301b Exam Dumps - LTM Specialist: Maintain & Troubleshoot

Which two subsystems could the LTM Specialist utilize to access an LTM device with lost management interface connectivity? (Choose two.)

-- Exhibit –

-- Exhibit --

Refer to the exhibit.

Which URL should be reported to the server/application team as getting user-visible errors?

-- Exhibit –

-- Exhibit --

Refer to the exhibit.

Based on the output of the tmsh interface show command, what is the issue?

An LTM Specialist wants to allow access to the Always On Management (AOM) from the network.

Which two methods should the LTM Specialist use to configure the AOM interface? (Choose two.)

-- Exhibit –

-- Exhibit --

Refer to the exhibit.

An LTM Specialist is working on an LTM 11.0.0 installation and has identified a security vulnerability as shown in the exhibit. The LTM Specialist is tasked with applying the latest available hotfix to resolve the problem.

Which procedure resolves the problem?

An LTM Specialist uploaded new releases .iso and .md5 files titled "BIGIP-FILENAME" via the GUI.

Which commands are run via the command line from the root directory to verify the integrity of the new .iso file?

An LTM Specialist is troubleshooting an issue where one LTM device in a three LTM device group is failing to synchronize after a synchronize to group command is issued. The LTM Specialist verifies there are no packet filters, port lock down, or network issues preventing the connection.

What are two reasons the synchronization group is having issues? (Choose two.)

-- Exhibit –

-- Exhibit --

Refer to the exhibits.

Which two servers are missing two frequently used URLs? (Choose two.)

-- Exhibit –

-- Exhibit --

Refer to the exhibits.

An LTM Specialist is troubleshooting an application configured on an LTM device on a one-armed configuration. The application is NOT working through the LTM device but does work when accessed directly via the application servers. The virtual server 192.168.1.211:443 is configured to SNAT using the address 192.168.1.144 and references a pool with the member 192.168.10.80:443. No Client or Server SSL profiles are associated. The LTM Specialist has collected two traffic captures to help determine the issue.

What is the problem with the configuration on the LTM device?

What is the recommended procedure for upgrading a major TMOS release on a BIG-IP platform?

-- Exhibit –

-- Exhibit --

Refer to the exhibits.

An LTM Specialist has configured a virtual server to distribute connections to a pool of application servers and to offload SSL processing. The application fails to work as expected when connecting to the virtual server. It does work when clients connect directly to the application. Two packet captures were taken at the application server.

What is the root cause of the problem?

An LTM device has a virtual server configured as a Performance Layer 4 virtual listening on 0.0.0.0:0 to perform routing of packets to an upstream router. The client machine at IP address 192.168.0.4 is attempting to contact a host upstream of the LTM device on IP address 10.0.0.99.

The network flow is asymmetrical, and the following TCP capture displays:

# tcpdump -nnni 0.0 'host 192.168.0.4 and host 10.0.0.99'

tcpdump: verbose output suppressed, use -v or -vv for full protocol decode

listening on 0.0, link-type EN10MB (Ethernet), capture size 96 bytes

05:07:55.499954 IP 192.168.0.4.35345 > 10.0.0.99.443: S 3205656213:3205656213(0) ack 3267995082 win 1480

05:07:55.499983 IP 10.0.0.99.443 > 192.168.0.4.35345: R 1:1(0) ack 1 win 0

05:07:56.499960 IP 192.168.0.4.35345 > 10.0.0.99.443: S 3205656213:3205656213(0) ack 3267995082 win 1480

05:07:56.499990 IP 10.0.0.99.443 > 192.168.0.4.35345: R 1:1(0) ack 1 win 0

4 packets captured

Which option within the fastL4 profile needs to be enabled by the LTM Specialist to prevent the LTM device from rejecting the flow?

A virtual server for a set of web services is constructed on an LTM device. The LTM Specialist has created an iRule and applied this iRule to the virtual server:

when HTTP_REQUEST {

switch [HTTP::uri] {

"/WS1/ws.jsp" {

log local0. "[HTTP::uri]-Redirected to JSP Pool"

pool JSP

}

default { log local0. "[HTTP::uri]-Redirected to Non-JSP Pool"

pool NonJSP

}

}

}

However, the iRule is NOT behaving as expected. Below is a snapshot of the log:

/WS1/ws.jsp-Redirected to JSP Pool

/WS1/ws.jsp-Redirected to JSP Pool

/WS1/ws.jsp-Redirected to JSP Pool

/WS1/WS.jsp-Redirected to Non-JSP Pool

/ws1/WS.jsp-Redirected to Non-JSP Pool

/WS1/ws.jsp-Redirected to JSP Pool

/ws1/ws.jsp-Redirected to Non-JSP Pool

What is the problem?

