An LTM Specialist is running the following packet capture on an LTM device:
ssldump -Aed -ni vlan301 'port 443'
Which two SSL record message details will the ssldump utility display by default? (Choose two.)
A. HTTP Version
B. User-Agent
C. ClientHello
D. ServerHello
E. Issuer
An LTM device pool has suddenly been marked down by a monitor. The pool consists of members 10.0.1.1:443 and 10.0.1.2:443 and are verified to be listening. The affected virtual server is 10.0.0.1:80.
Which two tools should the LTM Specialist use to troubleshoot the associated HTTPS pool monitor via the command line interface? (Choose two.)
A. curl
B. telnet
C. ssldump
D. tcpdump
An LTM Specialist needs to modify the logging level for tcpdump execution events. Checking the BigDB Key, the following is currently configured:
sys db log.tcpdump.level {
value "Notice"
}
Which command should the LTM Specialist execute on the LTM device to change the logging level to informational?
A. tmsh set /sys db log.tcpdump.level value informational
B. tmsh set /sys db log.tcpdump.level status informational
C. tmsh modify /sys db log.tcpdump.level value informational
D. tmsh modify /sys db log.tcpdump.level status informational
An application is configured on an LTM device:
Virtual server: 10.0.0.1:80 (VLAN vlan301)
SNAT IP: 10.0.0.1
Pool members: 10.0.1.1:8080, 10.0.1.2:8080, 10.0.1.3:8080 (VLAN vlan302)
Which packet capture should the LTM Specialist perform on the LTM device command line interface to capture only client traffic specifically for this virtual server?
A. tcpdump -ni 0.0:nnn -s 0 'host 10.0.0.1' -w /var/tmp/trace.cap
B. tcpdump -ni vlan301 -s 0 'port 80 and host 10.0.0.1' -w /var/tmp/trace.cap
C. tcpdump -ni vlan301 -s 0 'port 8080 and host 10.0.1.1 or host 10.0.1.2 or host 10.0.1.3' -w /var/tmp/trace.cap
D. tcpdump -ni vlan302 -s 0 'port 8080 and host 10.0.1.1 or host 10.0.1.2 or host 10.0.1.3' -w /var/tmp/trace.cap
E. tcpdump -ni 0.0:nnn -s 0 '(port 80 and host 10.0.0.1) or (port 8080 and host 10.0.1.1 or host 10.0.1.2 or host 10.0.1.3)' -w /var/tmp/trace.cap
A new VLAN vlan301 has been configured on a highly available LTM device in partition ApplicationA. A new directly connected backend server has been placed on vlan301. However, there are connectivity issues pinging the default gateway. The VLAN self IPs configured on the LTM devices are 192.168.0.251 and 192.168.0.252 with floating IP 192.168.0.253. The LTM Specialist needs to perform a packet capture to assist with troubleshooting the connectivity.
Which command should the LTM Specialist execute on the LTM device command line interface to capture the attempted pings to the LTM device default gateway on VLAN vlan301?
A. tcpdump -ni /ApplicationA/vlan301 'host 192.168.0.253'
B. tcpdump -ni vlan301 'host 192.168.0.253'
C. tcpdump -ni /ApplicationA/vlan301 'host 192.168.0.251 or host 192.168.0.252'
D. tcpdump -ni vlan301 'host 192.168.0.251 or host 192.168.0.252'
An LTM Specialist must perform a packet capture on a virtual server with an applied standard FastL4 profile. The virtual server 10.0.0.1:443 resides on vlan301.
Which steps should the LTM Specialist take to capture the data payload successfully while ensuring no other virtual servers are affected?
A. The standard FastL4 profile should have PVA acceleration disabled. Then the packet capture tcpdump -ni vlan301 should be executed on the command line interface.
B. The packet capture tcpdump -ni vlan301 should be executed on the command line interface. There is no need to change profiles or PVA acceleration.
C. A new FastL4 profile should be created and applied to the virtual server with PVA acceleration disabled. Then the packet capture tcpdump -ni vlan301 should be executed on the command line interface.
