• Home
  • Articles
  • Updated Sep-2022 Exam Engine for 303 Exam Free Demo & 365 Day Updates [Q236-Q261]

Updated Sep-2022 Exam Engine for 303 Exam Free Demo & 365 Day Updates [Q236-Q261]

Share

Updated Sep-2022 Exam Engine for 303 Exam Free Demo & 365 Day Updates

Exam Passing Guarantee 303 Exam with Accurate Quastions!

NEW QUESTION 236
The output of a tmsh command is: ------------------------------------------------------------ Net::Interface Name Status Bits Bits Errs Errs Drops Drops Colli In Out In Out In Out sions
------------------------------------------------------------ 1.1 down 0 0 0 0 0 0 0 1.2 up 191.4K 0 0 0 374 0 0 1.3 down 0 0 0 0 0 0 0 1.4 up 22.5K 0 0 0 44 0 0 2.1 miss 0 0 0 0 0 0 0 2.2 miss 0 0 0 0 0 0 0 mgmt up 43.2G
160.0G 0 0 0 0 0
Which command was executed on the LTM device to show the output?

  • A. tmsh show /net interface
  • B. tmsh show /net interface status
  • C. tmsh /net show interface status
  • D. tmsh /net show interface

Answer: A

 

NEW QUESTION 237
An LTM Specialist needs to deploy a virtual server that will load balance traffic targeting
https://register.example.com to a set of three webservers. Persistence needs to be ensured. No persistence mirroring is allowed SSL offloading is required.
A fourth web server with fewer resources will be used to handle requests from engine bots to
https://register.example.comvrobots.txt by an iRule. The(Rule will use the HTTP_REQUEST event. .
What are the required profile and persistence settings to implement this

  • A. tcp, clientssl, http, serverssl cookie persistence
  • B. tcp, clientssl, http. cookie persistence
  • C. tcp, clientssl, serverssl, ssl persistence
  • D. tcp. dientssl, hup, source address persistence

Answer: B

Explanation:
Explanation
The option is wrong, it should be clientssl and serverssl. If the title requires ssl offload instead of encryption, you need clientssl instead of serverssl. irule needs HTTP profile to enable HTTP_REQUEST. If the session cannot be mirrored, the cookie session remains to meet the demand.

 

NEW QUESTION 238
The BIG-IP Administrator needs to perform a BIG-IP device upgrade to the latest version of TMOS. Where can the administrator obtain F5 documentation on upgrade requirements?

  • A. Local Traffic > Pools
  • B. Network > Interfaces
  • C. Local Traffic > Virtual Servers
  • D. iHealth
  • E. AsKFS

Answer: A

 

NEW QUESTION 239
A BIG-IP Administrator upgrades the BIG-IP LTM to a newer software version. After the administrator reboots into the new volume, the Configuration fails to load. Why is the Configuration failing to load?

  • A. The license needs to be reactivated before the upgrade.
  • B. A minimum of at least two reboots is required.
  • C. Connectivity to the DNS server failed to be established.
  • D. The upgrade was performed on the standby unit.

Answer: A

 

NEW QUESTION 240
An TLM Specialist needs to configure a virtual server to terminate SSL connection on the LTM device.
Cryptographic information must be re-authorized for SSL sessions that remain open for longer than 30 seconds.
Which settings should the LTM Specialist configure in the client SSL profile?

  • A. set the Renegotiate Max Record Delay to 30
  • B. set the Handshake Timeout to 30 seconds
  • C. set the Renegotiate Period to 30 seconds
  • D. enable Require Peer SN1 Support

Answer: C

 

NEW QUESTION 241
A web server's default gateway is the network router. The LTM Specialist needs to introduce an LTM device to load balance to the web servers without changing the server's default gateway.
Which deployment method and settings should the LTM Specialist use to ensure correct traffic flow and that the web servers can obtain the actual con IP addresses?

  • A. SNAT deployment with automap configured and X-Forwarded-For inserted in HTTP headers
  • B. route deployment without SNAT configuration
  • C. route deployment with Automap configured and X-Forwarded-For inserted in HTTP headers
  • D. SNAT deployment with automap configured

Answer: A

 

NEW QUESTION 242
OneLTM device in an HA pair of LTM devices is unable to reach its default gateway. An HA Failover event needs to happen.
Which configuration item enables this behavior?

