly detailed policies based on your customer's business in requirements, performs
multiple factors of authentication, detects corporate versus non-corporate devices, checks OS

Get Latest & Actual F5 101 Exam's Question and Answers from PassLeader. 84
https://www.passleader.com/
patch levels, and determines antivirus patch levels.
D. Provides industry-leading knowledge of application behavior as it travels through a network, and it
applies that knowledge to security because it knows how an application behaves at any point in the
reply request process

Answer: D

QUESTION 310
Select the key reasons F5 is able to handle DNS DDoS attacks so effectively? Select two.

A. F5 can ensure a DNS DDoS attack is not successful.

B. F5 has high performance DNS services.
C. F5 can answer the DNS queries directly.
D. With Global Traffic Manager (GTM), F5 completely stops all DNS DDoS attacks.
E. F5 can ensure a customer never faces a DNS DDoS attack.

Answer: CE

QUESTION 311
Which of the following are the three main business drivers for placing LTM into a network? (Choose
three.)

A. Secure the connection between WAN sites.

B. Improve application availability and scalability.
C. Authenticate and authorize users.
D. Boost application performance.
E. Include application security.
F. Act as a Web application firewall

Answer: BDE

QUESTION 312
If a customer has an application that uses a customized protocol, what LTM feature can help
optimize the traffic from the application?

A. iRules
B. Network virtual servers
C. HTTP classes
D. Packet filtering
E. Transparent virtual servers

Answer: A

QUESTION 313
An LTM object represents a downstream server that hosts a secure Web site and contains the IP
address and port combination 192.168.9.250:443. What is this object?

A. Self IP
B. Virtual Server

Get Latest & Actual F5 101 Exam's Question and Answers from PassLeader. 85
https://www.passleader.com/
C. Pool
D. Node
E. Pool Member

Answer: E

QUESTION 314
Adding more RAM to a GTM device drastically improves query performance.

A. True
B. False

Answer: B

QUESTION 315
Which of the following are four of the security benefits of TMOS? (Choose four.)

A. It verifies traffic based on antivirus signatures.

B. It provides protection against DDoS.
C. It uses SYN cookies and dynamic connection reapers.
D. It supplies guidance for poorly developed applications.
E. It denies all traffic that hasn't been defined.
F. It can hide confidential information from outbound traffic.

Answer: BCEF

QUESTION 316
The LTM "Manager" authentication role can create iRules.

A. True
B. False

Answer: A

QUESTION 317
Which of the following statements about cookie persistence is NOT true?

A. The cookie's timeout value can be customized.

B. They are F5'spreferred persistence method.
C. No persistence information is placed on LTM.
D. Web servers must be configured to send cookies to clients.
E. They do not add a performance impact on LTM.

Answer: D

QUESTION 318
An LTM object that represents a downstream server contains the IP address 192.168.9.250 and
no port. What is this object?

Get Latest & Actual F5 101 Exam's Question and Answers from PassLeader. 86
https://www.passleader.com/
A. Pool member
B. Virtual server
C. Pool
D. Self IP
E. Node

Answer: E

QUESTION 319
Which three of the metrics listed below can GTM use when making load balancing decisions for a
client? (Choose three.)

A. TCP payload
B. IP geolocation
C. Hop count
D. Round trip time
E. Browser user agent

Answer: BCD

QUESTION 320
In order to improve GTM performance, administrators should use multiple complex monitors to
ensure resources are functioning properly:

A. True
B. False

Answer: B

QUESTION 321
Which three of the following are unique differentiators for F5 in the marketplace? (Choose three.)

A. VLANs
B. Load-balancing pools
C. Secure remote access
D. TMOS
E. OneConnect
F. iRules

Answer: DEF

QUESTION 322
Which three of these file types work well with HTTP compression? (Choose three.)

A. MP4 videos
B. Digital photos
C. Text files

Get Latest & Actual F5 101 Exam's Question and Answers from PassLeader. 87
https://www.passleader.com/
D. Static HTML Web pages
E. CD quality songs
F. Microsoft Word documents

Answer: CDF

QUESTION 323
Match each persistence method with the correct statement describing it:

A. Cookie persistence
B. Source address persistence
C. SSL persistence
D. Universal persistence

Answer: B

QUESTION 324
Which two of the following LTM load balancing methods require the least amount of resources?
(Choose two.)

A. Round robin
B. Ratio
C. Observed
D. Fastest
E. Predictive
F. Least connections

Answer: AB

QUESTION 325
When using a redundant pair of LTMs, it is most advantageous to use them in an Active/Active
scenario because this provides additional load balancing capabilities.

A. True
B. False

Answer: B

QUESTION 326
An LTM object contains both IP address and port combinations 20.18.9.250:80 and 20.18.9.251:80
and host the same Web application. What is this object?

A. Pool
B. Self-IP
C. Node
D. Pool member
E. Virtual Server

Answer: A

Get Latest & Actual F5 101 Exam's Question and Answers from PassLeader. 88
https://www.passleader.com/
QUESTION 327
Which of the following are four of the benefits of the TMOS architecture? (Choose four.)

A. User authentication
B. Server-side optimization
C. Dynamic DDoS protection
D. Web application security
E. Client-side optimization
F. Antivirus checking

Answer: BCDE

QUESTION 328
In order to further accelerate applications, the external router can direct subsequent client traffic to
bypass LTM and communicate directly with the server.

A. True
B. False

Answer: B

QUESTION 329
When using only LTM in redundant pairs, a customer can load balance to multiple data centers.

A. True
B. False

Answer: B

QUESTION 330
Application templates save the time it typically takes to create nodes, pools, pool members, virtual
servers, and monitors.

A. True
B. False

Answer: A

QUESTION 331
Which of the following TMOS feature enables BIG-IP to scale performance based to the available
CPU cores?

A. Clustered multi-processing
B. OneConnect
C. HTTP class
D. Session persistence
E. Auto Last Hop

Get Latest & Actual F5 101 Exam's Question and Answers from PassLeader. 89
https://www.passleader.com/
Answer: A

QUESTION 332
In a routed configuration, what does LTM do with the packet before sending it to the pool member?

A. Change the source IP and the destination IP address

B. Leave it unchanged and forward it
C. Change the source IP address
D. Change the destination IP address

Answer: D

QUESTION 333
If the BIG-IP device is NOT always located between the client and the server, it will NOT provide
full optimization and security.

A. True
B. False

Answer: A

QUESTION 334
TCP Express enables LTM to use different TCP settings for the connection between the client and
LTM, and the connection between LTM and the pool member.

A. True
B. False

Answer: A

QUESTION 335
Where do you configure GTM client persistence?
Case Study Title (Case Study):

A. On a DNS listener object

B. On a wide IP object
C. Within a load balancing method
D. On a DNS pool object
E. On a virtual server object

Answer: B

QUESTION 336
Administrators can configure which three of the following load balancing options in GTM? (Choose
three.)

A. Alternate

Get Latest & Actual F5 101 Exam's Question and Answers from PassLeader. 90
https://www.passleader.com/
B. Fallback
C. Required
D. Preferred
E. Backup
F. Optional

Answer: ABD

QUESTION 337
Over the years, F5 has led the industry in which of the four following areas? (Choose three.)

A. Security
B. Acceleration
C. Application availability
D. Application scalability
E. Application design
F. Remote access

Answer: ABD

QUESTION 338
Which of the following is NOT a method that TMOS uses to improve the performance of applications?

A. Caching HTTP data

B. Optimizing the TCP connection between the client and the BIG-IP device
C. Offloading SSL decryption from downstream servers
D. Discarding unnecessary data from server responses before sending to the client
E. Compressing HTTP data

Answer: D

QUESTION 339
The drawback to having BIG-IP act as a full application proxy is the decrease in application
performance.

A. True
B. False

Answer: B

QUESTION 340
The Policy Builder benefits include:

A. Doesn't require in depth web application knowledge

B. Only requires limited ASM knowledge
C. All of the above
D. Very low administrative impact

Get Latest & Actual F5 101 Exam's Question and Answers from PassLeader. 91
https://www.passleader.com/
Answer: C

QUESTION 341
CSRF is difficult to detect because:

A. The attacks are requests a user should be allowed to make

B. The attacks always utilize obfuscation
C. The attacks are always encrypted
D. All of the above

Answer: A

QUESTION 342
Information leakage is a major obstacle to achieving PCI DSS compliance.

A. True
B. False

Answer: A

QUESTION 343
Requests that do not meet the ASM security policies can:

A. Generate learning suggestions

B. Be blocked
C. All of the above
D. Be logged

Answer: C

QUESTION 344
What is NOT a benefit of using a SNAT?

A. ASM can be deployed easily

B. No changes are needed on the servers
C. Fail open is easy to add
D. Higher performance than other configuration

Answer: D

QUESTION 345
ASM's Web Scraping protection:

A. Is simple to configure
B. Cannot accommodate good scrapers
C. Will protect the site by blocking all requests
D. Is difficult to configure

Get Latest & Actual F5 101 Exam's Question and Answers from PassLeader. 92
https://www.passleader.com/
Answer: A

QUESTION 346
The PCI compliance report is proof that a company is secure.

A. True
B. False

Answer: B

QUESTION 347
ASM offers the most extensive, effective, and simplest to configure CSRF protection in the WAF
market.

A. True
B. False

Answer: A

QUESTION 348
The APM Dashboard enables administrators to monitor which two of these metrics? (Choose two.)

A. Number of active sessions

B. Number of new sessions
C. Number of denied users
D. Number of users from each country

Answer: AB

QUESTION 349
Although APM can interoperate with LTM, it is unable to use iRules for advanced processing.

A. True
B. false

Answer: B

QUESTION 350
APM provides access control lists at which two 051 layers

A. Layer 6
B. Layer 5
C. Layer 7
D. Layer 4
E. Layer 3
F. Layer 2

Answer: CD

Get Latest & Actual F5 101 Exam's Question and Answers from PassLeader. 93
https://www.passleader.com/
QUESTION 351
Which of the following statements about Web server offload is NOT true?

A. It performs rate shaping to reduce overflow.

B. It forces the client browser to use multiple connections streams.
C. It uses OneConnect to reduce multiple TCP connections.
D. It utilizes cached content to prevent unnecessary trips for the same content.
E. It uses specialized hardware for SSL offload.

