2019 Free F5 EnsurePass 101 Dumps VCE and PDF Download Part 2

EnsurePass Dumps

101 PDF

http://www.ensurepass.com/101.html

 

QUESTION 21

DRAG DROP

Place the following items in the order that the BIG-IP device uses when processing a packet.

 

clip_image002

 

Correct Answer:

clip_image004

QUESTION 22

GTM can load balance to LTM in addition to non-BIG-IP hosts.

 

A.

True

B.

False

 

Correct Answer: A

 

 

QUESTION 23

You need to terminate client SSL traffic at the BIG-IP and also to persist client traffic to the same pool member based on a BIG-IP supplied cookie. Which four are profiles that would normally be included in the virtual server’s definition? (Choose four.)

 

A.

TCP

B.

HTTP

C.

HTTPS

D.

ClientSSL

E.

ServerSSL

F.

CookieBased Persistence

 

Correct Answer: ABDF

 

 

QUESTION 24

Which of the following statements is true about ARX’s capacity balancing ability?

 

A.

When new files are created, the ARX can determine in real time where to place each file based on the available space on each storage device

B.

When configuring the ARX, customers can choose to implement either an age-based policy or a capacity based policy, but are not able to run both policies at the same time

C.

All files created at approximately the same time (within 10 minutes) will be stored on the same tier of storage to minimize latency and improve the user experience

D.

The ARX balances capacity within tiers A storage, but cannot balance capacity across tiers of storage

 

Correct Answer: A

 

 

QUESTION 25

Assume a virtual server has a ServerSSL profile. What SSL certificates are required on the pool members.

 

A.

No SSL certificates are required on the pool members.

B.

The pool members SSL certificates must only exist.

C.

The pool members SSL certificates must be issued from a certificate authority.

D.

The pool members SSL certificates must be created within the company hosting the BIG-IPs.

 

Correct Answer: B

 

 

 

 

QUESTION 26

The current status of a given pool member is unknown. Which condition could explain that state?

 

A.

The member has no monitor assigned to it.

B.

The member has a monitor assigned to it and the most recent monitor was successful.

C.

The member has a monitor assigned to it and the monitor did not succeed during the most recent timeout period.

D.

The member’s node has a monitor assigned to it and the monitor did not succeed during the most recent timeout period.

 

Correct Answer: A

 

 

QUESTION 27

A top-level DNS zone uses a CNAME record to point to a sub-zone. Which of the following is an example of a sub-zone?

 

A.

www.F5.com/sub

B.

www.F5.com

C.

www.gslb.F5.com

D.

.com

E.

f5.com

 

Correct Answer: C

 

 

QUESTION 28

Which three of the following statements describe a data center object?

 

A.

It attempts to match a DNS request with a configured wide IP.

B.

It is attached to multiple Internet links.

C.

It becomes available for use when an assigned server is up.

D.

It retains statistics for each data center.

E.

It is a logical representation of a physical location.

F.

It specifies how users access the Internet.

 

Correct Answer: BC

 

 

QUESTION 29

A BIG-IP has two SNATs, a pool of DNS servers and a virtual server configured to load balance UDP traffic to the DNS servers. One SNAT’s address is 64.100.130.10; this SNAT is defined for all addresses. The second SNAT’s address is 64.100.130.20; this SNAT is defined for three specific addresses, 172.16.3.54, 172.16.3.55, and 172.16.3.56. The virtual server’s destination is 64.100.130.30:53. The SNATs and virtual server have default VLAN associations. If a client with IP address 172.16.3.55 initiates a request to the virtual server, what is the source IP address of the packet as it reaches the chosen DNS server?

 

A.

64.100.130.30

B.

172.16.3.55

C.

64.100.130.20

D.

64.100.130.10

 

Correct Answer: C

 

 

QUESTION 30

Which three must be done so that Generic Host Servers can be monitored using SNMP? (Choose three.)

 

A.

The SNMP monitor must be added to all BIG-IP Systems.

B.

The Generic Host Server must be running the big3d agent.

C.

The GTM System must be configured for the appropriate MIB.

D.

The Generic Host Server must be added to the GTM Configuration.

E.

The Generic Host Server must be enabled to answer SNMP queries.

