لا تريد أن تفوت شيئا؟

نصائح اجتياز امتحان الشهادة

آخر أخبار الامتحانات ومعلومات الخصم

برعاية وحديثة من قبل خبرائنا

نعم، أرسل لي النشرة الإخبارية

خذ اختبارات أخرى عبر الإنترنت

السؤال #1
An HTTP class is available
A. on any BIG-IP LTM system
B. only when ASM is licensed
C. only when ASM or WA are licensed
D. only when a specific license key is required
عرض الإجابة
اجابة صحيحة: C
السؤال #2
Which of the following is correct concerning HTTP classes?
A. A single web application can be used by several HTTP classes
B. A virtual server can only have one web application associated with it
C. A single ASM enabled HTTP class can be used by multiple virtual servers
D. Each ASM enabled HTTP class can have several active security policies associated with it
عرض الإجابة
اجابة صحيحة: C
السؤال #3
An LTM has the 3 virtual servers, 2 SNATs, four self IP addresses defined and the networks shown in the exhibit. Selected options for each object are shown below. Settings not shown are at their defaults. Assume port exhaustion has not been reached. A connection attempt is made with a source IP and port of 10.20.100.50:2222 and a destination IP and port of 10.10.2.102:443. When the request is processed, what will be the source and destination IP addresses?
A. Source IP: 10
B. Source IP: 10
C. Source IP: 10
D. The request will be dropped
E. Source IP: 10
F. Source IP: 10
عرض الإجابة
اجابة صحيحة: A
السؤال #4
If the GTM System receives a packet destined for one of its Listener addresses the GTM will process the request _____
A. either through Wide-IP processing or BIND processing
B. through Wide-IP processing and may process it through BIND processing
C. through BIND processing and may process it through Wide-IP processing
D. through Wide-IP processing and BIND processing and choose the best answer between the two
عرض الإجابة
اجابة صحيحة: B
السؤال #5
A site would like to ensure that a given web server's default page is being served correctly prior to sending it client traffic. They assigned the A site would like to ensure that a given web server's default page is being served correctly prior to sending it client traffic. They be assigned the default HTTP monitor to the pool. What would the member status be if it sent an unexpected response to the GET request default HTTP monitor to the pool?
A. The pool member would be marked offline (red)
B. The pool member would be marked online (green)
C. The pool member would be marked unknown (blue)
D. The pool member would alternate between red and green
عرض الإجابة
اجابة صحيحة: BDF
السؤال #6
On a BIG-IP ASM 3600, in standalone mode, which of the following pool configurations is valid?
A. Pool named vs_pool with 1 pool member, no persistence, and no load balancing method
B. Pool named vs_pool with 1 pool member, cookie persistence, and ratio load balancing method
C. Pool named vs_pool with 2 pool members, cookie persistence, and ratio load balancing method
D. Pool named vs_pool with 3 pool members, source IP persistence, and least connections load balancing method
عرض الإجابة
اجابة صحيحة: CE
السؤال #7
A virtual server is listening at 10.10.1.100:80 and has the following iRule associated with it: If a user connects to http://10.10.1.100/foo.html and their browser does not specify a UserAgent, which pool will receive the request?
A. MSIE_pool
B. Mozilla_pool
C. None
D. Unknown
عرض الإجابة
اجابة صحيحة: A
السؤال #8
The Web Application Security Administrator user role can perform which of the following functions? (Choose two.)
A. Modify HTTP class profiles
B. Create new HTTP class profiles
C. Create new Attack signature sets
D. Assign HTTP class profiles to virtual servers
E. Configure Advanced options within the BIG-IP ASM System
عرض الإجابة
اجابة صحيحة: DE
السؤال #9
How do you support non intelligent DNS resolution in an environment with GTM Systems and standard DNS servers? (Choose two.)
A. The GTM System must be a secondary server in all of your zones
B. Your GTM System must delegate some DNS names to the DNS Servers
C. Your DNS servers may delegate some DNS names to the GTM Systems
D. The GTM System may have a Listener set for your DNS server's address
E. The GTM System may have a Listener set for the GTM's loopback address
عرض الإجابة
اجابة صحيحة: D
السؤال #10
A client sends a request to a virtual server http://www.foo.com configured on the BIG-IP ASM System. The virtual server has an HTTP class profile associated with Application Security enabled, all class filters set to match all, and a pool consisting of foo.com members. The virtual server also has a default pool associated with it. When the client sends a request for http://www.foo.com, this traffic will be forwarded to which of the following?