Answer: B

QUESTION 352
A network administrator tells you that they do NOT need WebAccelerator because their Web
application is fine. What is your best response?

A. Challenge them to run performance testing on their Web site.

B. Access their Web site with them to display its response.
C. Request a follow up meeting within the next three months.
D. Ask for an opportunity to speak with the CIO or a member of their Web application team.

Answer: D

QUESTION 353
When sizing a WebAccelerator deployment, you should base the WA capacity on the LTMcapacity.

A. True
B. False

Answer: B

QUESTION 354
Which three of the following are benefits of adding WebAccelerator to the network infrastructure?
(Choose three.)

A. It adds a layer, security to a Web site

B. It speeds up a secure Web site
C. It reduces the need to purchase additional bandwidth
D. It analyzes Web content, and caches and compresses it accordingly
E. It improves the performance, large object file transfers

Answer: BCD

QUESTION 355
IP Enforcer blocks IP addresses that have repeatedly and regularly attacked the site.

A. True
B. False

Get Latest & Actual F5 101 Exam's Question and Answers from PassLeader. 94
https://www.passleader.com/
Answer: A

QUESTION 356
One reason APM beats the competition is its ability to perform both user authentication and
authorization on a single device.

A. True
B. False

Answer: A

QUESTION 357
Which three of these scenarios should you identify as being an APM opportunity? (Choose three.)

A. An organization using Novell Netware for authentication.

B. An organization that has been recently fined for failing security compliance.
C. An organization with a traveling sales force.
D. An organization with a single location and no remote employees.
E. An organization that needs to ensure users are using Symantec antivirus software.
F. An organization sharing a public Web site for all Internet users.

Answer: BCE

QUESTION 358
When an administrator creates a new access policy in the Visual Policy Editor, which three options
are included by default? (Choose three.)

A. A fallback option
B. An Allow Ad box
C. A Deny End box
D. An empty Resource Assign item
E. A Start box
F. A Block All option

Answer: ACE

QUESTION 359
Poor Web application performance contributes to which four of these issues for businesses?
(Choose four.)

A. A Web site that goes unused

B. Increased support calls
C. Loss of users
D. Loss of revenue
E. DDoS attacks
F. Identity theft

Answer: ABCD

Get Latest & Actual F5 101 Exam's Question and Answers from PassLeader. 95
https://www.passleader.com/
QUESTION 360
Organizations are moving towards a cloud solution are good candidates for F5 WOM solutions.

A. True
B. False

Answer: A

QUESTION 361
Using WOM for vMotion transfers across the WAN prevents VMware users from experiencing
interruptions.

A. True
B. False

Answer: A

QUESTION 362
The administrator must specify APM access control entries as either L4 or L7.

A. True
B. False

Answer: B

QUESTION 363
Administrators can customize APM to resemble other internal Web applications in the organization.

A. True
B. False

Answer: A

QUESTION 364
Which of the following is a client-side action in the Visual Policy Editor that prevents external access
and deletes any files created during a secure access session?

A. Windows Group Policy

B. Resource Assign
C. Protected Workspace
D. Virtual Keyboard
E. Browser Cache and Session Control

Answer: C

QUESTION 365
The main drawback to using an APM Deployment Wizard is that it is not possible to edit the resulting

Get Latest & Actual F5 101 Exam's Question and Answers from PassLeader. 96
https://www.passleader.com/
objects, including the access policy.

A. True
B. False

Answer: B

QUESTION 366
Mobile device browsers typically display Web pages more slowly than PC browsers.

A. True
B. False

Answer: A

QUESTION 367
Which two of the following factors are often responsible for poor Web application performance?
(Choose two.)

A. The time it takes to generate an HTTP request.

B. The time it takes to deliver the HTTP response over the network.
C. The time it takes to display the HTTP response in the browser.
D. The time it takes to generate the HTTP response.

Answer: BD

QUESTION 368
WebAccelerator uses three tiers to improve performance. What are the three tiers? (Choose three.)

A. Bandwidth offload
B. Client offload
C. Application offload
D. Protocol offload
E. Web server offload
F. Network offload

Answer: CEF

QUESTION 369
ASM can detect Layer 7 DoS attacks by which four ways of monitoring: (Choose four.)

A. Monitoring for a threshold of increased number of transactions per second per URL.
B. Monitoring for a % change in transactions per second per URL.
C. Monitoring for a % change in server latency or TPS.
D. Monitoring for a threshold of increased server latency or TPS.
E. Monitoring ASM policy builder performance.
F. Monitoring BIG-IP CPU utilization.
G. Deep Packet inspection.

Get Latest & Actual F5 101 Exam's Question and Answers from PassLeader. 97
https://www.passleader.com/
Answer: ABCD

QUESTION 370
Application trends and drivers that increase the need for application security are:

A. Intelligent Browsers
B. Webification
C. Targeted attacks
D. All the above

Answer: D

QUESTION 371
The Rapid Deployment Policy is used to:

A. Improve website performance

B. Quickly protect web sites for most common attacks
C. Improve ASM performance
D. Provide wizard functionality for quick policy creation

Answer: B

QUESTION 372
ASM combined with LTM provides protection against:

A. Layer 7 DoS attacks

B. All of the above
C. Layer 4 DoS attacks
D. DDoS attacks

Answer: B

QUESTION 373
When using a single BIG-IP with APM, an organization can support up to 60,000 concurrent remote
access users.

A. True
B. False

Answer: A

QUESTION 374
An F5 customer must install WebAccelerator on top of LTM:

A. True
B. False

Get Latest & Actual F5 101 Exam's Question and Answers from PassLeader. 98
https://www.passleader.com/
Answer: B

QUESTION 375
The Protected Workspace client-side action provides more client-side security than the Cache and
Session Control action.

A. True
B. False

Answer: A

QUESTION 376
Which WOM feature replaces a long byte pattern, such as "100000111000110101", with a shorter
reference to the pattern?

A. Symmetric adaptive compression

B. Symmetric data deduplication
C. Bandwidth allocation
D. Application protocol acceleration
E. TCP optimization

Answer: B

QUESTION 377
In order to ensure that a specific file type is never moved down to a secondary file tier, the
administrator should:

A. Set up an automated bot that accesses that file once a week.

B. This is not possible on the ARX.
C. Set a policy that the file type remains on primary storage.
D. Instruct the end users to put the file in a non-tiered directory.

Answer: C

QUESTION 378
How does the ARX eliminate the disruption caused by re-provisioning storage?

A. By identifying data that has not been modified and moving it to a secondary tier.
B. By reducing the time necessary to run a complete backup.
C. By allowing system administrators to apply policy to specific types data.
D. By automating capacity balancing and allowing seamless introduction of file systems into the
environment after the ARX is installed.

Answer: D

QUESTION 379
Which of the following statements is true about ARX's capacity balancing ability?

Get Latest & Actual F5 101 Exam's Question and Answers from PassLeader. 99
https://www.passleader.com/
A. When new files are created, the ARX can determine in real time where to place each file based on
the available space on each storage device
B. When configuring the ARX, customers can choose to implement either an age-based policy or a
capacity based policy, but are not able to run both policies at the same time
C. All files created at approximately the same time (within 10 minutes) will be stored on the same tier
of storage to minimize latency and improve the user experience
D. The ARX balances capacity within tiers A storage, but cannot balance capacity across tiers of
storage

Answer: A

QUESTION 380
The Device Inventory option in Enterprise Manager can replace an organization's static Excel
spreadsheet containing similar data.

A. True
B. False

Answer: A

QUESTION 381
Which of the following statements best describes the ARX architecture?

A. The ARX's split path architecture has a data path that handles the most common operations, and
a control path that handles other operations requiring deeper inspection and updating of the index.
B. The ARX's architecture has redundancy built in, allowing a single ARX to be deployed in most use
cases which provides a huge cost savings to customers.
C. All of the above.
D. It is a software agent that installs on the storage device.

Answer: A

QUESTION 382
The ARX is like a mini network manager. It is able to check the health of the environment and can
raise alerts when thresholds are reached.

A. True
B. False

Answer: A

QUESTION 383
Which two of the following are costs businesses may face in dealing with unstructured data?
(Choose two.)

A. Lost productivity due to server downtime

B. Buying backup media
C. Buying additional storage capacity
D. Paying to convert unstructured data into structured data

Get Latest & Actual F5 101 Exam's Question and Answers from PassLeader. 100
https://www.passleader.com/
Answer: BC

QUESTION 384
In the current version of BIG-IP, what happens if the GTM does not find a wide IP that matches the
DNS request?

A. It sends a broadcast request to all GTM devices.

B. It uses iQuery to request the information from LTM.
C. It sends a request to its configured backup GTM device.
D. It sends an un-resolvable error to the client.
E. It sends the request to an external DNS.

Answer: E

QUESTION 385
Using IP Geolocation, an organization can always direct a client request from France to a data
enter in Dublin.

A. True
B. False

Answer: A

QUESTION 386
In most cases, F5 recommends using round robin load balancing.

A. True
B. False

Answer: B
Explanation:
Using round robin load balancing is recommended when Server is not so strong and using easy
WebApplication.

QUESTION 387
Which three of the following statements describe a data center object?

A. It attempts to match a DNS request with a configured wide IP.

B. It is attached to multiple Internet links.
C. It becomes available for use when an assigned server is up.
D. It retains statistics for each data center.
E. It is a logical representation of a physical location.
F. It specifies how users access the Internet.

Answer: BC

QUESTION 388

Get Latest & Actual F5 101 Exam's Question and Answers from PassLeader. 101
https://www.passleader.com/
Which four of the following items are physical objects used by GTM?

A. Virtual servers
B. Links
C. Servers
D. Wide IPs
E. Data centers
F. Pools

Answer: ABCE
Explanation:
These components include:
Data centers, Servers, Links, Virtual servers
http://support.f5.com/kb/en-
us/products/bigip_gtm/manuals/product/gtm_config_10_2/gtm_components_overview.html
Links
+ Wide IPs + Data centers + Pools
Links
+ Wide IPs + Data centers + Virtual servers
Links
+ Servers + Virtual servers + Pools the physical network, such as data centers, servers, and links,
and the components that comprise the logical network, such as wide IPs, pools, and global settings.
Most of the configuration components you build using the Configuration utility are saved to the
wideip.conf file.
Logical objects/components include: Listeners - Pools - Wide IPs - Distributed applications

QUESTION 389
Which three are GTM server dynamic load balancing modes? (Choose three.)

