Summer Special Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: exc65

examout.co

-- Exhibit –

-- Exhibit --

Refer to the exhibit.

An LTM Specialist is troubleshooting an issue with SSL and is receiving the error shown when connecting to the virtual server. When connecting directly to the pool member, clients do NOT receive this message, and the application functions correctly. The LTM Specialist exports the appropriate certificate and key from the pool member and imports them into the LTM device. The LTM Specialist then creates the Client SSL profile and associates it with the virtual server.

What is the issue?

A.

The SSL certificate and key have expired.

B.

The SSL certificate and key do NOT match.

C.

The client CANNOT verify the certification path.

D.

The common name on the SSL certificate does NOT match the hostname of the site.

-- Exhibit –

-- Exhibit --

Refer to the exhibit.

An LTM Specialist creates a virtual server to load balance traffic to a pool of HTTPS servers. The servers use client certificates for user authentication. The virtual server has clientssl, serverssl, and http profiles enabled. Clients are unable to connect to the application through the virtual server, but they are able to connect to the application servers directly.

Which change to the LTM device configuration will resolve the problem?

A.

Install the server certificate/key and enable Proxy SSL.

B.

Use the serverssl-insecure-compatible serverssl profile.

C.

Configure the clientssl profile to require a client certificate.

D.

Install the client's issuing Certificate Authority certificate on the LTM device.

An LTM Specialist receives a request to monitor the network path through a member, but NOT the member itself.

Which monitor option should the LTM Specialist enable or configure?

A.

Reverse

B.

Up interval

C.

Transparent

D.

Alias address

E.

Time until up

-- Exhibit –

-- Exhibit --

Refer to the exhibits.

Users are able to access the application when connecting directly to the web server but are unsuccessful when connecting to the virtual server. Return traffic bypasses the LTM device using Layer 2 nPath routing.

Which configuration change resolves this problem?

A.

Enable a SNAT pool on the LTM device.

B.

Disable address translation on the LTM device.

C.

Configure a route on the web server to the client subnet.

D.

Configure the virtual server to listen on port 80 on the LTM device.

E.

Configure the VIP address on the loopback interface of the web server.

A stand-alone LTM device is to be paired with a second LTM device to create an active/standby pair. The current stand-alone LTM device is in production and has several VLANs with floating IP addresses configured. The appropriate device service clustering (DSC) configurations are in place on both LTM devices.

Which two non-specific DSC settings should the LTM Specialist configure on the second LTM device to ensure no errors are reported when attempting to synchronize for the first time? (Choose two.)

A.

pools

B.

VLANs

C.

default route

D.

self IP addresses

The following decoded TCPDump capture shows the trace of a failing health monitor.

00:00:13.245104 IP 10.29.29.60.51947 > 10.0.0.12.http: P 1:59(58) ack 1 win 46 out slot1/tmm3 lis=

0x0000: 4500 006e 3b19 4000 4006 ce0c 0a1d 1d3c E..n;.@.@......<

0x0010: 0a00 000c caeb 0050 8be5 aca3 dd65 e3e1 .......P.....e..

0x0020: 8018 002e 1b41 0000 0101 080a 94b3 5b5c .....A........[\

0x0030: 0e30 90ad 4745 5420 2f74 6573 745f 7061 .0..GET./test_pa

0x0040: 6765 2e68 746d 6c20 4854 5450 312e 310d ge.html.HTTP1.1.

0x0050: 0a48 6f73 743a 200d 0a43 6f6e 6e65 6374 .Host:...Connect

0x0060: 696f 6e3a 2043 6c6f 7365 0d0a 0d0a 0105 ion:.Close......

0x0070: 0100 0003 00 .....

00:00:13.245284 IP 10.0.0.12.http > 10.29.29.60.51947: . ack 59 win 362 in slot1/tmm3 lis=

0x0000 0ffd 0800 4500 00c9 6f68 4000 8006 755d ....E...oh@...u]

0x0010 0a29 0015 0a29 0103 0050 e0d6 4929 90eb .)...)...P..I)..

0x0020 6f12 d83c 8019 fab3 9b31 0000 0101 080a o..<.....1......

0x0030 0068 4e10 5240 6150 4854 5450 2f31 2e31 .hN.R@aPHTTP/1.1

0x0040 2034 3030 2042 6164 2052 6571 7565 7374 .400.Bad.Request

0x0050 0d0a 436f 6e74 656e 742d 5479 7065 3a20 ..Content-Type:.