  • A. Gateway pool
  • B. Gateway pool monitor
  • C. Gateway Fail Safe
  • D. iRule

Answer: C

 

NEW QUESTION 243
A BIG-IP Administrator wants to add a new Self IP to the BIG-IP device. Which item should be assigned to the new Self IP being configured?

  • A. Trunk
  • B. VLAN
  • C. Interface
  • D. Route

Answer: B

 

NEW QUESTION 244
-- Exhibit -

-- Exhibit --
Refer to the exhibit.
An LTM Specialist creates a virtual server to load balance traffic to a pool of HTTPS servers. The servers use client certificates for user authentication. The virtual server has clientssl, serverssl, and http profiles enabled.
Clients are unable to connect to the application through the virtual server, but they are able to connect to the application servers directly.
Which change to the LTM device configuration will resolve the problem?

  • A. Use the serverssl-insecure-compatible serverssl profile.
  • B. Install the client's issuing Certificate Authority certificate on the LTM device.
  • C. Configure the clientssl profile to require a client certificate.
  • D. Install the server certificate/key and enable Proxy SSL.

Answer: D

 

NEW QUESTION 245
A BIG-IP Administrator need to ensure that a pool member and down by the monitor the BIG-IP system sends existing connections to another be pool member.
Which should the BIG-IP Administrator perform to meet this goal?

  • A. Set Action Service Down setting under the pool configuration to reselect.
  • B. Enable mirroring within the persistence profile.
  • C. Reconfigure the pool motor members as UP.
  • D. Set Action on Service Down sing under the server configuration to reselect.

Answer: A

 

NEW QUESTION 246
A BIG-IP Administrator needs to determine which pool members in a pool have been manually forced offline and are NOT accepting any new traffic. Which status icon indicates this?
A)

B)

C)

D)

  • A. Option
  • B. Option
  • C. Option
  • D. Option

Answer: D

 

NEW QUESTION 247
An LTM Specialist sees these entries in /var/log/ltm:
Oct 25 03:34:31 tmm warning tmm[7150]: 01260017:4: Connection attempt to insecure SSL server (see RFC5746) aborteD. 172.16.20.1:443 Oct 25 03:34:32 tmm warning tmm[7150]: 01260017:4: Connection attempt to insecure SSL server (see RFC5746) aborteD. 172.16.20.1:443 Oct 25 03:34:32 tmm warning tmm[7150]: 01260017:4: Connection attempt to insecure SSL server (see RFC5746) aborteD. 172.16.20.1:443 Oct 25 03:34:32 tmm warning tmm[7150]: 01260017:4: Connection attempt to insecure SSL server (see RFC5746) aborteD. 172.16.20.1:443 Oct 25 03:34:32 tmm warning tmm[7150]: 01260017:4: Connection attempt to insecure SSL server (see RFC5746) aborteD. 172.16.20.1:443 Oct 25 03:34:33 tmm warning tmm[7150]: 01260017:4: Connection attempt to insecure SSL server (see RFC5746) aborteD. 172.16.20.1:443 Assume 172.16.20.0/24 is attached to the VLAN "internal." What should the LTM Specialist use to troubleshoot this issue?

  • A. ssldump -i internal host 172.16.20.1
  • B. curl -d - -k https://172.16.20.1
  • C. tcpdump -i internal host 172.16.20.1 > /shared/ssl.pcap
    ssldump < /shared/ssl.pcap
  • D. tcpdump -s 64 -i internal -w /shared/ssl.pcap host 172.16.20.1
    ssldump -r /shared/ssl.pcap

Answer: A

 

NEW QUESTION 248
An LTM Specialist needs to rewrite text within an HTML response from a web server. A client is sending the HTTP request below:
GET / HTTP/1.1
Host: www.f5.com
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:16.0) Gecko/20100101 Firefox/16.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-LanguagE. en-US,en;q=0.5 Accept-EncodinG. gzip, deflate Cache-Control: no-cache Connection: keep-alive CookiE. somecookie=1 Although a stream profile has been added to the virtual server, the content within the HTTP response is NOT being matched, and therefore NOT modified.
Which HTTP header should the LTM Specialist remove from the request to ensure the content can be matched and modified?