A. Packet Rate
B. Virtual Server Score
C. CPU
D. Fallback IP
E. Ratio

Answer: ABC
Explanation:
The Global Traffic Manager supports the following dynamic load balancing modes:
Completion Rate
CPU
Hops
Kilobytes/Second
Least Connections
Packet Rate
Quality of Service (QoS)
Round Trip Times (RTT)
Virtual Server Score
VS Capacity

QUESTION 390
Which four are GTM server static load balancing modes? (Choose four.)

Get Latest & Actual F5 101 Exam's Question and Answers from PassLeader. 102
https://www.passleader.com/
A. Return to DNS
B. CPU
C. Packet Rate
D. Drop Packet
E. Round Robin
F. Static Persist

Answer: ADEF
Explanation:
Global Traffic Manager supports the following static load balancing modes:
Drop Packet
Fallback IP
Global Availability
None
Ratio
Return to DNS
Round Robin
Static Persist
Topology

QUESTION 391
The F5 Application Delivery Firewall has the ability to outperform traditional and next generation
firewalls during DDoS attacks by leveraging the performance and scalability of BIG-IP to hand
extremely high loads, including high throughput, high connection count, and high number of
connections per second.

A. True
B. False

Answer: A

QUESTION 392
What is the main cause of high latency in a Web application?

A. The version, the client's browser

B. The distance between the client and Web server
C. The number of CPUs on the Web server
D. The size of the objects on the page

Answer: B

QUESTION 393
Network Security personnel are entirely responsible for web application security.

A. True
B. False

Answer: B

QUESTION 394

Get Latest & Actual F5 101 Exam's Question and Answers from PassLeader. 103
https://www.passleader.com/
ASM Geolocation reporting provides information regarding:

A. The number of attacks from a specific state

B. The types of attacks from a city
C. All of the above
D. The countries from which the attacks originated

Answer: D

QUESTION 395
An inline ASM configuration requires:

A. Two network connections

B. None of the above
C. Two disk drives
D. Two power supplies

Answer: A

QUESTION 396
Which three of these are the potential ending options for branches in the Visual Policy Editor?
(Choose three.)

A. Reject
B. Fallback
C. Allow
D. Deny
E. Limit
F. Redirect

Answer: CDF

QUESTION 397
The Protected Workspace client-side action provides more client-side security than the Cache and
Session Control action.

A. True
B. False

Answer: A

QUESTION 398
Which of the following is NOT a logging option within an APM access control entry?

A. Packet
B. Verbose
C. Nominal
D. Summary

Get Latest & Actual F5 101 Exam's Question and Answers from PassLeader. 104
https://www.passleader.com/
E. None

Answer: C

QUESTION 399
Administrators can specify an APM access profile when defining a virtual server in LTM.

A. True
B. False

Answer: A

QUESTION 400
Using Fast Cache with ASM will:

A. Improve user experience

B. Improve server performance
C. All of the above
D. Improve BIG-IP ASM performance

Answer: C

QUESTION 401
ASM provides antivirus protection by:

A. Extracting files being uploaded and sending them to an AV system via ICAP
B. Running a local antivirus program on the BIG-IP
C. None of the above
D. Using IP Penalty enforcement to block requests from hackers IPs

Answer: A
Explanation:
Supported ICAP Servers in TMOS 11.5:

QUESTION 402
APM can verify which four of the following details before granting a user access to a resource?
(Choose four.)

A. The user's Web browser

B. The user's computer
C. User's hard drive encryption software
D. Groups the user is a member of
E. The network speed
F. The user's username

Get Latest & Actual F5 101 Exam's Question and Answers from PassLeader. 105
https://www.passleader.com/
Answer: ABDF

QUESTION 403
Which four of these benefits does APM provide? (Choose four.)

A. Enables remote access by several thousand simultaneous users.

B. Basic Web application firewall capabilities.
C. User authentication based on identity.
D. Acceleration of Web content to the client.
E. Granular authorization to resources.
F. Client workstation security checking.

Answer: ACEF

QUESTION 404
Which four of these statements regarding object size and WebAccelerator performance are true?
(Choose four.)

A. Large objects such as video cache well

B. Large objects allow fewer requests per second
C. Large objects result in higher throughput
D. Small objects result in higher throughput
E. Small objects such as images cache well
F. Small objects allow more requests per second

Answer: BCEF

QUESTION 405
Which four of these scenarios will benefit from F5's WAN Optimization Module? (Choose four.)

A. An international organization with data centers in different countries.

B. An organization that does not want to rely on using tape backup.
C. An organization with one site but hundreds of Web servers.
D. An organization whose users create extremely large files.
E. An organization that expects their Web site usage to double in the next year.
F. An organization attempting to lower costs by reducing the number of data centers.

Answer: ABDF

QUESTION 406
An administrator is planning on solving latency issues by placing the backup data center in a
neighboring city to the primary data center. Why isn't this effective solution?

A. It does not provide an acceptable disaster recovery solution.

B. It won't improve latency between the data centers.
C. It won't improve the backup time from the primary data center to the backup data center.
D. Users near the data centers will find their connections going back and forth between the two site
E. It costs more to have the data centers close together than further apart.

Get Latest & Actual F5 101 Exam's Question and Answers from PassLeader. 106
https://www.passleader.com/
Answer: A
Explanation:
It does not provide an acceptable disaster recovery solution, it is too close in proximity

QUESTION 407
Which is NOT an ASM protection method for cross site scripting?

A. Signatures
B. URl character set limiting
C. Token injection
D. Parameter character set limiting

Answer: C

QUESTION 408
Which item is NOT a function of a properly deployed and configured ASM?

A. Detects attacks
B. Stops hackers from attacking
C. Provides protection visibility
D. Provides security agility

Answer: B

QUESTION 409
Which is NOT a function of ASM?

A. Attack signature enforcement

B. HTTP protocol enforcement
C. Network security
D. Parameter value enforcement

Answer: C

QUESTION 410
True or False, WOM speeds up large file data transfer across the WAN between a Windows client
and a Windows file Server.

A. True
B. False

Answer: A

QUESTION 411
Which item is NOT a function of ASM?

A. Provides authentication and authorization services

Get Latest & Actual F5 101 Exam's Question and Answers from PassLeader. 107
https://www.passleader.com/
B. Logs and reports full HTTP messages
C. Provides comprehensive Web application security
D. Provides application level performance information

Answer: A

QUESTION 412
Learning suggestions can be the result of:

A. A false positive
B. A malicious attack
C. A change in the web site content
D. All the above

Answer: D

QUESTION 413
Identifying users by their IP address is a sufficient method of performing authentication and
authorization.

A. True
B. False

Answer: B

QUESTION 414
A user's access to resources can change based on the computer they connect from.

A. True
B. False

Answer: A

QUESTION 415
Replicating a large database between sites could take several hours without WOM, and only
several minutes with WOM.

A. True
B. False

Answer: A

QUESTION 416
Brute force protection will:

A. Block a user after a specified number, unsuccessful login attempts

B. Block a user after a specified number of page requests are attempted
C. None of the above

Get Latest & Actual F5 101 Exam's Question and Answers from PassLeader. 108
https://www.passleader.com/
D. Block a user from downloading too much content from the site

Answer: A

QUESTION 417
What technology does ARX use to create a logical abstraction of the physical storage environment?

A. Data de-duplication
B. File virtualization
C. Server virtualization
D. SSL encryption

Answer: B

QUESTION 418
Using file virtualization, what can the ARX do for customers?

A. Match data to the most appropriate tier of storage (e.g. critical data on tier 1 storage; older data on
secondary storage tier).
B. All of the above.
C. Move individual files or entire file systems in real-time without disruption of down-time.
D. Automate many storage management tasks such as storage tiering, dynamic capacity balancing,
and no disruptive data migration.

Answer: B

QUESTION 419
A customer says his business wouldn't benefit from buying ARX because it already has block based
storage virtualization in place. Is he right? Why or why not?

A. Yes. Block based storage virtualization is just another name for file virtualization.
B. No. ARX allows customers to implement storage tiering benefits, but block based storage
virtualization does not.
C. Yes. Block based storage virtualization offers the same functionality as ARX's file virtualization,
although it uses slightly different technology.
D. No. Both technologies attempt to solve similar problems, but only the ARX allows the customer to
have visibility into their data and apply business policy at the file level. Block based virtualization
has no visibility into the type of data.

Answer: D

QUESTION 420
Select F5 platforms have which three certifications? (Choose three.)

A. FIPS
B. SECG
C. NEBS
D. IEEE
E. Common Criteria

Get Latest & Actual F5 101 Exam's Question and Answers from PassLeader. 109
https://www.passleader.com/
F. AFSSI

Answer: ACE

QUESTION 421
Which three of the following are some of the methods that F5 uses with its environmental stress
screening chamber? (Choose three.)

A. Varying the voltage from extreme high to extreme low.

B. Running a product 300 to 500 times on each cycle.
C. Repairing failed components until they function properly.
D. Alternate temperature from -5 degrees Celsius to 60 degrees Celsius.
E. Ensuring continual functioning through fire or flooding conditions.

Answer: ABD

QUESTION 422
The ARX can see ________ when a data modification takes place and will cue that file to be
migrated back to the primary tier.

A. In real time
B. Nightly
C. Weekly
D. At the time of a system scan
E. When scheduled by administrator

Answer: A

QUESTION 423
ARX can classify data based on all of the following EXCEPT:

A. Paths
B. File Size
C. Extensions
D. Security Level
E. File Name

Answer: D

QUESTION 424
For a typical business, what percentage of data does the ARX usually move to a secondary tier?

A. 20-30%
B. 50-60%
C. 80-90%
D. 0-10%

Answer: C

Get Latest & Actual F5 101 Exam's Question and Answers from PassLeader. 110
https://www.passleader.com/
QUESTION 425
It is common for free storage space to exist somewhere in a business network that is not easy for
storage administrators to utilize. What solution can the ARX provide in this situation?

A. The ARX identifies the exact location of the free storage, which allows network administrators to
target those locations when provisioning additional storage.
B. The ARX extends the capacity of each server by 10-15, through intelligent file virtualization.
C. The ARX uses the extra storage for transaction logs and index files.
D. The ARX allows the customer to pool storage from anywhere within the enterprise and capacity
balance the overflow across devices.