A. The fallback host
B. The default pool
C. The HTTP class profile pool
D. The request will be dropped
عرض الإجابة
اجابة صحيحة: D
السؤال #11
Which two can be a part of a pool's definition? (Choose two.)
A. rule(s)
B. profile(s)
C. monitor(s)
D. persistence type
E. load balancing mode
عرض الإجابة
اجابة صحيحة: AC
السؤال #12
When configuring monitors for individual pool members, which three options can be selected? (Choose three.)
A. inherit the pool's monitor
B. choose a default monitor
C. inherit the Wide-IP's monitor
D. assign a monitor to the specific pool member
E. do not assign any monitor to the specific pool member
عرض الإجابة
اجابة صحيحة: D
السؤال #13
You need to terminate client SSL traffic at the BIG-IP and also to persist client traffic to the same pool member based on a BIG-IP supplied cookie. Which four are profiles that would normally be included in the virtual server's definition? (Choose four.)
A. TCP
B. HTTP
C. HTTPS
D. ClientSSL
E. ServerSSL
F. CookieBased Persistence
عرض الإجابة
اجابة صحيحة: B
السؤال #14
A virtual server is listening at 10.10.1.100:any and has the following iRule associated with it: If a user connects to 10.10.1.100 and port 22, which pool will receive the request?
A. ftp pool
B. telnet pool
C. None
D. Unknown
عرض الإجابة
اجابة صحيحة: B
السؤال #15
What is the purpose of the GTM Systems Address Exclusion List concerning local DNS servers?
A. to prevent probing of specific local DNSs
B. to prevent name resolution to specific Virtual Servers
C. to prevent name resolution for requests from specific local DNSs
D. to prevent probing of any local DNS servers by specific F5 devices
عرض الإجابة
اجابة صحيحة: CD
السؤال #16
Which of the following mitigation techniques is based on anomaly detection? (Choose two)
A. Brute force attack prevention
B. Cross site request forgery prevention
C. Web scraping attack prevention
D. Parameter tampering prevention
عرض الإجابة
اجابة صحيحة: D
السؤال #17
Which statement is true concerning SNATs using automap?
A. Only specified self-IP addresses are used as automap addresses
B. SNATs using automap will translate all client addresses to an automap address
C. A SNAT using automap will preferentially use a floating self-IP over a nonfloating self-IP
D. A SNAT using automap can be used to translate the source address of all outgoing traffic to the same address regardless of which VLAN the traffic is sent through
عرض الإجابة
اجابة صحيحة: B
السؤال #18
A virtual server is defined using a source address based persistence profile. The last five connections were A, B, C, A,
C. Given the conditions shown in the graphic, if a client with IP address 205
A. 10
B. 10
C. 10
D. 10
E. 10
عرض الإجابة
اجابة صحيحة: ABC
السؤال #19
A security audit has determined that your web application is vulnerable to a cross site scripting attack. Which of the following measures are appropriate when building a security policy? (Choose two.)
A. Cookie length must be restricted to 1024 bytes
B. Attack signature sets must be applied to any user input parameters
C. Parameter data entered for explicit objects must be checked for minimum and maximum values
D. Parameter data entered for flow level parameters must allow some metacharacters but not others
عرض الإجابة
اجابة صحيحة: B
السؤال #20
Which dynamic load balancing mode affects load balancing decisions based on path metrics?
A. Packet Rate
B. Completion Rate
C. Least Connections
D. Virtual Server Capacity
عرض الإجابة
اجابة صحيحة: D
السؤال #21
Which statement about Generic Host Servers is true?
A. GTM Systems can initiate a big3d agent on Generic Host Servers
B. GTM Systems cannot provide path metrics for Virtual Servers managed by a Generic Host Server
C. GTM Systems can monitor a Generic Host Server and can cause a Generic Host Server to act as a Statistics Collection Server
D. GTM Systems can monitor a Generic Host Server but cannot cause a Generic Host Server to act as a Statistics Collection Server
عرض الإجابة
اجابة صحيحة: B
السؤال #22
When initially configuring the BIG-IP system using the config utility, which two parameters can be set. (Choose two.)
A. the netmask of the SCCP
B. the IP address of the SCCP
C. the port lockdown settings for the SCCP
D. the netmask of the host via the management port
E. the IP address of the host via the management port
F. the port lockdown settings for the host via the management port
عرض الإجابة
اجابة صحيحة: A
السؤال #23
When initially configuring the BIG-IP System using the config tool, which of the following parameters can be configured? (Choose three.)