D. The LTM device is under light load. The traffic should be mirrored to a dedicated sniffing device. On the sniffing device, the packet capture tcpdump -ni vlan301 should be executed.
An LTM Specialist has just captured trace /var/tmp/trace.cap for site www.example.com while listening on virtual address 10.0.0.1:443 configured on partition ApplicationA. The data payload being captured is SSL encrypted.
Which command should the LTM Specialist execute to decrypt the data payload?
A. ssldump -Aed -nr /var/tmp/trace.cap -k /config/filestore/files_d/Common_d/certificate_d/:Common:www.example.com.crt_1
B. ssldump -Aed -nr /var/tmp/trace.cap -k /config/filestore/files_d/Common_d/certificate_key_d/:Common:www.example.com.key_1
C. ssldump -Aed -nr /var/tmp/trace.cap -k /config/filestore/files_d/ApplicationA_d/certificate_d/:ApplicationA:www.example.com.crt_1
D. ssldump -Aed -nr /var/tmp/trace.cap -k /config/filestore/files_d/ApplicationA_d/certificate_key_d/:ApplicationA:www.example.com.ke y_1
There is a fault with an LTM device load balanced trading application that resides on directly connected VLAN vlan-301. The application virtual server is 10.0.0.1:80 with trading application backend servers on subnet 192.168.0.0/25. The LTM Specialist wants to save a packet capture with complete payload for external analysis.
Which command should the LTM Specialist execute on the LTM device command line interface?
A. tcpdump -vvv -w /var/tmp/trace.cap 'net 192.168.0.0/25'
B. tcpdump -vvv -s 0 -w /var/tmp/trace.cap 'net 192.168.0.0/25'
C. tcpdump -vvv -nni vlan-301 -w /var/tmp/trace.cap 'net 192.168.0.0/25'
D. tcpdump -vvv -s 0 -nni vlan-301 -w /var/tmp/trace.cap 'net 192.168.0.0/25'
Which iRule will reject any connection originating from a 10.0.0.0/8 network?
A. when CLIENT_ACCEPTED { set remote_ip [IP::addr [IP::remote_addr] mask 8] switch $remote_ip {
"10.0.0.0" { reject }
"11.0.0.0" { pool pool_http1}
default { pool http_pool }
}
}
B. when CLIENT_ACCEPTED { set remote_ip [IP::addr [IP::local_addr] mask 8] switch $remote_ip { "10.0.0.0" { reject } "11.0.0.0" { pool pool_http1} default { pool http_pool }
}
}
C. when CLIENT_ACCEPTED { set remote_ip [IP::addr [IP::client_addr] mask 255.0.0.0] switch $remote_ip { "10.0.0.0" { reject } "11.0.0.0" { pool pool_http1} default { pool http_pool }
}
}
D. when CLIENT_ACCEPTED { set remote_ip [IP::addr [IP::local_addr] mask 255.0.0.0] switch $remote_ip { "10.0.0.0" { reject } "11.0.0.0" { pool pool_http1} default { pool http_pool }
}
}
A web application requires knowledge of the client's true IP address for logging and analysis purposes. Instances of the application that can decode X-Forwarded-For HTTP headers reside in pool_a, while pool_b instances assume the source
IP is the true address of the client.
Which iRule provides the proper functionality?
A. when HTTP_DATA { if {[HTTP::header exists X-Forwarded-For]}{ pool pool_a } else { pool pool_b
}
}
B. when HTTP_RESPONSE { if {[HTTP::header exists X-Forwarded-For]}{ pool pool_a } else { pool pool_b
}
}
C. when HTTP_REQUEST { if {[HTTP::header exists X-Forwarded-For]}{ pool pool_a } else { pool pool_b
}
}
D. when HTTP_OPEN { if {[HTTP::header exists X-Forwarded-For]}{ pool pool_a } else { pool pool_b
}
}
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only F5 exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 301B exam preparations and F5 certification application, do not hesitate to visit our Vcedump.com to find your solutions here.