Answer: D

QUESTION 426
Which of the following does NOT describe network performance management?

A. Updating software on various devices

B. Seeing graphs in near real-time
C. Visibility into multiple network devices
D. Being alerted to an issue as it happens
E. Viewing virtual server statistics

Answer: A

QUESTION 427
What is the main business driver for bringing Enterprise Manager into the network infrastructure?

A. Consolidate management of administrator and user accounts

B. Consolidate management of licenses
C. Consolidate management of SSL certificates
D. Consolidate management of BIG-IP devices
E. Consolidate management of access policies

Answer: D

QUESTION 428
To function properly, an Enterprise Manager device is required within each data center.

A. True
B. False

Answer: B

QUESTION 429
Which two F5 platforms include specialized compression hardware? (Choose two.)

A. 4200
B. 3900

Get Latest & Actual F5 101 Exam's Question and Answers from PassLeader. 111
https://www.passleader.com/
C. 1600
D. 11050
E. 6900
F. 8900

Answer: EF

QUESTION 430
ARX will detect any modification to a file on the second tier because all clients are being _______
by the ARX to get to the storage.

A. Moved
B. Copied
C. Proxied
D. Backed up
E. Deleted

Answer: C

QUESTION 431
In the next few years, 75% of new storage capacity will shift to unstructured data (also known as
file data). Which two of the following are examples of unstructured data? (Choose two.)

A. CAD drawings
B. Location data in a GIS (geographic information system)
C. Customer records and product records in a CRM (customer relationship management) database
D. Microsoft Office and PDF documents

Answer: AD

QUESTION 432
The ARX saves customers time, money and frustration through a stub-based system that makes a
slight modification to each file in order to more efficiently sort and store end user data.

A. True
B. False

Answer: B

QUESTION 433
Which two of the following statements are accurate descriptions of the ARX index? (Choose two.)

A. The ARX index stores the bulk of its data as bit arrays and answers most questions by performing
bitwise logical operations on these bitmaps.
B. The ARX index contains the index keys in sorted order, with the leaf level of the index containing
the pointer to the page and the row number in the data page.
C. The ARX index is the key enabler of transparent data mobility because the ARX tracks where files
reside at all times, from creation through migration and deletion.
D. The ARX index is 100% disposable and can be rebuilt at any point in time without disrupting client

Get Latest & Actual F5 101 Exam's Question and Answers from PassLeader. 112
https://www.passleader.com/
or application access to data.

Answer: BD

QUESTION 434
To share device information with F5 technical support, a customer must either verbally share the
information over the phone or copy and send the information in an Email.

A. True
B. False

Answer: B

QUESTION 435
When installing LTM on different VIPRION performance blades, each instance of LTM needs to be
licensed separately.

A. True
B. False

Answer: B

QUESTION 436
The VIPRION provides hot-pluggable capabilities for which four of these types of hardware?
(Choose four.)

A. LCD displays
B. Fan trays
C. Memory
D. Power supplies
E. Performance blades
F. CompactFlash

Answer: BCDE
Explanation:
The VIPRION provides hot-pluggable capabilities for Fan trays, Memory, Power supplies, and
Performance blades

QUESTION 437
A customer wants the best possible throughput but only has a maximum of 3RU rack space. Which
F5 platform should you recommend?

A. BIG-IP 11050
B. VIPRION with only 1 performance blade
C. BIG-IP 8950
D. BIG-IP 8900
E. VIPRION with 4 performance blades

Answer: A

Get Latest & Actual F5 101 Exam's Question and Answers from PassLeader. 113
https://www.passleader.com/
QUESTION 438
Which of the following business benefits does storage tiering offer to customers?

A. Reduces time for backups because data on the secondary tier can have a less time intensive
backup policed applied to it.
B. All of the above.
C. Enables customers to apply a more aggressive RTO/RPO for business critical Tier-1 unstructured
data.
D. Reduces money spent on storage since the majority of data can be moved to less expensive
secondary tier storage.

Answer: B

QUESTION 439
An age-based policy is set up on the ARX that retains only data modified in the last 3 months on
tier 1 storage and moves the rest of the data to secondary storage. What happens when the end
user tries to access data that has not been touched in 6 months?

A. The end user is unaware that the data has been moved to secondary tier storage and is able to
access the data without difficulty.
B. The networking mapping window appears, allowing the end user to re-establish direct access to
the data even though it has been moved to secondary storage.
C. An error message appears saying "File is no longer unavailable."
D. A message appears explaining that the file has been archived, and a link to the new secondary
storage tier location is provided.

Answer: A

QUESTION 440
Although not all modules run on all platforms, each F5 hardware platform can run LTM plus at least
one additional software module.

A. True
B. False

Answer: A

QUESTION 441
The production version of BIG-IP Virtual Edition is limited to 200 Mbps throughput.

A. True
B. False

Answer: B
Explanation:
The production version of BIG-IP Virtual Edition can be at 25Mbps / 200Mbps / 1Gbps / or 5Gbps
throughput served and maybe higher in the next versions.

Get Latest & Actual F5 101 Exam's Question and Answers from PassLeader. 114
https://www.passleader.com/
QUESTION 442
What percentage of storage in a typical environment is actively used and modified?

A. 5%
B. 50%
C. 25%
D. 10%
E. 90%

Answer: D

QUESTION 443
________% of F5 products are sent through thorough software testing before being sold to
customers.

A. 100
B. 50
C. 60
D. 80

Answer: A

QUESTION 444
Which of these statements about a stream profile is false?

A. It is applied to an HTTP class profile.

B. It is not recommended for telnet traffic.
C. It can replace one data string for another for all traffic going through a virtual server.
D. It applies to both inbound and outbound traffic.
E. It will not inspect HTTP headers when an HTTP profile is present.

Answer: A

QUESTION 445
If LTM uses the round robin load balancing method, which pool member in the diagram above will
receive the next request?

Get Latest & Actual F5 101 Exam's Question and Answers from PassLeader. 115
https://www.passleader.com/
A. A
B. C
C. D
D. B

Answer: D
Explanation:
LTM uses the round robin load balancing method so after A will be B.

QUESTION 446
Basic F5 IP Geo location provides which four types of client information? (Choose four.)

A. State
B. Continent
C. Postal code
D. City
E. Carrier
F. Country

Answer: ABEF
Explanation:
State - Country - Continent - City
State - Country - Postal code - City
The BIG-IP system uses geo location software to identify the geographic location of a client or web
application user. The default IP geo location database provides IPv4 addresses at the continent,
country, state, ISP, and organization levels, and IPv6 addresses at the continent and country levels.
The database consists of the following files:
F5GeoIP.dat
F5GeoIPv6.dat
F5GeoIPISP.dat
F5GeoIPOrg.dat

QUESTION 447
All members of a pool must share the same service port?

Get Latest & Actual F5 101 Exam's Question and Answers from PassLeader. 116
https://www.passleader.com/
A. True
B. False

Answer: B

QUESTION 448
When using SNAT, which additional IP addresses will the BIG-IP system change? (Choose two.)

A. The source IP address on the client to BIG-IP request packet.

B. The source IP address on the BIG-IP to pool member request packet.
C. The destination IP address on the BIG-IP to pool member request packet.
D. The source IP address on the BIG-IP to client response packet.
E. The destination IP address on the BIG-IP to client response packet.
F. The destination IP address on the pool member to BIG-IP response packet.

Answer: BE

QUESTION 449
Which two of the following statements about how TMOS typically manages traffic between a client
and server are accurate? (Choose two.)

A. It changes the destination address before forwarding a request to the server.

B. It changes the destination address before sending a response to the client.
C. It changes the source address before sending a response to the client.
D. It changes the source address before forwarding a request to the server.

Answer: BD

QUESTION 450
What feature of the F5 Exchange solution helps administrators to streamline implementation for
added security and granular control?

A. iControl
B. Enterprise Manager
C. iApps
D. WebAccelerator

Answer: A

QUESTION 451
Select the key question you would use to ask your customer related to DNS attacks?

A. Do you over-provision your DNS infrastructure?

B. Do you regularly update BIND or some other DNS application to the latest release?
C. Do you rely on your network firewall to protect your DNS server?
D. How do you secure your DNS infrastructure against attacks?

Answer: D

Get Latest & Actual F5 101 Exam's Question and Answers from PassLeader. 117
https://www.passleader.com/
QUESTION 452
When a business is hacked, they often lose more than money. What are the other consequences
to a business as a result of being hacked? Select two.

A. Helpful third party reviews of the security needs of the customer's web applications.
B. Valuable free press that occurs as companies address hacking incidents.
C. Penalties related to non-compliance with laws and regulations.
D. Final resolution of all security vulnerabilities of the business' web applications.
E. Loss of customers when slow connections drive customers to competitor's site.

Answer: AD

QUESTION 453
Complete the statement below by choosing the correct word or phrase to complete the sentence.
By identifying IP addresses and security categories associated with malicious activity, the BIG-IP
_______ service can incorporate dynamic lists of threatening IP addresses into the BIG-IP platform,
adding context to policy decisions.

A. Edge Client
B. iRules
C. LTM
D. IP intelligence
E. iApps

Answer: D

QUESTION 454
Even though F5 is an application delivery controller, it can also effectively mitigate attacks directed
at the network layer.

A. True
B. False

Answer: A

QUESTION 455
Select the best word or phrase to complete the following sentence. Using the _______ feature in
GTM, F5's Application Delivery Firewall solution can handle a significantly higher number of queries
than traditional DNS servers.

A. DNS Express
B. BIND
C. Site availability request
D. Location-based routing

Answer: A

Get Latest & Actual F5 101 Exam's Question and Answers from PassLeader. 118
https://www.passleader.com/
QUESTION 456
If your customer has a policy requirement that cannot be handled in the Visual Policy Editor, what
would you use to supplement the Visual Policy Editor?

A. iApps
B. TMOS
C. iControl
D. iRules

Answer: D

QUESTION 457
Which aspect of F5's Intelligent Services Platform helps you extend your security conversation to
include F5professionals and customers?