Which file should be modified to create custom SNMP alerts?

-- Exhibit –

-- Exhibit --

Refer to the exhibit.

The virtual server is listening on port 443.

What is the solution to the problem?

Given the log entry:

011f0005:3: HTTP header (32800) exceeded maximum allowed size of 32768 (Client sidE. vip=/Common/VS_web profile=http pool=/Common/POOL_web client_ip=10.0.0.1)

Which HTTP profile setting can be modified temporarily to resolve the issue?

-- Exhibit –

-- Exhibit --

Refer to the exhibits.

After upgrading LTM from v10 to v11, users are unable to connect to an application. The virtual server is using a client SSL profile for re-terminating SSL for payload inspection, but a server SSL profile is being used to re-encrypt the request.

A client side ssldump did NOT show any differences between the traffic going directly to the server and the traffic being processed by the LTM device. However, packet capture was done on the server, and differences were noted.

Which modification will allow the LTM device to process the traffic correctly?

A high-availability (HA) pair configuration uses only the hardwire serial cable connection to determine device state. A power outage occurs to the PDU powering the active unit. The standby unit takes over the active role as expected.

How is the peer unit able to determine the active unit is unavailable?

-- Exhibit –

-- Exhibit --

Refer to the exhibit.

Which step should an LTM Specialist take next to finish upgrading to HD1.3?

-- Exhibit –

-- Exhibit --

Refer to the exhibits.

An LTM Specialist is reconfiguring a virtual server to redirect all clients to HTTPS. Testing reveals that the redirect is functioning incorrectly. As part of the troubleshooting process, the LTM Specialist performs a packet capture.

What is the issue?

An LTM Specialist configures two LTM devices in a high-availability pair with trusts established and device groups configured properly using network failover. After several months, the LTM Specialist notices that changes made to one LTM device do NOT cause the synchronization status to update to "changes pending," and this device does NOT synchronize with the device group.

Which two steps should the LTM Specialist take to identify the issue? (Choose two.)

-- Exhibit –

-- Exhibit --

Refer to the exhibit.

The decoded TCPDump capture is a trace of a failing health monitor. The health monitor is sending the string shown in the capture; however, the server response is NOT as expected. The receive string is set to 'SERVER IS UP'.

What is the solution?

An LTM HTTP pool has an associated monitor that sends a string equal to 'GET /test.html'.

Which two configurations could an LTM Specialist implement to allow server administrators to disable their pool member servers without logging into the LTM device? (Choose two.)

The pool members are serving up simple static web content.

The current virtual server configuration is given as follows:

tmsh list ltm virtual simple

ltm virtual simple {

destination 10.10.10.10:80

ip-protocol tcp

mask 255.255.255.255

profiles {

http { }

httpcompression { }

oneconnect { }

tcp { }

}

snat automap

vlans-disabled

}

tmsh list ltm pool simple_pool

ltm pool simple_pool {

members {

10.10.10.11:80 {

address 10.10.10.11 }

10.10.10.12:80 {

address 10.10.10.12 }

10.10.10.12:80 {

address 10.10.10.13 }

}

}

Which three objects in the virtual server configuration can be removed without disrupting functionality of the virtual server? (Choose three.)

-- Exhibit –

-- Exhibit --

Refer to the exhibits.

An LTM device has been configured for load balancing a number of different application servers. Configuration changes need to be made to the LTM device to allow administrative management of the servers in 172.16.10/24, 172.16.20/24, and 172.16.30/24 networks. The servers require outbound access to numerous destinations for operations.

Which solution has the simplest configuration changes while maintaining functionality and basic security?

An LTM Specialist has a single HTTPS virtual server doing SSL termination. No server SSL profile is defined. The pool members are on the internal VLAN answering on HTTP port 80. Users with certain browsers are experiencing issues.

Which two locations are most appropriate to gather packets needed to determine the SSL issue? (Choose two.)

An LTM device pool has suddenly been marked down by a monitor. The pool consists of members 10.0.1.1:443 and 10.0.1.2:443 and are verified to be listening. The affected virtual server is 10.0.0.1:80.

Which two tools should the LTM Specialist use to troubleshoot the associated HTTPS pool monitor via the command line interface? (Choose two.)

An LTM Specialist is troubleshooting virtual server 10.0.0.1:443 residing on VLAN vlan301. The web application is accessed via www.example.com. The LTM Specialist wants to save a packet capture with complete decrypted payload for external analysis.

Which command should the LTM Specialist execute on the LTM device command line interface?