CertsTopics Logo

Weekend Sale 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: save70

Passed Exam Today 303

Page: 18 / 20
Total 520 questions
Get 303 Full Access Download 303 PDF

BIG-IP ASM Specialist Questions and Answers

Question 69

What does the following iRule do?

when CLIENT_ACCEPTED {

if { [matchclass [IP::client_addr] equals WebClient1-Whitelist1] }{

#log local0. "Valid client IP: [IP::client_addr] - forwarding traffic"

#Pool WebClient1

} else {

log local0. "Invalid client IP: [IP::client_addr] - discarding"

discard

}

}

Options:

A.

The iRule compares a client IP to a list. If the client IP is on the list, discard and log the discard.

B.

The iRule compares a client IP to a list. If the client IP is NOT on the list, discard and log the discard.

C.

The iRule compares a client IP to a list. If the client IP is on the list, the client is sent to Pool WebClient1. Otherwise, discard and log the discard.

D.

The iRule compares a client IP to a list. If the client IP is NOT on the list, the client is sent to Pool WebClient1. Otherwise, discard and log the discard.

Question 70

An LTM Specialist has a OneConnect profile and HTTP profile configured on a virtual server to load balance an HTTP application.

The following HTTP headers are seen in a network trace when a client connects to the virtual server:

Clientside:

GET / HTTP/1.1

Host: 192.168.136.100

User-Agent: Mozilla/5.0

Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8

Accept-EncodinG. gzip, deflate

Connection: keep-alive

Serverside:

HTTP/1.1 200 OK

DatE. 5 Jun 1989 17:06:55 GMT

Server: Apache/2.2.14 (Ubuntu)

Vary: Accept-Encoding

Content-EncodinG. gzip

Content-LengtH. 3729

X-Cnection: close

Content-TypE. text/html

The LTM Specialist notices the OneConnect feature is working incorrectly.

Why is OneConnect functioning incorrectly?

Options:

A.

Client must support HTTP/1.0.

B.

Client must support HTTP keep-alive.

C.

Server must support HTTP/0.9.

D.

Server must support HTTP keep-alive.

Question 71

A client (10.10.1.30) connecting to an HTTPS virtual server (10.10.1.100) with a clientssl profile is getting an SSL error.

Which options will trace this issue?

Options:

A.

tcpdump -i external -X -e -nn -vvv -w /shared/ssl_problem.cap port 443 and host 10.10.1.30

ssldump -r /shared/ssl_problem.cap -n -x

B.

tcpdump -i external -s 0 -w /shared/ssl_problem.cap port 443 and host 10.10.10.30 and host 10.10.1.100

ssldump -r /shared/ssl_problem.cap -n -x

C.

tcpdump -i external -X -s 0 -vvv src host 10.10.10.30 and dst host 10.10.1.100 and port 443 > /shared/ssl_problem.cap

ssldump -r /shared/ssl_problem.cap -n -x

D.

tcpdump -i external -X -e -nn -vv port 443 and host 10.10.1.100 and host 10.10.1.30 > /shared/ssl_problem.cap

ssldump -n -x < /shared/ssl_problem.cap

Question 72

-- Exhibit –

-- Exhibit --

Refer to the exhibit.

An LTM Specialist configures a virtual server that balances HTTP connections to a pool of three application servers. Approximately one out of every three connections to the virtual server fails.

Which two actions will resolve the problem? (Choose two.)

Options:

A.

Assign a custom HTTP monitor to the pool.

B.

Enable SNAT automap on the virtual server.

C.

Verify that port lockdown is set to allow port 80.

D.

Verify the default gateway on the application servers.

E.

Increase the TCP timeout value in the default TCP profile.

Page: 18 / 20
Total 520 questions
Get 303 Full Access Download 303 PDF