A. Modular Functionality
B. iApps
C. TMOS
D. DevCentral

Answer: D

QUESTION 458
Why is BIG-IP ASM ideally suited to protect against layer 7 attacks, including HTTP and
HTTPS/SSL traffic, when compared to an intrusion prevention system (IPS)?

A. An intrusion prevention system (IPS) is based on Packet Filtering.

B. An IPS doesn't have the visibility into HTTPS traffic. it doesn't understand what applications are in
the network.
C. An IPS only focus on operating system attacks; it doesn't understand what application are in the
network.
D. An IPS can only look at overall traffic patterns; it doesn't understand what applications are in the
network.

Answer: D

QUESTION 459
The F5 Visual Policy Editor (VPE) is unique to the F5 BIG-IP APM module; no other access
management tool has this capability. Select the features that the VPE provides. Select two.

A. Develop customized reports on user access

B. Customize landing or login pages
C. Establish highly detailed policies based on customer business requirements
D. Configure authentication server objects
E. Perform multiple factors of authentication

Answer: CE

QUESTION 460

Get Latest & Actual F5 101 Exam's Question and Answers from PassLeader. 119
https://www.passleader.com/
The F5 Visual Policy Editor (VPE) is unique to the F5 BIG-IP APM module; no other access
management tool has this capability. Select the features that the VPE provides. Select two.

A. Determines antivirus patch levels

B. Customizes landing or login page
C. Provides vulnerability scanning
D. Checks operating system patch levels
E. Assigns a lease pool address

Answer: AD

QUESTION 461
Select the two best questions you would use to ask your customer about their current web access
management solution. Select two.

A. What impact are slow remote access connections having on productivity?

B. Are you using Google multi-factor authentication?
C. Is user authentication data sitting on partner systems outside your control?
D. Have you standardized on Androids or iPhones?
E. How are you planning to extend Exchange to your mobile users?
F. How do you think a global remote access deployment with integrated acceleration and availability
services might benefit your business?

Answer: AF

QUESTION 462
Data centers often rely on either traditional firewalls or next generation firewalls. Select the core
weakness of the traditional or next generation firewalls when it comes to DDoS attacks.

A. They are limited in amount of connections per second and the amount of sustained connections
they can handle
B. The cost performance ratio of next generation firewalls is too high.
C. The agility of traditional firewalls is too limited when it comes to DDoS attacks.
D. Data center traffic is primarily outbound.

Answer: A

QUESTION 463
Select the question you would ask your customer related to DNS attacks. Based on the material,
choose the most appropriate question.

A. How do you secure you DNS infrastructure against attacks?

B. Do you rely on your network firewall to protect you DNS server?
C. Do you over-provision your DNS infrastructure?
D. Do you regularly update BIND or some other DNS application to the latest release?

Answer: A

QUESTION 464

Get Latest & Actual F5 101 Exam's Question and Answers from PassLeader. 120
https://www.passleader.com/
Why does the F5 Application Delivery Firewall solution mitigate SSL attacks more effectively than
any other firewalls?

A. Because F5 has unlimited capacity to handle SSL traffic.

B. Because F5 has full visibility and control of SSL traffic.
C. Because F5 has a separate iApp to handle SSL traffic.
D. Because F5 supports large SSL key sizes.

Answer: B

QUESTION 465
The layer 3 security feature _______ Cookies that protects against SYN floods, DoS, and DDoS
attacks.
(Fill in)

Answer: include -or- contain

QUESTION 466
A _______ object maps a FQDN to virtual servers. (Fill in)

Answer: Wide IP

QUESTION 467
GTM uses the F5 ___________ protocol to synchronize performance metrics between GTM
devices.
(Fill in)

Answer: iQuery

QUESTION 468
LTM runs on________F5's proprietary product platform. (Fill in the correct answer)

Answer: TMOS

QUESTION 469
Drag and Drop Question

Place the following items in the order that the BIG-IP device uses when processing a packet.

Get Latest & Actual F5 101 Exam's Question and Answers from PassLeader. 121
https://www.passleader.com/
Answer:

Get Latest & Actual F5 101 Exam's Question and Answers from PassLeader. 122
https://www.passleader.com/
QUESTION 470
Drag and Drop Question

Match these terms with their description.

Answer:

QUESTION 471
Drag and Drop Question

Match the five elements of the intelligent file virtualization with the appropriate ARX feature:

Get Latest & Actual F5 101 Exam's Question and Answers from PassLeader. 123
https://www.passleader.com/
Answer:

Get Latest & Actual F5 101 Exam's Question and Answers from PassLeader. 124
https://www.passleader.com/
QUESTION 472
Drag and Drop Question

Match the security-related term with the correct definition.

1. Demilitarized zone (DMZ)

2. Denial of service (DoS)
3. DNS Express
4. DNS Security Extensions (DNSSEC)
5. Endpoint inspection

Get Latest & Actual F5 101 Exam's Question and Answers from PassLeader. 125
https://www.passleader.com/
Answer:

Get Latest & Actual F5 101 Exam's Question and Answers from PassLeader. 126
https://www.passleader.com/
QUESTION 473
Drag and Drop Question

Match the security-related term with the correct definition.

1. OWASP Top 10
2. Secure Socket Layer (SSL)
3. Bot
4. Certificate
5. Content scrubbing

Get Latest & Actual F5 101 Exam's Question and Answers from PassLeader. 127
https://www.passleader.com/
Answer:

Get Latest & Actual F5 101 Exam's Question and Answers from PassLeader. 128
https://www.passleader.com/
QUESTION 474
A BIO IP Administrator is troubleshooting a slow web application. A packet capture shows that
some of the packets coming from a window size of zero. A packet capture shows that som a window
size of zero.
What does this mean?

A. The client is trying to close the TCP connection

B. The server is trying to close the TCP connection
C. The server is temporary unable to receive any more data
D. The client is temporarily unable to receive any more data

Answer: C

QUESTION 475
Which device type in the topology will forward network packets without an OSI layer 3 address
assigned to a data plane interface?

Get Latest & Actual F5 101 Exam's Question and Answers from PassLeader. 129
https://www.passleader.com/
A. Router
B. Firewall
C. Application Server
D. Switch

Answer: D

QUESTION 476
An organization needs to cryptographically sign its domains.
Which F5 product provides this functionality?

A. GTM
B. LTM
C. ASM
D. APM

Answer: A

QUESTION 477
A BIG-IP administrator is interested in using some of the Vcmp.
What should impact the administrator's decision?

A. vCMP is available on all F5 hardware platforms.

B. vCMP is only available on the virtual edition
C. vCMP is hardware independent
D. vCMP is only available on certain F5 platforms

Answer: D

QUESTION 478
Which three security controls are used in an SSL transaction? (Choose three.)

A. symmetric encryption
B. network admission controls
C. asymmetric encryption

Get Latest & Actual F5 101 Exam's Question and Answers from PassLeader. 130
https://www.passleader.com/
D. digital certificates
E. database encryption

Answer: AD

QUESTION 479
An administrator needs to rapidly deter e newly discovered security threat to a remote desktop
application.
Which F5 feature provides this functionality?

A. iRules
B. SSL profiles
C. Proxy SSL
D. SPDY

Answer: A

QUESTION 480
In a fully proxy architecture, what is considered the client in the server-side communications?

A. the ADC
B. the switch
C. the server
D. the client workstation

Answer: A

QUESTION 481
A BIG IP administrator is testing a web server behind ADC. The connection to a Virtual Server is
successful but the page is still not loading. Where should the administrator test to determine if the
server is available?

A. from server-side interface in ADC.

B. from client side interface in ADC
C. from Workstation client
D. from switch connected to ADC and Server

Answer: A

QUESTION 482
In which scenario is a full proxy TCP connection required?

A. when SIP UP P load balancing is defined

B. when DNS load balancing is configured
C. when compression is enabled
D. when layer 3 load balancing is configured

Answer: C

Get Latest & Actual F5 101 Exam's Question and Answers from PassLeader. 131
https://www.passleader.com/
QUESTION 483
Which method should an administrator of the BIG-IP use to sync the configuration to only certain
other BIG-IPs?

A. synchronize only certain folders

B. exclude devices from certain Traffic Groups
C. exclude devices from certain Sync Groups
D. exclude devices from certain Device Groups

Answer: C

QUESTION 484
What is an advantage of a packet forwarding architecture?

A. allows for manipulation of HTTP headers

B. allows for SSL offload
C. reduces latency
D. handles larger packet sizes

Answer: C

QUESTION 485
Pool A has three members.
Why is the pool up?

A. Heaton monitoring is enabled on only one member

B. One member has a successful health monitor
C. Member status is determined by volume of traffic
D. There is no health monitoring

Answer: B

QUESTION 486
Which type of certificate is pre-installed in a web browser's trusted store?

A. Root Certificate
B. Server Certificate
C. Client Certificate
D. intermediate Certificate

Answer: A

Get Latest & Actual F5 101 Exam's Question and Answers from PassLeader. 132
https://www.passleader.com/
QUESTION 487
A BIG IP Administrator need to perform a packet capture and identify the source IP that is
connecting to the Virtual Server.
Which utility should the administrator use on the BIG IP device?

A. leinel
B. traceroute
C. ping
D. tcpdump

Answer: D

QUESTION 488
The administrator wants client request to be directed to the same pool member through the session
based on the client IP address.
Which persistence method should the administrator choose?

A. SSL persistence
B. destination address affinity persistence
C. cookie persistence
D. Source address affinity persistence

Answer: D

QUESTION 489
Which Transport Layer Security (TLS) extension can be used to enable a single virtual server to
serve multiple HTTPS websites in different can be used to enable a single virtual server to server
domains?

A. Session Tickets
B. OCSP Staping
C. Server Name indication
D. Certificate Status Request

Answer: C

QUESTION 490
What advantage does an active-standby configuration have over an active-active configurations?

A. Active-standby configuration allows for the backup of the peer configuration

B. Active-standby utilizes the hardware more efficiently
C. Active standby Uses significantly less power consumption than active-active
D. Active-standby is less complex to troubleshoot

Answer: D

QUESTION 491
In which scenario does the client act as a server?

Get Latest & Actual F5 101 Exam's Question and Answers from PassLeader. 133
https://www.passleader.com/
A. During an active FTP session
B. When an SMTP connection
C. During an SMTP connection
D. When browsing websites

Answer: A

QUESTION 492
A server is capable of handling more connections than other servers in the same pool.
Which load distribution method should the administrator choose?