  • A. Accept
  • B. Connection
  • C. Cache-Control
  • D. Accept-Encoding

Answer: D

 

NEW QUESTION 249
-- Exhibit -

-- Exhibit --
Refer to the exhibit.
Which pool can be removed without affecting client traffic?

  • A. ftp_pool
  • B. http_pool
  • C. server_pool
  • D. server1_80

Answer: C

 

NEW QUESTION 250
An application is configured on an LTM device:
Virtual server: 10.0.0.1:80 (VLAN vlan301)
SNAT IP: 10.0.0.1
Pool members: 10.0.1.1:8080, 10.0.1.2:8080, 10.0.1.3:8080 (VLAN vlan302) Which packet capture should the LTM Specialist perform on the LTM device command line interface to capture only server traffic specifically for this application?

  • A. tcpdump -ni 0.0:nnn -s 0 '(port 80 and host 10.0.0.1) or (port 8080 and host 10.0.1.1 or host 10.0.1.2 or host 10.0.1.3)' -w /var/tmp/trace.cap
  • B. tcpdump -ni vlan301 -s 0 'port 80 and host 10.0.0.1' -w /var/tmp/trace.cap
  • C. tcpdump -ni 0.0:nnn -s 0 'host 10.0.0.1' -w /var/tmp/trace.cap
  • D. tcpdump -ni vlan302 -s 0 'port 8080 and (host 10.0.1.1 or host 10.0.1.2 or host 10.0.1.3)' -w
    /var/tmp/trace.cap

Answer: D

 

NEW QUESTION 251
Which iRule will instruct the client's browser to avoid caching HTML server responses?

  • A. when HTTP_REQUEST {
    if {[HTTP::header Content-Type] contains "html"} {
    HTTP::header insert Pragma "no-cache"
    HTTP::header insert Expires "Fri, 01 Jan 1990 00:00:00 GMT"
    HTTP::header replace Cache-Control "no-cache,no-store,must-revalidate"
    }
    }
  • B. when HTTP_RESPONSE {
    if {[HTTP::header Content-Type] equals "html"} {
    HTTP::header insert Pragma "no-cache"
    HTTP::header insert Expires "Fri, 01 Jan 1990 00:00:00 GMT"
    HTTP::header replace Cache-Control "no-cache,no-store,must-revalidate"
    }
    }
  • C. when HTTP_RESPONSE {
    if {[HTTP::header Content-Type] contains "html"} {
    HTTP::header insert Pragma "no-cache"
    HTTP::header insert Expires "Fri, 01 Jan 1990 00:00:00 GMT"
    HTTP::header replace Cache-Control "no-cache,no-store,must-revalidate"
    }
    }
  • D. when HTTP_REQUEST {
    if {[HTTP::header Content-Type] equals "html"} {
    HTTP::header insert Pragma "no-cache"
    HTTP::header insert Expires "Fri, 01 Jan 1990 00:00:00 GMT"
    HTTP::header replace Cache-Control "no-cache,no-store,must-revalidate"
    }
    }

Answer: C

 

NEW QUESTION 252
An LTM device receives a response string containing "error"
Which monitor type and parameter will mark the HTTP server as down?

  • A. HTTP monitor, Receive String "error", and set the Reverse option to Yes
  • B. HTTP monitor and Receive String "error'' ... flag is up
  • C. HTTP monitor and Receive DisableString "error'' .... flag is disable
  • D. HTTP monitor. Receive String "down", and set the Reverse option to Yes .... flag is

Answer: A

 

NEW QUESTION 253
An LTM Specialistconfigures a new HTTPS virtual server that contains a valid example.com ssl certificate.
The LTM Special receives an error in the browser when connecting.
What must be added to the SSL Client profile to fix this issue?

  • A. A sell-sign certificate
  • B. A new example com certificate
  • C. A public root certificate
  • D. An intermediate certificate

Answer: D

 

NEW QUESTION 254
Refer to the exhibit.

