F5-101_80Q_Nov 05, 2017

1.What are two main benefits of the BIG-IP system redundancy?(Choose two) A. Devices
can fail over to one of many available devices. B. Devices can synchronize its configuration
data for up to 64 BIG-IP devices on a network. C. Devices can mirror connections to a peer
device to prevent interruption in service during failover. D. Devices can determine which
device should become active based on STP changes in the network. E. Devices can
transfer some of its extra load to one or more devices with less load in the same device
group. Answer :A,C

2.A client initiates a TCP connection to the load balancer. The load balancer opens a new
TCP connection to the server. What is this called? A. passthrough connection B. half proxy
connection C. asynchronous connection D. full proxy connection Answer :D

3.If a pool member has been marked DOWN by a monitor, what will be the result? A. That
pool member will still receive traffic but will redirect it to other servers. B. That pool member
will only receive traffic for existing connections. C. That pool member will not receive any
more traffic until it comes up. D. That pool member will receive the same level of traffic
regardless of the state Answer :C

4.What are two advantages of running a virtualized load balancer over running a hardware
load balancer? (Choose two.) A. A virtual load balancer can be deployed remotely via
software. B. A virtual load balancer is faster. C. A virtual load balancer is easier to
configure. D. A virtual load balancer runs newer code than a hardware load balancer. E. A
virtual load balancer is cheaper. Answer :A,E

5.Which security policy protects from known attacks and defines resources that should be
accessible? A. a security policy using both positive and negative security B. a security
policy using ACL security C. a security policy using negative security only D. a security
policy using positive security only Answer :A

6.HTTP/1.0 requests are made to a server that supports only HTTP version 1.1. Which
header is required to avoid a "400 Bad Request" response code in this situation?? A.
Location B. Accept-Encoding C. Host D. Connection Answer :C

7.An administrator has a specific file that is requested frequently on the web application. A.
use TCP optimization B. use a longer packet TTL C. serve the file from RAM cache D.
enable file compression Answer :A 應該是 C

8.Which three protocols may be used to authenticate a user against an identity

store?(Choose three.) A. 3DES B. DIAMETER C. AAA D. RADIUS E. LDAP Answer :C,D,E

9.Traffic sent to the Internet with the IP address 172.16.1.1/16 fails to receive any replies.
What is the most likely cause of the failure? A. The IP address is in a private range. B. The
IP address is a class B address. C. The IP address is a broadcast address. D. The IP
address Subnet mask is incorrect. Answer :A

10.An administrator needs to provide additional application layer security for SMTP and
FTP traffic. Which F5 product provides this functionality? A. LTM B. GTM C. ASM D. AFM
Answer :C

11.Which HTTP header will prevent a connection from being closed after a server sends its
response? A. Close: False B. Connection: Keep-Alive C. Keep-Alive: True D. Connection:
Persist Answer :B

12.An administrator needs to configure a secure connection for replication traffic between
database servers. The servers are located in different data centers. Which solution should
the administrator choose? A. PPTP B. IPsec C. SSL VPN D. L2TP Answer :B

13.Which three factors should influence the decision to choose hardware of a virtual
appliance? (Choose three.) A. multiprotocol support B. performance C. available rack space
D. power and cooling E. management API Answer :B,C,D

14.In IPv6, which protocol maps physical addresses to IP addresses? A. RTSP B. DHCPv6
C. NDP D. NNTP Answer :C

15.According to the OSI model, how do the layers logically track data? A. by applying tags
as the information moves between layers B. by encapsulating data with their own
information C. by using reference pointers to track data entering and leaving each layer D.
by using packet information to track the data with a table of layer-specific information
Answer :B

16.An administrator updates an HTTP application. The resource layout changes, and the
users' bookmarks no longer work. Which F5 feature can solve this problem quickly? A. iApp
B. iSession C. iControl D. iRules Answer :A

17.Which F5 feature provides custom Data Loss Prevention (DLP)? A. TCP profile B.
iControl C. SSL profile D. iRules Answer :C

18.What is the purpose of the TCP SACK option? A. to selectively indicate which packets
were received B. to prevent packet fragmentation C. to tell the receiver which packets were
not acknowledged D. to eliminate the need for sequence numbers Answer :A

19.Which protocol requires services only at the network layer or below? A. UDP B. ESP C.
FTP D. TCP Answer :B

