1. Home
  2. F5
  3. BIG-IP ASM
  4. 303
  5. BIG-IP ASM Specialist Questions and Answers

Pass the F5 BIG-IP ASM 303 Questions and answers with CertsForce

 F5 Exams      Go to Exam Detail      Get Premium Access
Viewing page 1 out of 11 pages
Viewing questions 1-15 out of questions
Questions # 1:

A BIG-IP Administrator configures a Virtual Server. Users report that they always receive a TCP RST packet to the BIG-IP system when attempting to connect to it. What is the possible reason for this issue?

Options:
A.

The virtual server Type is set to Internal

B.

The virtual server Type is set to Reject

C.

The virtual server Type is set to Drop

D.

The virtual server Type is set to Stateless

Expert Solution
Questions # 2:

A BIG-IP Administrator discovers malicious brute-force attempts to access the BIG-IP device on the management interface via SSH. The BIG-IP Administrator needs to restrict SSH access to the

management interface.

Where should this be accomplished?

Options:
A.

System > Configuration

B.

Network > Interfaces

C.

Network > Self IPs

D.

System > Platform

Expert Solution
Questions # 3:

Which method is recommended for creating a new user from the CLI?

Options:
A.

Run f5adduser username' then 'f5passwd username' from bash or tmsh

B.

Run tmsh create auth user username prompt for password' from bash

C.

edit bigip.conf to add the new user and the user's clear-text password

D.

Run useradd username' then 'passwd username' from bash tmsh

Expert Solution
Questions # 4:

-- Exhibit –

Question # 4

Question # 4

-- Exhibit --

Refer to the exhibits.

A customer requests to offload SSL for an internal website. The front page of the website loads correctly; however, selecting links on the page fails.

How should the LTM Specialist fix the issue?

Options:
A.

Create a new SNAT pool.

Add internal network IPs to the SNAT pool.

Add the SNAT pool to the VS.

B.

Create a new HTTP profile.

Enable Insert X-Forwarded-For.

Add the new HTTP profile to the VS.

C.

Create a new HTTP profile.

Enable redirect rewrite.

Add the new HTTP profile to the VS.

D.

Create a new Server SSL profile.

Enable Proxy SSL.

Add the Server SSL profile to the VS.

Expert Solution
Questions # 5:

-- Exhibit –

Question # 5

-- Exhibit --

Refer to the exhibit.

Which pool can be removed without affecting client traffic?

Options:
A.

ftp_pool

B.

http_pool

C.

server1_80

D.

server_pool

Expert Solution
Questions # 6:

An LTM device is serving an FTP virtual server that has three pool members. The FTP pool members are monitored via TCP port 21. Customers are reporting that they are able to log in, but are sometimes unable to upload files to the server.

Which monitor should the LTM Specialist configure to verify that the servers can handle file uploads?

Options:
A.

FTP

B.

Inband

C.

External

D.

Scripted

E.

Real Server

Expert Solution
Questions # 7:

-- Exhibit –

Question # 7

-- Exhibit --

Refer to the exhibit.

A server administrator notices that one server is intermittently NOT being sent any HTTP requests. The server logs display no issues. The LTM Specialist notices log entries stating the node (172.16.20.1) status cycling between down and up. The pool associated with the virtual server (10.10.1.100) has a custom HTTP monitor applied.

Which tcpdump filter will help trace the monitor?

Options:
A.

tcpdump -i internal port 80 and host 172.16.1.31

B.

tcpdump -i external port 80 and host 10.10.1.100

C.

tcpdump -i internal port 80 and host 172.16.1.33

D.

tcpdump -i external port 80 and host 172.16.20.1

Expert Solution
Questions # 8:

Two LTM devices must be manually configured to restrict in the same Device Group.

What is the correct order of steps to meet this requirement?

Options:
A.

Configure VLAN, Configure-Sync IP, Configure Failover type, Establish Device Trust, Sync Device Trust, Create type, Establish Device Sync Device Trust, Create Device Group.

B.

Configure VLAN, Configure Self-IPs, Configure Config-Sync IP.Configure Failover type, Establish Device Trust, Sync Device Trust, Create Device Group.

C.

Configure Self-IPs, Configure VLAN, Configure Config-Sync IP. Configure Failover type, Establish Device Trust, Sync Device Trust, Create Device Group

D.

Configure VLAN, Configure Config-Sync IP. Configure Self-IPs. Configure Failover type. Establish Device Trust, Create Device Group

Expert Solution
Questions # 9:

Refer to the exhibit.

Question # 9

Which two pool members are eligible to receive new connections? (Choose two)

Options:
A.

10.21.0.102.80

B.

10.21.0.104.80

C.

10.21.0.105.80

D.

10.21.0.101.80

E.

10.21.0.103.80

Expert Solution
Questions # 10:

Refer to the exhibit.

Question # 10

Question # 10

During maintenance, the BIG-IP Administrator manually disables a pool member as shown.

What is the result?

Options:
A.

All pool members continue to process persistent connections

B.

All pool members stop accepting new connections.

C.

The disabled pool member stops processing persistent connections.

D.

The disabled pool member stops processing existing connections

Expert Solution
Questions # 11:

Refer to the exhibit.

Question # 11

A BIG-IP Administrator needs to fall over the active device. The administrator logs into the Configuration

Unity and navigates to Device Management > Traffic Group. However, Force to Standby is greyed out

What is causing this issue?

Options:
A.

The BIG-IP Administrator is NOT logged into command line to tail over

B.

The BIG-IP Administrator is on the Standby Device

C.

The BIG-IP Administrator is logged in as root

D.

The BIG-IP Administrator is logged in as administrator

Expert Solution
Questions # 12:

Refer to the exhibit.

Question # 12

A BIG-IP Administrator needs to configure health monitors for a newly configured server pool named

Pool_B.

Which health monitor settings will ensure that all pool members will be accurately marked as available

or unavailable?

Options:
A.

HTTPS, HTTP, FTP, and ICMP, with the Availability Requirement of all health monitors

B.

HTTPS, HTTP, FTP, and SSH, with the Availability Requirement of at least one monitor

C.

HTTPS and HTTP with the Availability Requirement of at least one health monitor

D.

HTTPS, HTTP, FTP, and SSH with the Availability Requirement of all health monitors

Expert Solution
Questions # 13:

A BIG-IP Administrator plans to resolve a non-critical issue with a BIG-IP device in 2 weeks. What Severity level should be assigned to this type of F5 support ticket?

Options:
A.

4

B.

2

C.

3

D.

1

Expert Solution
Questions # 14:

In an iApp, which configuration protects against accidental changes to an application Services configuration?

Options:
A.

Components

B.

Strict Updates

C.

Name

D.

Template

Expert Solution
Questions # 15:

An LTM Specialist needs to configure asetup for antivirus scanning of HTTP traffic with an internet Contact adaption Protocol (ICAP) server.

Which two server type should be used? (Choose two.)

Options:
A.

Standard

B.

Internal

C.

Performance HTTP

D.

Forwarding IP

E.

Stateless

Expert Solution
Viewing page 1 out of 11 pages
Viewing questions 1-15 out of questions