• Home
  • Articles
  • 101 Practice Exam and Study Guides - Verified By ExamcollectionPass Updated 240 Questions [Q142-Q167]

101 Practice Exam and Study Guides - Verified By ExamcollectionPass Updated 240 Questions [Q142-Q167]

Share

101 Practice Exam and Study Guides - Verified By ExamcollectionPass Updated 240 Questions

2024 Updated Verified Pass 101 Study Guides & Best Courses


Earning the F5 101 certification can help individuals advance their careers in the IT industry. It demonstrates a high level of knowledge and expertise in application delivery fundamentals, which is highly valued by employers. Application Delivery Fundamentals Exam certification can also lead to opportunities for further specialization and career growth in areas such as security, cloud computing, and DevOps.

 

NEW QUESTION # 142
Which three files/data items are included in a BIG-IP UCS backup file? (Choose three.)

  • A. the BIG-IP host name
  • B. the BIG-IP administrative addresses
  • C. the BIG-IP default traps
  • D. the BIG-IP license
  • E. the BIG-IP log files

Answer: A,B,D


NEW QUESTION # 143
Which two statements are true concerning capabilities of current BIG-IP platforms? (Choose two.)

  • A. All current BIG-IP platform use both an ASIC. And CPU(s)to process traffic.
  • B. Only 2U BIG-IP Platform have an option of a second power supply.
  • C. All BIG-IP have capacity to perform bulk encryption I decryption of SSL traffic independent of the CPU.
  • D. The 1600 hosts more ports than the 3900.
  • E. All current BIG-IP platform can perform hardware compression.

Answer: A,C


NEW QUESTION # 144
Which is an advantage of terminating SSL communication at the BIG-IP rather than the ultimate web server.

  • A. Terminating SSL at the BIG-IP can eliminate SSL processing at the web servers.
  • B. Terminating SSL at the BIG-IP eliminates the need to use SSL acceleration hardware anywhere in the network.
  • C. Terminating SSL at the BIG-IP eliminates all unencrypted traffic from the internal network.
  • D. Terminating SSL at the BIG-IP eliminates the need to purchase SSL certificates from a certificate authority.
  • E. Terminating SSL at the BIG-IP eliminates all unencrypted traffic from the internal network.

Answer: A


NEW QUESTION # 145
DNSSEC is a GTM add-on licensing feature.

  • A. True
  • B. False

Answer: A

Explanation:
Explanation/Reference:


NEW QUESTION # 146
Without decrypting, what portion of an HTTPS session is visible with a packet capture?

  • A. HTTP Response Headers
  • B. Cookies
  • C. HTTP Request Headers
  • D. Source IP Address

Answer: D


NEW QUESTION # 147
ASM's Web Scraping protection:

  • A. Is difficult to configure
  • B. Cannot accommodate good scrapers
  • C. Will protect the site by blocking all requests
  • D. Is simple to configure

Answer: D


NEW QUESTION # 148
Which of the following statements are correct regarding positive and negative security models?
(Choose two.)

  • A. Negative security model denies all transactions by default.
  • B. Positive security model allows all transactions by default.
  • C. Positive security mode l denies all transactions by default and uses rules that allow only those transactions that are considered safe and valid.
  • D. Negative security model allows all transactions by default and rejects only transactions that contain attacks.

Answer: C,D


NEW QUESTION # 149
Similar to LTM monitors, GTM monitors use both an Interval and a Timeout value.

  • A. True
  • B. False

Answer: A


NEW QUESTION # 150
What is the nest hop used to send traffic to reach 192.168.1.50?

  • A. 172. 17. 12. 51
  • B. 192. 168. 150
  • C. 172. 17. 12/ 255
  • D. 172. 17. 12.254

Answer: D


NEW QUESTION # 151
A pool is using Global Availability as its load balancing method (Alternate:Round Robin; Fallback: Return to DNS). The last five resolutions have been C, D, C, D, C.
Given the current conditions shown in the table, which address will be used for the next resolution?

  • A. C
  • B. B
  • C. D
  • D. A

Answer: B


NEW QUESTION # 152
A server is capable of handling more connections than other servers in the same pool. Which load distribution method should the administrator choose?

  • A. Round Robin
  • B. Least Connections
  • C. Fastest
  • D. Ratio

Answer: D


NEW QUESTION # 153
Which of the following statements are correct regarding Attack signatures? (Choose 2)

  • A. Attack signatures can apply to requests, responses, and parameters.
  • B. Individual Attack signatures can be assigned to the security policy. Only Attack signature sets can apply to the security policy.Individual Attack signatures can? be assigned to the security policy. Only Attack signature sets can apply to the security policy.
  • C. Attack signatures are the basis for positive security logic with the BIG-IP ASM System.
  • D. Any new Attack signature downloaded manually or automatically will be active and assigned directly to the security policy.

Answer: A,B


NEW QUESTION # 154
Which statement is true concerning iRule events.

  • A. If an iRule references an event that doesn't occur during the client's communication, the client's connection will be terminated prematurely.
  • B. All client traffic has data that could be used to trigger iRule events.
  • C. All iRule events are appropriate at any point in the client-server communication.
  • D. All iRule events relate to HTTP processes.

Answer: B


NEW QUESTION # 155
Which statement describes advanced shell access correctly? Which statement describes advanced shell access correctly?