A. Least Connections
B. Fastest
C. Ratio
D. Round Robin

Answer: C

QUESTION 493
Host A sends 10 TCP packets to Host B. All packets arrive at Host B quickly, but some arrive out
of order.
What will Host B do?

A. ACK only packets that are in order

B. drop all packets and wait for arrival in order
C. drop any packets that arrive out of order
D. ACK all packets and place them in order

Answer: D

QUESTION 494
Layer 2 mapping information is announced by an interface without receiving a request for the
mapping first.
Which term describes this event?

A. ICMP
B. STP
C. gratuitous ARP
D. ARP

Answer: C

QUESTION 495
An administrator deploys a site in which the load balancer only sees the ingress traffic from the
client.
All egress traffic from the server bypasses the load balancer.
Which type of solution is this?

A. packet forwarding architecture

Get Latest & Actual F5 101 Exam's Question and Answers from PassLeader. 134
https://www.passleader.com/
B. delayed binding
C. switching
D. Full proxy architecture

Answer: A

QUESTION 496
A client needs to learn if a web server supports POST Which HTTP method is used?

A. OPTIONS
B. TRACE
C. LIST
D. GET

Answer: A

QUESTION 497
In an active/standby high-availability mode, what causes a standby unit to assume the active role?

A. Hashed unit iD
B. management MAC address
C. resource utilization
D. heartbeat detection

Answer: D

QUESTION 498
In which scenario is a full proxy TCP connection required?

A. TCP routing
B. IPv4 lo IPv6 gateway
C. UDP routing
D. UDP to ICMP gateway

Answer: B

QUESTION 499
An Administrator enables HTTP keep alive.
How does this affect the network?

A. HTTP connections will remain open longer

B. Fewer TCP connections will need to be opened
C. HTTP connections will close when the keep-alive times out
D. More TCP connections will need to be opened

Answer: B

QUESTION 500

Get Latest & Actual F5 101 Exam's Question and Answers from PassLeader. 135
https://www.passleader.com/
A BIG-P Administrator needs to upload a qkview view to evaluate software upgrade options.
Which service should be used?

A. AskF5
B. iHeath
C. DevCentral
D. F5WedSubOon

Answer: B

QUESTION 501
An administrator needs to selectively compress HTTP traffic based on geographical location.
Which FS Feature should the administrator use?

A. One Connect
B. iRules
C. SPDY profile
D. iSessions

Answer: B

QUESTION 502
A company needs to use a custom value when making persistence decisions. Which F5 product
provides this functionality?

A. iControI
B. (Rules
C. lApps
D. (Health

Answer: B

QUESTION 503
HTTP pool attached to a Virtual Server has three members Pool member.

- A default HTTP monitor in red

- Pool member 6 custom HTTP monitor in green
- Pool member C does not monitor

Which pool members participate in the load balancing?

A. Pool members A and C

B. Pool members A B and C
C. Pool members B and C
D. Pool members A and B

Answer: C

QUESTION 504

Get Latest & Actual F5 101 Exam's Question and Answers from PassLeader. 136
https://www.passleader.com/
HTTPs traffic is not working properly.
What is the likely reason for the issue?

A. 0. 0 0.0 0 is an invalid address in netstat.

B. 0. 0. 0. 0.0 80 should be in an active stale
C. The server is not listening on TCP 443
D. The server is not listening on UDP 80

Answer: C

QUESTION 505
A BIG IP Administrator reviews the Virtual Server configuration and sees the object status
represented by a blue square tor an unknown status.
How should the administrator change the unknown status?

A. restart the BIG-IP device

B. assign a monitor to the pool
C. restart the backend webserver
D. run a packet capture on the BIG-IP device

Answer: B

QUESTION 506
Which HTTP response code is returned when a web server requires authentication to access a
resource?

A. 500
B. 401
C. 302
D. 100

Answer: B

QUESTION 507
An administrator needs to load balance connections to the application server with the lowest
number of.
Which load balancing method meets these requirements?

Get Latest & Actual F5 101 Exam's Question and Answers from PassLeader. 137
https://www.passleader.com/
A. Least Sessions
B. Ratio Least Connections (member)
C. Least Connections (member)
D. Least Connections (node)

Answer: D

QUESTION 508
An administrator connects two devices using an Ethernet cable. The link fails to come up on either
device, which setting could prevent the link from being established?

A. Proxy settings
B. IP configuration
C. Link speed
D. DNS resolvers

Answer: C

QUESTION 509
If there are multiple applications authenticated against a single identity store, which technology
solution will simplify access to all applications?

A. RADIUS
B. single sign on
C. multifactor authentication
D. LDAP

Answer: B

QUESTION 510
What is the correct procedure to comply with the recommendation?

A. Download the product version image from ihealth f5 com

B. Download the product version image from support 6 com
C. Download the product version image from dovcentral f5.com
D. Download the product version image from downloads f5.com

Answer: D

QUESTION 511
An administrator needs to protect a web application from cross-site scripting (CSS) exploits. Which
F5 protocol provide this functionality?

Get Latest & Actual F5 101 Exam's Question and Answers from PassLeader. 138
https://www.passleader.com/
A. ASM
B. APM
C. AFM
D. GTM

Answer: A

QUESTION 512
The use of attack signature within an intrusion Detection System (IDS) is an application of which
security model?

A. Positive
B. Context-based
C. Negative
D. Role-based

Answer: C

QUESTION 513
in which scenario is a full proxy TCP connection required?

A. when compression is actuated

B. When Source NAT configured
C. when a virtual server is configured
D. When Source IP persistence is required

Answer: A

QUESTION 514
A Network Administrator needs a new networking device can perform NAT to connect several
devices on a computer network.
What is the most appropriate device for this requirement?

A. Switch
B. Router
C. Bridges
D. Hub

Answer: B

QUESTION 515
Which protocol data unit (PDU) is associated with the OSI model's Transport layer?

A. Segment
B. Datagram
C. Packet
D. Bit

Get Latest & Actual F5 101 Exam's Question and Answers from PassLeader. 139
https://www.passleader.com/
Answer: A

QUESTION 516
What is used to establish trust relationships between BIG-IP devices?

A. trust ID
B. device group identification
C. certificate-based authentication
D. unit IDs

Answer: C

QUESTION 517
An administrator needs a data a format that is support authentication against an external security
domain. The data format must format support SSO. Which data format should the administrator
choose?

A. AAA
B. Kerberos
C. SAML
D. EAP

Answer: C

QUESTION 518
What should a BIGIP Administrator configure to provide remote access and ensure data privacy?

A. Security policy
B. Packet filter
C. VPN
D. GRE

Answer: C

QUESTION 519
An administrator needs to allow secure access to application within the corporate data center for
remote office, branch office and mobile employees.
Which F5 product provides this functionally?

A. APM
B. ASM
C. GTM
D. AFM

Answer: A

QUESTION 520
What should a BIG-IP Administrator configure to minimize impact during a failure?

Get Latest & Actual F5 101 Exam's Question and Answers from PassLeader. 140
https://www.passleader.com/
A. MAC masquerading
B. Clone pool
C. External monitors
D. One Connect profile

Answer: A

QUESTION 521
What describes the third `'A'' in the common authentication acronym AAA?

A. provides redundancy
B. measures usage against an identity
C. provides user filtered access
D. ensures the correct identity

Answer: C

QUESTION 522
Which security mode. functions by defining what traffic is allowed and rejecting all other traffic?

A. context-based access control mode!

B. role-based access control mode!
C. negative security model
D. positive security model

Answer: D

QUESTION 523
In 200 db8 IPv6 address block is allocated to a load balancer for use as virtual server addresses.
The address block balancer set ip address using a static route.
What is the representation for the last address in the address block that a virtual server can use?

A. 2001 db8 :: ffff, ffff, ffff, ffff

B. 2001 db8::
C. 2001 db8 :: 255
D. 2001 db8 ffff, ffff, ffff, ffff

Answer: D

QUESTION 524
Which of the following would happen?

Get Latest & Actual F5 101 Exam's Question and Answers from PassLeader. 141
https://www.passleader.com/
A. The PC sends a DNS query for 172.17.10.1
B. The PC sends an ARP looking for the MAC address of 172.17.10.4
C. The PC sends an ARP looking for the MAC address of 172.17.10.1
D. The PC sends a DNS query for 172.17.10.4

Answer: B

QUESTION 525
A device needs to decrypt traffic and send unencrypted traffic to the web server.
Which method should the BIG-IP Administrator use?

A. SSL Optimization
B. SSL Caching
C. SSL Termination
D. SSL Bridging

Answer: C

QUESTION 526
A company deploys F5 load balancers to manage number of secure applications. The company
needs to centrally manage certificates.
Which F5 product provides this functionality?

A. BIG IQ
B. GTW
C. iHeath
D. LTM

Answer: A

QUESTION 527
Which service should be configured to allow BIG-IP devices to be externally monitored?

A. SSHD
B. TMSH
C. SMTP
D. SNMP

Answer: D

Get Latest & Actual F5 101 Exam's Question and Answers from PassLeader. 142
https://www.passleader.com/
QUESTION 528
In which FTP mode is the serve, responsible for initiating the data correction back to the client?

A. Protected FTP
B. Active FTP
C. Secure FTP
D. Passive FTP

Answer: B

QUESTION 529
What should the BIG-IP Administrator configure to perform SSL offloading when the certificate is
already imported on the BIG-IP device?

A. HTTP profile using client SSL profile

B. Virtual server using client SSL profile configured to use the certificate
C. Virtual server using server SSL profile configured to use the certificate
D. HTTP profile using server SSL profile

Answer: B

QUESTION 530
In which scenario is a packet forwarding architecture required?

A. when HTTP header must be modified

B. when cookie persistency is demanded
C. when the server responds directly to the client
D. when the number of TCP connections on the server should be reduced

Answer: C

QUESTION 531
What is used to resolve IP address to MAC address mappings?

A. DHCP
B. ARP
C. DNS
D. ICMP

Answer: B

QUESTION 532
Which high availability feature allows two different BIG-IP devices to use the MAC address for the
same server IP?