0x0060 7465 7874 2f68 746d 6c0d 0a44 6174 653a text/html..Date:

0x0070 2054 6875 2c20 3231 204a 616e 2032 3031 .Mon,.01.Jan.201

0x0080 3020 3138 3a35 383a 3537 2047 4d54 0d0a 2.00:00:01.GMT..

0x0090 436f 6e6e 6563 7469 6f6e 3a20 636c 6f73 Connection:.clos

0x00a0 650d 0a43 6f6e 7465 6e74 2d4c 656e 6774 e..Content-Lengt

0x00b0 683a 2032 300d 0a0d 0a3c 6831 3e42 6164 h:.20....

Bad

0x00c0 2052 6571 7565 7374 3c2f 6831 3e .Request

The health monitor is sending the string shown in the capture; however, the server response is NOT as expected. The correct response should be an HTML page including the string 'SERVER IS UP'.

What is the issue?

A.

The /test_page.html does NOT exist on the web server.

B.

Incorrect syntax in send string. 'HTTP1.1' should be 'HTTP/1.1'.

C.

Incorrect syntax in send string. 'Connection: Close' should be 'Connection: Open'.

D.

The wrong HTTP version is specified in the send string. Version 1.2 should be used instead of version 1.1.

A user is having issues with connectivity to an HTTPS virtual server. The virtual server is on the LTM device's external vlan, and the pools associated with the virtual server are on the internal vlan. An LTM Specialist does a tcpdump on the external interface and notices that the host header is incomplete.

In which location should the LTM Specialist put a traffic analyzer to gather the most pertinent data?

A.

server

B.

external VLAN

C.

internal VLAN

D.

client machine

An LTM Specialist configured a virtual server to load balance a custom application. The application works when it is tested from within the firewall but it fails when tested externally. The pool member address is 192.168.200.10:80. A capture from an external client shows:

GET /index.jsp HTTP/1.1

Host: 207.206.201.100

User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:15.0) Gecko/20100101 Firefox/15.0.1

Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8

Connection: keep-alive

HTTP/1.1 302 Found

DatE. Wed, 17 Oct 2012 23:09:55 GMT

Server: Apache/2.2.15 (CentOS)

Location: http://192.168.200.10/user/home.jsp

Content-LengtH. 304

Connection: close

What is the solution to this issue?

A.

Assign a SNAT pool to the virtual server.

B.

Add a Web Acceleration Profile to the virtual server.

C.

Configure redirect rewrite option in the HTTP profile.

D.

Configure a content filter on the backend web server.

-- Exhibit –

-- Exhibit --

Refer to the exhibits.

An LTM Specialist is troubleshooting an issue with one of the virtual servers on an LTM device, and all requests are receiving errors. Testing directly against the server generates no errors. The LTM Specialist has captured the request and response on both client and server sides of the LTM device.

What should the LTM Specialist do to fix this issue?

A.

Remove "header-erase Host" in http profile.

B.

Configure SNAT Automap on the virtual server.

C.

Assign OneConnect profile to the virtual server.

D.

Set "redirect-rewrite" to "selective" in http profile.

-- Exhibit –

-- Exhibit --

Refer to the exhibit.

Users receive an error when attempting to connect to the website https://website.com. The website has a DNS record of 195.56.67.90. The upstream ISP has confirmed that there is nothing wrong with the routing between the user and the LTM device.

The following tcpdump outputs have been captured:

External Vlan, filtered on IP 168.210.232.5

00:25:07.598519 IP 168.210.232.5.33159 > 195.56.67.90.https: S 1920647964:1920647964(0) win 8192

00:25:07.598537 IP 195.56.67.90.https > 168.210.232.5.33159: S 2690691360:2690691360(0) ack 1920647965 win 4350

00:25:07.598851 IP 168.210.232.5.33160 > 195.56.67.90.https: S 2763858764:2763858764(0) win 8192

00:25:07.598858 IP 195.56.67.90.https > 168.210.232.5.33160: S 1905576176:1905576176(0) ack 2763858765 win 4350

Internal Vlan, filtered on IP 168.210.232.5

00:31:46.171124 IP 168.210.232.5.33202 > 192.168.100.20.http: S 2389057240:2389057240(0) win 4380

What is the problem?

A.

The filters on the tcpdumps are incorrect.

B.

The DNS entry for website.com is incorrect.

C.

The virtual server 'WEBSERVICES1' is listening on the incorrect port.

D.

The firewall is dropping the connection coming from the pool members returned to the client.

E.

The subnet masks of the pool members of pool WebServices1 and the f5 'Internal' Vlan are incorrect.