  • A. All Users can be given advanced shell access. All users can be given advance shell access.
  • B. Users with advanced shell access can always change, add, or delete LTM objects in all partition. Users with? Advanced shell access can always, change, add, or delete LTM objects in all partitions.
  • C. Users with advance shell access are limited to changing, adding, or deleting LTM object in any single partition. Users with? Advance shell accesses are limited to changing, adding, or deleting LTM object on any single partition.
  • D. Users with advance shell access have the same right as those with msh access, but the right extend to all partition rather than to Users with advance shell access have the same right as those with msh access, but right extend to all partition rather than to a single partition.

Answer: B


NEW QUESTION # 156
When using a routed configuration, the real server must point to the LTM as the ________.

  • A. NTP Server
  • B. Virtual IP
  • C. WINS server
  • D. DNS Server
  • E. Default gateway

Answer: E


NEW QUESTION # 157
What happens when the data center that GTM recommends for a client is unavailable?

  • A. GTM uses cached information to determine an alternate route.
  • B. GTM sends subsequent queries to the next preferred data center.
  • C. GTM directs the client to use its DNS cache to select an alternate location.
  • D. The client continues to attempt to access the preferred data center.
  • E. GTM queries the local DNS server.

Answer: B


NEW QUESTION # 158
Where is connection mirroring configured?

  • A. It is not configured; it is default behavior.
  • B. It is an optional feature of each pool.
  • C. It is an optional feature of each virtual server.
  • D. It an option within a TCP profile.

Answer: C


NEW QUESTION # 159
What does the nsert XForwarded For?
option in an HTTP profile do?
What does the ?nsert XForwarded For?option in an HTTP profile do?

  • A. The client IP addresses are inserted into HTTP header.
  • B. The client IP addresses are inserted into messages sent to remote syslog servers.
  • C. A BIG-IP self-IP is inserted in the source address field on the clint-side connection.
  • D. A BIG-IP self-IP is inserted in the source address field on the server-sid connection.

Answer: A


NEW QUESTION # 160
ARX will detect any modification to a file on the second tier because all clients are being _______ by the ARX to get to the storage.

  • A. Copied
  • B. Proxied
  • C. Backed up
  • D. Moved
  • E. Deleted

Answer: B


NEW QUESTION # 161
Why is BIG-IP ASM ideally suited to protect against layer 7 attacks, including HTTP and HTTPS/SSL traffic, when compared to an intrusion prevention system (IPS)?

  • A. An IPS doesn't have the visibility into HTTPS traffic. it doesn't understand what applications are in the network.
  • B. An IPS only focus on operating system attacks; it doesn't understand what application are in the network.
  • C. An intrusion prevention system (IPS) is based on Packet Filtering.
  • D. An IPS can only look at overall traffic patterns; it doesn't understand what applications are in the network.

Answer: D

Explanation:
Explanation/Reference:
Explanation:


NEW QUESTION # 162
Which statement accurately describes the difference between two load balancing modes specified as
"member" and "node"?

  • A. There is no difference; the two terms are referenced for backward compatibility purposes.
  • B. When the load balancing choice references "node", priority group activation is unavailable.
  • C. When the load balancing choice references "node", the addresses' parameters are used to make the load balancing choice rather than the member's parameters.
  • D. Load balancing options referencing "nodes" are available only when the pool members are defined for the
    "any" port.

Answer: C


NEW QUESTION # 163
Which four of the following items are physical objects used by GTM?

  • A. Servers
  • B. Virtual servers
  • C. Pools
  • D. Data centers
  • E. Wide IPs
  • F. Links

Answer: A,B,D,F

Explanation:
Explanation/Reference: These components include: Data centers, Servers, Links, Virtual servers http://support.f5.com/kb/en-us/products/bigip_gtm/manuals/product/gtm_config_10_2/gtm_components_overview.html Links + Wide IPs + Data centers + Pools Links + Wide IPs + Data centers + Virtual servers Links + Servers + Virtual servers + Poolsthe physical network, such as data centers, servers, and links, and the components that comprise the logicalnetwork, such as wide IPs, pools, and global settings. Most of the configuration components you build usingthe Configuration utility are saved to the wideip.conf file. Logical objects/components include: Listeners - Pools - Wide IPs - Distributed applications


NEW QUESTION # 164
Information leakage is a major obstacle to achieving PCI DSS compliance.

  • A. True
  • B. False

Answer: A


NEW QUESTION # 165
ASM provides antivirus protection by:

  • A. None of the above
  • B. Using IP Penalty enforcement to block requests from hackers IPs
  • C. Extracting files being uploaded and sending them to an AV system via ICAP
  • D. Running a local antivirus program on the BIG-IP

Answer: C

Explanation:
Explanation/Reference:
Explanation:
Supported ICAP Servers in TMOS 11.5:


NEW QUESTION # 166
Which of the following can be associated with an XML profile?

  • A. File type
  • B. Parameter
  • C. Method
  • D. Flow

Answer: B


NEW QUESTION # 167
......

Ultimate Guide to the 101 - Latest Edition Available Now: https://www.examcollectionpass.com/F5/101-practice-exam-dumps.html

2024 Updated Verified Pass 101 Exam - Real Questions and Answers: https://drive.google.com/open?id=13ePTKcT6RZ7hzgW197da_FzMsCO60uhx

Related Articles

more
F5 101 Certification Practice Exam