20.Which method does TCP use to ensure that the contents of a packet are unchanged
when it reaches the destination host? A. The sender sends an ACK packet with the total
received bytes of the previous packet, and the receiver validates that the ACK contains the
appropriate number of bytes. B. The sender includes a calculated content-length TCP
header, and the receiver ensures it receives the correct amount of data. C. The sender
includes a calculated checksum in the TCP header, and the receiver recalculates the
checksum and validates the received value. D. The sender sends an ACK packet in order to
ensure that the packet was received correctly. Answer :C

21.What is the IPv6 equivalent of the IPv4 address 127.0.0.1? A. ::127.0.0.1 B. ff0x::1 C.
::/128 D. ::1 Answer :D

22.Which F5 product provides de-duplication, compression, and application optimizations?

A. GTM B. ASM C. APM D. AAM Answer :D

23.At a minimum, which two objects are required in order to achieve load
balancing?(Choose two.) A. an HTTP profile B. destination servers C. an IP address D. a
persistence profile E. a health check Answer :B,C

24.A network administrator analyzes a packet trace and sees an http 302 response code.
What does this mean? A. The user was sent to another URL. B. The user was redirected to
another DNS server. C. The client received a "forbidden access" error. D. The client
received a "file not found" error. Answer :A

25.In which scenario is a full proxy TCP connection required? A. when enabling TCP routing
on the external facing interface of the load balancer B. when changing the source IP
address when crossing from the client to the server side of the load balancer C. when
configuring different maximum segment sizes on the client and server sides of the load
balancer D. when passing the client IP address to originating servers Answer :C

26.What would cause a packet's TCP checksum to be incorrect at the destination? A. The
packet was temporarily lost in transmission. B. The packet has arrived at the correct
destination, but out of sequence. C. The packet was corrupted in transmission. D. The
packet has arrived at the correct destination, but was fragmented in transit. Answer :C

27.A new application requires guaranteed IP packet delivery. Which protocol should be
used in this circumstance? A. UDP B. GRE C. TCP D. SDP Answer :C

28.An administrator is deploying an HTTP site that will be accessed by users who reside
behind a large internet proxy. Which type of persistence should the administrator use? A.
cookie persistence B. SSL session persistence C. source address affinity D. destination
address affinity Answer :A

29.A network administrator has configured a node with an IP address and subnet mask of
192.168.0.15/28. Why is this problematic? A. 192.168.0.15/28 is the broadcast address for
that subnet. B. 192.168.0.15/28 has an invalid subnet mask. C. 192.168.0.15/28 is the
network address for that subnet. D. 192.168.0.15/28 is a private IP address. Answer :A
30.What is the correct result of the BIG-IP ConfigSync process? A. Any changes made to
networking part of configuration will be synchronized to the peer unit. B. If changes have
been made to the shared configuration on both units, all the changes on each unit will be
synchronized. C. If changes have been made to the shared configuration on both units, any
changes that were made on the target unit will be lost. D. If a file in a synchronized directory
is deleted by the ConfigSync process as well. Answer :B

31.Which HTTP method is used to submit form data? A. TRACE B. PUT C. POST D. HEAD
Answer :C

32.An administrator needs to provide secure remote access with single sign-on (SSO) to
corporate users. Which F5 module is most appropriate for this purpose? A. AAM B. AFM C.
APM D. PSM Answer :C

33.When load balancers are used to manage application traffic, why are health monitors
important? A. to keep connections from timing out B. to avoid congestion on the network C.
to determine if traffic should be sent to a server D. to signal servers to be ready for client
traffic Answer :C

34.In which scenario is a full proxy TCP connection required? A. when connection mirroring
is enabled B. when SYN cookie DOS protection is enabled C. when access lists are
enabled D. when caching is enabled Answer :D

35.In which scenario is a packet forwarding architecture sufficient? A. when content based
load balancing is demanded B. when SSL offloading is used C. when the client connection
and server connection should be decoupled D. when layer 4 load balancing is demanded
Answer :D

36.What is the most efficient certificate revocation method? A. Online Certificate Status
Protocol B. Online Certificate Revocation List C. Client certificate attribute validation D.
Server certificate attribute validation Answer :A

37.Which technique is used to ensure that an IP connection associated with a specific

server in a pool continues to be directed to that server? A. SYN cookie B. pipelining C.
persistence D. OneConnect Answer :C

38.Refer to the exhibit. Based on the packet capture, which IP address returns a SYN/ACK?
A. 192.168.238.112 B. 192.168.238.111 C. 192.168.238.11 D. 192.168.238.1 Answer :B