A. HSRP virtual MAC address

B. Device group
C. Sync- failover
D. MAC masquerade

Get Latest & Actual F5 101 Exam's Question and Answers from PassLeader. 143
https://www.passleader.com/
Answer: D

QUESTION 533
A BIG-IP Administrator is trying to send traffic to a server on the same subnet and sees an
incomplete in the BIG-IP devices ARP table.
What could cause the incomplete status?

A. BIG-IP device connection is half-duplex

B. Router does not have a default gateway
C. Firewall is blocking ICMP
D. Server's switch connection is in the wrong VLAN

Answer: D

QUESTION 534
An administrator is currently designing the IP addressing scheme for a small company.
They have been asked to use the 192.168.100.x block of addresses with a /27 network prefix.
How many networks and hosts per network will be available when using the 27-bit network prefix?

A. 255 networks each with 224 hosts

B. 30 networks each with 8 hosts
C. 8 networks each with 30 hosts
D. 27 networks each with 30 hosts

Answer: C

QUESTION 535
End users report widespread issues accessing multiple network resources.
What tool should the BIG IP Administrator use to view the status of all virtual servers and associated
resources in one place?

A. Pool statistics
B. Network Map
C. System performance
D. Virtual server statistics

Answer: B

QUESTION 536
In a load balanced scenario which service would require persistence to function correctly?

A. Simple Mail Transport Protocol

B. DNS
C. Web-based email
D. HTTP

Answer: C

Get Latest & Actual F5 101 Exam's Question and Answers from PassLeader. 144
https://www.passleader.com/
QUESTION 537
ICMP is used by which command line tool?

A. curt
B. tcpdump
C. traceroute
D. nslookup

Answer: C

QUESTION 538
A load balancing decision needs to be made based on custom a.
What is the most appropriate F5 feature or this purpose?

A. iApps
B. Scale
C. iControl
D. iRules

Answer: D

QUESTION 539
What does HTTP status code 500 mean?

A. Service unavailable
B. Internal server error
C. Gateway timeout
D. Had gateway

Answer: B

QUESTION 540
In the context of load balancing, what does the term persistence refer to?

A. Ensuring requests from a single source always end up being handled by the same server.
B. the ability to associate different HTTP requests to a single user so that activity can be tracked.
C. Keeping TLS session key information in memory so sessions can be quickly resumed
D. the ability to keep idle connections open as long as possible by sending dummy traffic
periodically

Answer: A

QUESTION 541
Which HTTP response code indicates an OK status?

A. 302
B. 404
C. 200

Get Latest & Actual F5 101 Exam's Question and Answers from PassLeader. 145
https://www.passleader.com/
D. 100

Answer: C

QUESTION 542
After all expected HTTP data has been sent from a server to a client, the client does not close
connection. The server reaps the connection, but after that the client sends a 'Keep alive' packet
to the server.
Which type of packet will the server respond with?

A. FiN
B. RST
C. ACK
D. SYN

Answer: B

QUESTION 543
When using LDAP for authentication, what is the purpose of the base ON?

A. the search context starting point

B. the directory's simple name
C. the base attribute in an LDAP directory
D. the fundamental naming convention

Answer: A

QUESTION 544
A website is using source address persistence with a 30 second timeout. A client is idle for 35
seconds. What happens to their connection?

A. The client receives a "404 Page Not Found'" error

B. The client connection is dropped
C. The client remains on the same server
D. The Client request is load balanced

Answer: D

QUESTION 545
Which FTP mode should be used by a client behind a firewall that has no special configurator?

A. Passive FTP
B. Secure FTP
C. Active FTP
D. Protected FTP

Answer: A

Get Latest & Actual F5 101 Exam's Question and Answers from PassLeader. 146
https://www.passleader.com/
QUESTION 546
Client A from the 192.162.168.0/24 network wants to send a Ping to Client B on 10.10.10.0/24.

- The Default Gateway from Client A is 192.168.0.1

- The MAC Address of Client A is 00:11:11:11:11
- The MAC Address of client B is 00:22:22:22:22
- The MAC Address of Default Gateway is 00:33:33:33:33

What is the destination MAC Address of the ping packet when it leaves client A interface card?

A. 00:11:11:11:11
B. f1: f1:f1:f1:f1
C. 00:33:33:33:33
D. 00:22:22:22:22

Answer: C

QUESTION 547
What does the HTTP status code 404 mean?

A. Not Acceptable
B. Forbidden
C. Request Timeout
D. Not found

Answer: D

QUESTION 548
An administrator needs a remote VPN solution for corporate users. The existing network
infrastructure has web-based services.
The administrator needs to select the VPN that is the least complicated to deploy.
Which VPN solution should the administrator choose?

A. IPSec
B. L2TP
C. SSL
D. PPTP

Answer: A

QUESTION 549
in which scenario is a full proxy TCP connection required?

A. when IP Anycastmg is enabled

B. when routing is enabled
C. when the number of TCP connections to the server must be optimized
D. when the client TCP connections options must be sent to the server

Answer: C

Get Latest & Actual F5 101 Exam's Question and Answers from PassLeader. 147
https://www.passleader.com/
QUESTION 550
A BIG IP administrator recently reset statistics for interfaces 1.1 and 1.2. The administrator notices
that traffic appears on a data plane interface without receiving any client requests. All nodes and
pools have monitoring enabled, and all routes are locally defined on the device.
All management traffic is sent over the mgmt interface. What is the nature of this traffic?

A. SNMP polling and traps

B. Hearth checks for nodes and pool members
C. Dynamic routing protocols
D. TCP Keepalives for nodes and pool me

Answer: B

QUESTION 551
A BIG IP Administrator wants to add a new VLAN (VLAN 40) to an LACP trunk (named LACP01)
connected to the BIG-IP device Mufti VLANS exist on LACPO1.
Which TMSH command should the BIG IP Administrator issue to add the new VLAN to the existing
LACP trunk?

A. create net vlan VLAN40 (interfaces add (LACP01 {lagged)) tag 40}
B. create net vlan VLAN40 {interfaces replace-all-with {LACP01{tagged}} tag 40}
C. create net vlan VLAN40 interfaces replace all with {LACP01 {untagged)} tag 40}
D. create net vlan VLAN40 {interfaces add {LACP01 {untagged}} tag 40}

Answer: B

QUESTION 552
Which protocol could be used to provide AAA Accounting?

A. karberos
B. SAML
C. DIAMETER
D. LDAP

Answer: C

QUESTION 553
What is an advantage of packet forwarding architecture?

A. allows for SSL offload

B. reduces latency
C. allows for manipulation of HTTP headers
D. handles larger packet sizes

Answer: B

QUESTION 554
ARP provides translation between which two address types?

Get Latest & Actual F5 101 Exam's Question and Answers from PassLeader. 148
https://www.passleader.com/
A. IP addresses and hardware addresses
B. Hardware addresses and VLAN
C. VLAN and IP addresses
D. Hostnames and IP addresses

Answer: A

QUESTION 555
What are three functions commonly performed by HTTP cookies? (Choose three)

A. Track users' browsing activities

B. hold User preferences
C. maintain session state
D. execute client side scripts
E. execute server side scripts

Answer: ABC

QUESTION 556
A new web server VLAN has been created and the IP address 10.1.1.1/24 has been assigned to
the BIG IP device. The BIG IP Administrator needs to create the new Self IP and prevent
administrator access to the BIG-IP device from the newly created network.
Which TMSH command should be used?

A. create /net self internal address 10 1.1.1/24 vlan VLAN 10 allow service none.
B. add 'net self internal address 10.1.1.1/24 vlan VLAN 10 allow-service none
C. create /net self internal address 10.1.1.1/24 vlan VLAN 10 allow service default
D. add /net self internal address 10.1.1.1 mask 265. 255. 2550 vlan VLAN 10 allow

Answer: A

QUESTION 557
Which protocol data unit (PDU) is associated with the OSI model Network layer?

A. Frame
B. Packet
C. Segment
D. Bit

Answer: B

QUESTION 558
VLAN test-vlan" is configured on interface 1.1 instead of interface 1.2.
Which TMSH command should be used to correct this issue?

A. modify /net test vlan interfaces {1.2}

B. modify /net test-vlan interfaces replace all with {1.2}
C. modify /net vlan test-vlan interfaces replace all with {1.2}

Get Latest & Actual F5 101 Exam's Question and Answers from PassLeader. 149
https://www.passleader.com/
D. modify /net sian test-vlan interfaces {1.2}

Answer: C

QUESTION 559
A BIG IP virtual Server with an IP address of 10.100.43.108 must be available to public internet
users.
Which technology should be used to achieve this task?

A. NDP
B. DNS
C. NAT
D. ARP

Answer: C
Explanation:
10 x.x.x/8 is an RFC 1918 reserved private IP address. It must be NATted from a publicly accessible
IP for access from the internet

QUESTION 560
What is used to provide mutual authentication for TLS/SSL?

A. X.509 Certificate
B. Access List
C. Shared Secret key
D. Mutually Trusted issuer

Answer: A

Get Latest & Actual F5 101 Exam's Question and Answers from PassLeader. 150
https://www.passleader.com/