A pool member fails the monitor checks for about 30 minutes and then starts passing the monitor checks. New traffic is Not being sent to the pool member.
What is the likely reason for this problem?

  • A. Manual resume is enabled
  • B. Monitor Type is TCP Half Open
  • C. Time Until Up is zero
  • D. The pool member is disabled

Answer: A

 

NEW QUESTION 255
Which Virtual Server type prevents the use of a default pool?

  • A. Performance HTTP
  • B. Standard
  • C. Performance (Layer 4)
  • D. Forwarding (IP)

Answer: D

Explanation:
Explanation
Forwarding (IP) cannot be associated with the pool.

 

NEW QUESTION 256
A BIG-IP Administrator adds new Pool Members into an existing, highly utilized pool. Soon after, there are reports that the application is failing to load for some users. What pool level setting should the BIG-IP Administrator check?

  • A. Allow SNAT
  • B. Action On Service Down
  • C. Availability Requirement
  • D. Slow Ramp Time

Answer: D

Explanation:
Explanation
Option ABC is a global configuration, has nothing to do with the new pool member, select D after excluding

 

NEW QUESTION 257
-- Exhibit -

-- Exhibit --
Refer to the exhibits.
An LTM Specialist configures a virtual server for an internal application to perform client-side encryption while allowing the server-side traffic to be unencrypted. Application users report that images are NOT loading through the virtual server; however, images load when going directly to the server.
What should the LTM Specialist configure to allow the images to load through the virtual server?

  • A. Stream profile with source "http:" and target "https:"
  • B. HTTP profile with "SSL Offload" enabled
  • C. HTTP profile with "SSL Offload" disabled
  • D. Stream profile with target "http:" and source "https:"

Answer: A

 

NEW QUESTION 258
-- Exhibit -

-- Exhibit --
Refer to the exhibit.
An LTM Specialist is investigating reports that users are unable to perform some commands through an FTP virtual server. The users are receiving the FTP error "500 Illegal PORT command." The virtual server is configured to SNAT using automap. The LTM Specialist performs a capture on the server side of the LTM device.
Why is the server returning this error?

  • A. Active IP address in LOGIN command
  • B. Active IP address in PORT command
  • C. LIST command disallowed
  • D. PORT command disallowed

Answer: B

 

NEW QUESTION 259
-- Exhibit -

-- Exhibit --
Refer to the exhibit.
Users report that a web application works incorrectly. Sometimes contextual data displayed on the web pages is accurate; other times it is inaccurate.
The LTM administrator looks at the connection table with a filter on one of the client IP addresses currently connected using the command "tmsh show sys connection cs-client-addr 10.0.20.1" with the following results:
10.0.20.1:60048 10.0.20.88:80 10.0.20.1:60048 172.16.20.1:80 tcp 3 (tmm: 0)
10.0.20.1:60050 10.0.20.88:80 10.0.20.1:60050 172.16.20.3:80 tcp 3 (tmm: 0)
10.0.20.1:60047 10.0.20.88:80 10.0.20.1:60047 172.16.20.2:80 tcp 3 (tmm: 0)
10.0.20.1:60049 10.0.20.88:80 10.0.20.1:60049 172.16.20.1:80 tcp 3 (tmm: 0) What is the solution to the problem?

  • A. Synchronize the clock of the LTM device with NTP.
  • B. Modify the setup of the monitor bound to the pool used by the application.
  • C. Set up an HTTP cookie insert profile in the virtual server.
  • D. Modify the load balancing method attached to the pool.

Answer: C

 

NEW QUESTION 260
When importing a PEM formatted SSL certificate, which text needs to appear first in the file?

  • A. ...BEGIN CERTIFICATE....
  • B. ...SSL CERTIFICATE....
  • C. ...SECURITY CERTIFICATE....
  • D. --START CERTIFICATE....

Answer: A

 

NEW QUESTION 261
......

Exam Questions for 303 Updated Versions With Test Engine: https://examsites.premiumvcedump.com/F5/valid-303-premium-vce-exam-dumps.html

Related Articles

more
F5 303 Certification Practice Exam