39.A DNS server is unable to respond to a query and sends the query to another DNS
server on the client's behalf. Which type of query is this? A. Iterative B. Authoritative C.
Redundant D. Recursive Answer :C, A

40.Which application type would benefit from BIG-IP Application Acceleration Manager? A.
streaming video B. peer-to-peer C. HTTP D. VoIP Answer :A

41.Which routing protocol is a link state protocol? A. OSPF B. BGP C. RIP D. EGP Answer
:A
42.What is the initial sequence number during the TCP 3-way handshake? A. the source
port of the client system B. the Julian date minus 1 C. the destination port of the server
system D. a random number Answer :D

43.Hash functions are used in conjunction with encryption for which two reasons?(Choose
two.) A. Encryption B. Normalization C. Authentication D. Decryption E. Validation Answer
:C,E

44.In which scenario should an administrator use a full tunnel VPN solution? A. when users
require access to a terminal server B. when users need remote access to email C. when
users need access multiple network services D. when users only access web applications
Answer :C

45.What is an advantage of deploying applications using iApps? A. It provides a significant

reduction of time to deploy an application. B. It provides a single configuration language to
deploy an application. C. It ensures more secure applications. D. It reduces the complexity
of iRules. Answer :A

46.An administrator has been asked to create a template to deploy an application traffic
management solution on many BIG-IP devices. Which F5 technology should the
administrator use? A. iApps B. iControl C. iRules D. iSessios Answer :A

47.Which technique is used to separate packets from multiple VLANs across a single
physical link? A. port-based VLANs B. Spanning Tree Protocol C. VLAN tagging D. WAN
encapsulation Answer :C

48.In the OSI model, which layers are specific to Ethernet? A. Physical + Network layers B.
Data link + Network layers C. Network + Transport layers D. Physical + Data Link layers
Answer :D

49.User A is connected to VLAN1 while User B is connected to VLAN2. The VLANs are
segmented at the data link layer of the OSI. Which data link layer feature prevents User B's
workstation from seeing an ARP request sent from User A's workstation? A. Revers ARP B.
MAC masquerading C. Broadcast domain D. ARP Answer :C

50.What is primary purpose of a MAC masquerade address? A. to minimize ARP

communications or dropped packets as a result of a failover event B. to mask an IP address
for security purposes C. to allow a source NAT configuration in a redundant pair of
application delivery controllers D. to decrease the size of ARP table Answer :A

51.An administrator needs to restrict the HTTP methods that a client can use to interact with
an application. Which F5 feature provides this functionality? A. iRules B. HTTP profiles C.
iControl D. Streaming profiles Answer :A
52.Which term describes the systems and processes used to associate users with digital
identities? A. Public Key Infrastructure B. Certificate Authority C. Hardware Security Module
D. Digital Rights Management Answer :A

53.A browser converts a JPEG file to a BMP file. At which OSI layer is this occurring? A.
Data link B. Network C. Session D. Presentation Answer :D

54.A new virtual server on fails testing. What is a likely reason for this failure? A. The
firewall is blocking 172.17.44.12 on port 80. B. The firewall is blocking 172.17.44.12 on port
443. C. A DNS PTR record is unavailable for 172.17.44.12. D. A DNS A Record is
unavailable for 172.17.44.12. Answer :B

55.A pair of load balancers is configured so that each device is processing traffic and is
ready to take over for other if failover occurs. Which type of configuration is this an example
of? A. standby-active B. active-active C. active-standby D. standby-standby Answer :A

56.Which operating system component is responsible for DNS queries? A. Resolver B.

Look-Up C. Resource D. Cache Answer :A

57.Which LDAP syntax is correct when asked to reference a specific User Object with an
LDIF formatted distinguished name? A. Idap://Cn=jdoe/ou=users/dc=company/dc=com B.
CN=jdoe.OU=users.DC=company.DC=com C. Idap://jdoe/users/company/com D.
CN=jdoe,OU=users,DC=company,DC=com Answer :D

58.Which type of failover is required for a group with more than two BIG-IP devices? A.
VLAN failover B. network failover C. serial failover D. application failover Answer :B

59.Which advantage does active-active have over active-standby? A. Troubleshooting is

easier since only part of the traffic passes the device. B. Configurations are automatically
synchronized between the active-active cluster. C. Hardware power consumption is
optimized. D. The overall load on each system is reduced. Answer :D