Show Answer
No ratings yet
Show Answer
23 pages
Exam F5 101 QyA Pass4sure
100% (1)
Exam F5 101 QyA Pass4sure
94 pages
F5 101 V12.35
100% (2)
F5 101 V12.35
93 pages
Show Answer
No ratings yet
Show Answer
71 pages
F5 Exam Prep: Key Concepts
No ratings yet
F5 Exam Prep: Key Concepts
66 pages
f5 101 Latest
100% (1)
f5 101 Latest
157 pages
Works - Certforall.201.dumps.2022 Nov 06.by - Harlan.86q.vce
No ratings yet
Works - Certforall.201.dumps.2022 Nov 06.by - Harlan.86q.vce
22 pages
F5 101 Test Notes
No ratings yet
F5 101 Test Notes
103 pages
f5-101 New
100% (1)
f5-101 New
16 pages
Ederic 186q Vce
No ratings yet
Ederic 186q Vce
12 pages
F5 101 - App Delivery Fundamentals Exam Study Guide
No ratings yet
F5 101 - App Delivery Fundamentals Exam Study Guide
2 pages
F5 Passcertification 301b v2021!04!28 by Omar 125q
No ratings yet
F5 Passcertification 301b v2021!04!28 by Omar 125q
115 pages
F5 Pass4sureexam 101 v2019!02!20 by Donald 250q
No ratings yet
F5 Pass4sureexam 101 v2019!02!20 by Donald 250q
118 pages
f5 101 Study Notes
100% (1)
f5 101 Study Notes
7 pages
Tcpdump f5 Command
No ratings yet
Tcpdump f5 Command
2 pages
F5-101 - 29 May 2020
No ratings yet
F5-101 - 29 May 2020
157 pages
F5 201 v13.1 Certification Prep V3a - Active Links - No Notes
100% (3)
F5 201 v13.1 Certification Prep V3a - Active Links - No Notes
273 pages
F5 Networks 301a - LTM Specialist: Architect, Set-Up & Deploy Study Guide Version 1 - TMOS 11.2
No ratings yet
F5 Networks 301a - LTM Specialist: Architect, Set-Up & Deploy Study Guide Version 1 - TMOS 11.2
230 pages
Guide To IRules
100% (2)
Guide To IRules
52 pages
BIG-IP LTM Fundamentals Guide
No ratings yet
BIG-IP LTM Fundamentals Guide
115 pages
F 5201 Study Guide Flash Card
No ratings yet
F 5201 Study Guide Flash Card
10 pages
F5 LTM Specialist 301a Dumps Questions V8.02 DumpsBase PDF
0% (1)
F5 LTM Specialist 301a Dumps Questions V8.02 DumpsBase PDF
21 pages
F5 101 Application Delivery Exam Guide
100% (1)
F5 101 Application Delivery Exam Guide
86 pages
F5 BIG-IP LTM Essentials WBT Lab Guide v11
40% (5)
F5 BIG-IP LTM Essentials WBT Lab Guide v11
105 pages
F5 Application Delivery Exam Guide
100% (1)
F5 Application Delivery Exam Guide
48 pages
F5 Command
100% (1)
F5 Command
3 pages
F5 Virtual Server Troubleshooting Guide
No ratings yet
F5 Virtual Server Troubleshooting Guide
31 pages
F5 301b Certification Prep
100% (1)
F5 301b Certification Prep
42 pages
Untitled
No ratings yet
Untitled
730 pages
f5 Asm Operations Guide
100% (1)
f5 Asm Operations Guide
181 pages
BIG-IP LTM Setup & Management Guide
No ratings yet
BIG-IP LTM Setup & Management Guide
13 pages
F5-101-Master-Cheat-Sheet Yo
No ratings yet
F5-101-Master-Cheat-Sheet Yo
13 pages
F5 LTM Troubleshooting Guide
No ratings yet
F5 LTM Troubleshooting Guide
15 pages
2.01 - Identify General Meanings of HTTP Error Codes
No ratings yet
2.01 - Identify General Meanings of HTTP Error Codes
20 pages
PCNSE
100% (1)
PCNSE
658 pages
F5 Certification Prep Planning To Succeed
100% (1)
F5 Certification Prep Planning To Succeed
29 pages
F5 201 - Study Guide - TMOS Administration r2
No ratings yet
F5 201 - Study Guide - TMOS Administration r2
108 pages
AskF5 - Manual Chapter - About Virtual Servers PDF
No ratings yet
AskF5 - Manual Chapter - About Virtual Servers PDF
10 pages
300-410 Exam - Free Actual Q&as, Page 11 - ExamTopics
50% (2)
300-410 Exam - Free Actual Q&as, Page 11 - ExamTopics
36 pages
Application Delivery Fundamentals: F5 101 Version Demo
No ratings yet
Application Delivery Fundamentals: F5 101 Version Demo
12 pages
F5 BIG IP LTM 301A 301B Key Notes Feb 2023 1677506622
No ratings yet
F5 BIG IP LTM 301A 301B Key Notes Feb 2023 1677506622
63 pages
F5
No ratings yet
F5
10 pages
F5 BIG-IP 201 Lab Guide 2018
No ratings yet
F5 BIG-IP 201 Lab Guide 2018
43 pages
Nexus Basic Interview Questions
No ratings yet
Nexus Basic Interview Questions
3 pages
303 V12.35
No ratings yet
303 V12.35
237 pages
301a Demo
No ratings yet
301a Demo
8 pages
100 F5 Interview Questions
No ratings yet
100 F5 Interview Questions
9 pages
F5 201 v13.1 Certification Prep V3a - With Slide Notes
No ratings yet
F5 201 v13.1 Certification Prep V3a - With Slide Notes
280 pages
F5 Networks TMOS Administration Study Guide
No ratings yet
F5 Networks TMOS Administration Study Guide
729 pages
F5-ASM (303) - Exam Key Notes 1
No ratings yet
F5-ASM (303) - Exam Key Notes 1
57 pages
f5 LTM DNS Operations Guide
No ratings yet
f5 LTM DNS Operations Guide
131 pages
SSL Intercept F5
No ratings yet
SSL Intercept F5
58 pages
F5-Networks: BIG-IP Administrator
No ratings yet
F5-Networks: BIG-IP Administrator
6 pages
Exam 201: Title: BIG-IP Administrator Exam
No ratings yet
Exam 201: Title: BIG-IP Administrator Exam
88 pages
F5 Testking 101 v2015-04-03 by Lorene 172q
No ratings yet
F5 Testking 101 v2015-04-03 by Lorene 172q
53 pages
Exam Code: Exam Name: Certification Provider: Free Question Number: # of Views: # of Questions Views
No ratings yet
Exam Code: Exam Name: Certification Provider: Free Question Number: # of Views: # of Questions Views
22 pages
BIG-IP Admin Exam Prep Guide
No ratings yet
BIG-IP Admin Exam Prep Guide
28 pages
Prepking F50-522 Exam Questions
No ratings yet
Prepking F50-522 Exam Questions
11 pages
F5-Networks: Exam Questions 101
No ratings yet
F5-Networks: Exam Questions 101
13 pages
F5 - 101 - New Dump 60 - 3
No ratings yet
F5 - 101 - New Dump 60 - 3
87 pages
FGT 02 Logging and Monitoring
No ratings yet
FGT 02 Logging and Monitoring
47 pages
FGT 04 Fsso
No ratings yet
FGT 04 Fsso
34 pages
R80 Student Manual + OCR
100% (1)
R80 Student Manual + OCR
256 pages
The Official Comptia Cysa+ Student Guide (Exam Cs0-002)
100% (7)
The Official Comptia Cysa+ Student Guide (Exam Cs0-002)
675 pages
Configuration - Administration BIG-IP LTM - LAB GUIDE (DriveIT Techlab)
No ratings yet
Configuration - Administration BIG-IP LTM - LAB GUIDE (DriveIT Techlab)
77 pages
Aruba Design Fundamentals Lab Guide With Covers Rev 19.41
No ratings yet
Aruba Design Fundamentals Lab Guide With Covers Rev 19.41
114 pages
PHP Chap-1 Notes
No ratings yet
PHP Chap-1 Notes
28 pages
Iot Based Air Conditioner Control Using Temperature and Humidity Information
No ratings yet
Iot Based Air Conditioner Control Using Temperature and Humidity Information
39 pages
ZK SOAP SDK Manual
No ratings yet
ZK SOAP SDK Manual
10 pages
Rastreadores de Utorren
No ratings yet
Rastreadores de Utorren
121 pages
Memo Payload Axis XL
100% (1)
Memo Payload Axis XL
3 pages
Convert Optical Mouse Into Arduino Web Camera
100% (4)
Convert Optical Mouse Into Arduino Web Camera
8 pages
Tech Talk Fastapi
100% (1)
Tech Talk Fastapi
11 pages
Pastebin THNIC PDF
0% (1)
Pastebin THNIC PDF
28 pages
77-005666 Landslide 16.8 Release Notes RevA
No ratings yet
77-005666 Landslide 16.8 Release Notes RevA
23 pages
Apache HTTPServer LunaHSM IntegrationGuide RevJ
No ratings yet
Apache HTTPServer LunaHSM IntegrationGuide RevJ
24 pages
Field Advisor Specifications - R110, R100
No ratings yet
Field Advisor Specifications - R110, R100
12 pages
APCS Slide Deck V18.6.1
No ratings yet
APCS Slide Deck V18.6.1
220 pages
Vdocuments - MX - SGL Calling Watson From RPG Scott Klement Watson Docs Use Curl Docs Are
No ratings yet
Vdocuments - MX - SGL Calling Watson From RPG Scott Klement Watson Docs Use Curl Docs Are
28 pages
Dokumen - Tips Siwes It Report On Web Design
100% (3)
Dokumen - Tips Siwes It Report On Web Design
54 pages
Internet & WWW Overview
No ratings yet
Internet & WWW Overview
56 pages
Tutorial Creating An OData Service Based On SAP Gateway
No ratings yet
Tutorial Creating An OData Service Based On SAP Gateway
22 pages
Ad Tagging PDF
No ratings yet
Ad Tagging PDF
81 pages
Email Systems & Authentication FAQ
No ratings yet
Email Systems & Authentication FAQ
30 pages
Epson Fiscal Driver Spec 3.0.1
No ratings yet
Epson Fiscal Driver Spec 3.0.1
21 pages
Report
No ratings yet
Report
17 pages
HTTP: Stephan Benjamin Helmy:Wireshark Lab1
No ratings yet
HTTP: Stephan Benjamin Helmy:Wireshark Lab1
8 pages
BMC Network Automation Integration Guide For Entuity Eye of The Storm
No ratings yet
BMC Network Automation Integration Guide For Entuity Eye of The Storm
40 pages
Oracle WebLogic Admin Exam Prep
No ratings yet
Oracle WebLogic Admin Exam Prep
22 pages
RESTful Basics for Developers
No ratings yet
RESTful Basics for Developers
8 pages
(Jan-2023) New PassLeader NSE4 - FGT-7.2 Exam Dumps
No ratings yet
(Jan-2023) New PassLeader NSE4 - FGT-7.2 Exam Dumps
8 pages
Splunk SOC Basics & APT Scenario
No ratings yet
Splunk SOC Basics & APT Scenario
16 pages
From REST to gRPC: API Evolution
No ratings yet
From REST to gRPC: API Evolution
72 pages
DOTWconnect API - Version 4
No ratings yet
DOTWconnect API - Version 4
425 pages
SpecLab Manual
No ratings yet
SpecLab Manual
294 pages
Computer Mcqs For NTS Test
80% (5)
Computer Mcqs For NTS Test
6 pages