 

Correct Answer: CDE

 

 

QUESTION 31

Which of the following statements are incorrect regarding protection of web services? (Choose two.)

 

A.

The BIG-IP ASM System checks to ensure web services use cookies.

B.

The BIG-IP ASM System parses XML requests and XML responses.

C.

The BIG-IP ASM System checks to ensure XML documents are well formed.

D.

The BIG-IP ASM System uses attack signatures to enforce negative security logic.

E.

The BIG-IP ASM System checks for XML syntax, schema validation, and WSDL validation.

 

Correct Answer: AB

 

 

QUESTION 32

Which of the following statements are correct regarding Attack signatures? (Choose two.)

 

A.

Attack signatures can apply to requests, responses, and parameters.

B.

Attack signatures are the basis for positive security logic with the BIG-IP ASM System.

C.

Any new Attack signature downloaded manually or automatically will be active and assigned directly to the security policy.

D.

Individual Attack signatures can be assigned to the security policy. Only Attack signature sets can apply to the security policy.

 

Correct Answer: AD

 

 

QUESTION 33

Assuming that systems are synchronized, which action could take place if the failover cable is connected correctly and working properly, but the systems cannot communicate over the network due to extern al network problems.

 

A.

If network failover is enabled, the standby system will assume the active mode.

B.

Whether or not network failover is enabled, the standby system will stay in standby mode.

C.

Whether or not network failover is enabled, the standby system will assume the active mode.

D.

If network failover is enabled, the standby system will go into active mode but only until the network recovers.

 

Correct Answer: B

 

 

QUESTION 34

Select F5 platforms have which three certifications? (Choose three.)

 

A.

FIPS

B.

SECG

C.

NEBS

D.

IEEE

E.

Common Criteria

F.

AFSSI

 

Correct Answer: ACE

 

 

QUESTION 35

Which four are GTM server static load balancing modes? (Choose four.)

 

A.

Return to DNS

B.

CPU

C.

Packet Rate

D.

Drop Packet

E.

Round Robin

F.

Static Persist

 

Correct Answer: ADEF

 

 

QUESTION 36

A site needs to terminate client HTTPS traffic at the BIG-IP and forward that traffic unencrypted. Which two are profile types that must be associated with such a virtual server? (Choose two.)

 

A.

TCP

B.

HTTP

C.

HTTPS

D.

ClientSSL

E.

ServerSSL

 

Correct Answer: AD

 

 

QUESTION 37

Which VLANs must be enabled for a SNAT to perform as desired (translating only desired packets)?

 

A.

The SNAT must be enabled for all VLANs.

B.

The SNAT must be enabled for the VLANs where desired packets leave the BIG-IP.

C.

The SNAT must be enabled for the VLANs where desired packets arrive on the BIG-IP.

D.

The SNAT must be enabled for the VLANs where desired packets arrive and leave the BIG-IP.

 

Correct Answer: C

 

QUESTION 38

A customer says his business wouldn’t benefit from buying ARX because it already has block based storage virtualization in place. Is he right? Why or why not?

 

A.

Yes. Block based storage virtualization is just another name for file virtualization.

B.

No. ARX allows customers to implement storage tiering benefits, but block based storage virtualization does not.

C.

Yes. Block based storage virtualization offers the same functionality as ARX’s file virtualization, although it uses slightly different technology.

D.

No. Both technologies attempt to solve similar problems, but only the ARX allows the customer to have visibility into their data and apply business policy at the file level. Block based virtualization has no visibility into the type of data.

 

Correct Answer: D

 

 

QUESTION 39

Which three parameters could be used to determine whether a connection request will have the source address translated as the request is processed? (Choose three.)

 

A.

the client’s router’s IP address

B.

the client’s browser’s preferred language

C.

the client’s IP netmask

D.

the client’s TCP port

E.

the client’s IP address

F.

the client IP fragment offset

 

Correct Answer: BDE

 

 

QUESTION 40

Select the key question you would use to ask your customer related to DNS attacks?

 

A.

Do you over-provision your DNS infrastructure?

B.

Do you regularly update BIND or some other DNS application to the latest release?

C.

Do you rely on your network firewall to protect your DNS server?

D.

How do you secure your DNS infrastructure against attacks?

 

Correct Answer: D