60. Based on the SNMP packet shown, which two statements accurately describe the
device roles? (Choose two.) A. 192.168.240.153 is the server. B. 192.168.240.153 is the
client. C. 192.168.240.15 is the client. D. 192.168.240.15 is the server. E. 192.168.240.153
could be either the client or server. Answer :A,

C 61.In which scenario is a packet forwarding architecture sufficient? A. when HTTP

headers must be modified B. when SSL offloading is performed to reduce the Server load
C. when cookie persistence is demanded D. when load balancing based on IP address is
required Answer :D

62.In the example is the top level domain portion of the URL? A. www B. http C. f5 D. com
Answer :D
 63.In which security model is all traffic denied by default? A. role-based security model B.
negative security model C. rule-based security model D. positive security model Answer :D

64.An administrator is deploying four identical servers to perform load balanced DNS. What
is the correct configuration to accomplish this? A. round robin load balancing without
persistence B. round robin load balancing with simple persistence C. ratio load balancing
with cookie persistence D. ratio load balancing with simple persistence Answer :A

65.According to the IPv6 RFC, what are two valid examples of IPv6 addresses? (Choose
two.) A. ::FFFF:129.144.52.38 B. 1A80::8:8I0:20JC:4170 C. 1080::8:800:200C:417A D.
01:23:45:89:ab Answer :A,C

66.On the sending device, how does information primarily flow in the 7-layer OSI model? A.
from Presenlation layer to Application layer B. from Network layer to Session layer C. from
Physical layer to Application layer D. from Application layer to Physical layer Answer :D

67.An administrator needs to make sure that clients are always sent to an available server.
Which aspect of the Server Pool configuration meets this requirement? A. the protocol of
the virtual server B. the persistence profile C. the health monitor D. the state of the virtual
server Answer :C

68.What does the existence of an open network socket in listening state on the host
indicate? A. It is an API socket. B. It is a peer unit. C. It is the client. D. It is the server.
Answer :D

69.A user has complained of a slow LAN connection, and a technician has replaced their
network interface card and rebooted their workstation. Which data link layer address will
change? A. WAN B. VLAN C. IP D. MAC Answer :D

70.Server to server communication using SOAP is dependent upon which two

technologies? (Choose two.) A. an authentication protocol such as RADIUS B. the message
format XML C. a transport protocol such as HTTP D. a database such as SQL E. file
sharing using SMB Answer :B,C

71.User A is accessing a web application over the internet via a proxy server. Why is the
BIG-IP a client device in this scenario? A. because the BIG-IP is closest to the web
application B. because the BIG-IP utilizes a full proxy TCP stack C. because the BIG-IP
switches traffic D. because any device used to forward traffic can be considered a client
Answer :A

72.What is the purpose of using persistence when load balancing? A. to ensure that clients'
requests are not redirected to servers that are marked as down B. to ensure that client
requests are evenly distributed among the servers C. to ensure that the servers run faster
D. to ensure that client requests are directed to the same server during the life of a session
Answer :D
73.An administrator needs to monitor server health based on layer 3 functionality. Which
health check method should the administrator use? A. SIP B. RPC C. ICMP D. HTTP
Answer :C

74.Which encryption type uses the same key as that used for decryption? A. Digital
Certificate Encryption B. Asymmetric Encryption C. Password Encryption D. Symmetric
Encryption Answer :D

75.Which two functions occur at the OSI Network layer?(Choose two.) A. enabling wide
area network compression B. providing MAC addressing C. moving traffic between subnets
D. providing IP addressing Answer :C,D

76.What are two characteristics of UDP?(Choose two.) A. connection-oriented B. unreliable

delivery C. guaranteed delivery D. connectionless E. ordered delivery Answer :B,D

77.User A establishes an SSL session to a BIG-IP load balancer with a client-side SSL
profile configured. The connection is load balanced to the Web App. What is the server to
User A in this situation? A. User B B. Router C. Web App D. BIG-IP Answer :D

78.Which security model can be deployed most rapidly to protect a web application? A.
ACL security model B. positive security model C. open security model D. negative security
model Answer :D

79.Which F5 technology allows an administrator to create application-centric views of BIG-

IP configuration objects? A. iRules B. iApps C. iControl D. iSessions Answer :B

80.When establishing a TCP connection, what is the final TCP flag in the initialization? A.
SYN B. ACK C. RST D. FIN Answer :B ...