A. System hostname
B. Netmask of the management port
C. IP address of the management port
D. Default route of the management port
E. Port lockdown of the management port
عرض الإجابة
اجابة صحيحة: C
السؤال #24
What occurs when a load command is issued?
A. rootBIG-IPsystem[Active][tmos
B. rootBIG-IPsystem[Active][tmos
C. rootBIG-IPsystem[Active][tmos
D. rootBIG-IPsystem[Active][tmos
عرض الإجابة
اجابة صحيحة: C
السؤال #25
There are many user roles configurable on the BIG-IP ASM System. Which of the following user roles have access to make changes to ASM policies? (Choose three.)
A. Guest
B. Operator
C. Administrator
D. Web Application Security Editor
E. Web Application Security Administrator
عرض الإجابة
اجابة صحيحة: B
السؤال #26
A monitor has been defined with an alias port of 443. All other options are left at their defaults. The administrator wishes to assign it to a pool of members where the members' ports vary. Which is the result?
A. For each member, if the member port is not 443, the member will be marked down
B. For each member, the monitor will test member node at port 443
C. For each member
D. This assignment is not allowed since the port do not match
عرض الإجابة
اجابة صحيحة: B
السؤال #27
The BIG-IP ASM System is configured with a virtual server that contains an HTTP class profile and the protected pool members are associated within the HTTP class profile pool definition. The status of this virtual server is unknown (Blue). Which of the following conditions will make this virtual server become available (Green)?
A. Assign a successful monitor to the virtual server
B. Assign a successful monitor to the members of the HTTP class profile pool
C. Associate a fallback host to the virtual server and assign a successful monitor to the fallback host
D. Associate a default pool to the virtual server and assign a successful monitor to the pool members
عرض الإجابة
اجابة صحيحة: A
السؤال #28
Which statement is correct concerning differences between BIG-IP ASM platforms?
A. The 3900 has more ports than the 6800
B. The 3900 and 6800 have the same number of ports
C. The 3900 and 6800 can support both the module and standalone versions of BIG-IP ASM
D. The 3900 can support both module and standalone versions of BIG-IP ASM whereas the 6800 can support only the module version of BIG-IP ASM
عرض الإجابة
اجابة صحيحة: BD
السؤال #29
Which HTTP response code ranges indicate an error condition? (Choose two.)
A. 1xx
B. 2xx
C. 3xx
D. 4xx
E. 5xx
عرض الإجابة
اجابة صحيحة: D
السؤال #30
Which of the following are default settings when using the Policy Builder to build a security policy based on the QA lab deployment scenario? (Choose two.)
A. All learned entities are placed in staging
B. Attack signatures are not placed in staging
C. The security policy is placed in blocking mode
D. Tightening is enabled only on file types and parameters
عرض الإجابة
اجابة صحيحة: AC
السؤال #31
Which of the following methods of protection is not available within the Protocol Security Manager for FTP protection?
A. Session timeout
B. Command length
C. Allowed commands
D. Anonymous FTP restriction
عرض الإجابة
اجابة صحيحة: CDE
السؤال #32
Sensitive parameter is a feature used to hide sensitive information from being displayed in which of the following?
A. Client request
B. Server response
C. GUI and logs of BIG-IP ASM System
D. Configuration file of BIG-IP ASM System
عرض الإجابة
اجابة صحيحة: B
السؤال #33
A site has six members in a pool. Three of the servers are new and have more memory and a faster processor than the others. Assuming all other factors are equal and traffic should be sent to all members, which two load balancing methods are most appropriate? (Choose two.)
A. Ratio
B. Priority
C. Observed
D. Round Robin
عرض الإجابة
اجابة صحيحة: C
السؤال #34
Which of the following methods of protection operates on server responses?
A. Dynamic parameter protection
B. Response code validation and response scrubbing
C. Response code validation and HTTP method validation
D. HTTP RFC compliancy check and metacharacter enforcement
عرض الإجابة
اجابة صحيحة: A
السؤال #35
Which of the following is correct regarding static parameters?
A. A static parameter is stored in a frame cookie
B. A static parameter is predefined by the web application logic
C. A static parameter is learned only by using the Deployment Wizard
D. A static parameter is mapped once when creating the application flow model
عرض الإجابة
اجابة صحيحة: AB
السؤال #36
How is persistence configured?
A. Persistence is an option within each pool's definition
B. Persistence is a profile type; an appropriate profile is created and associated with virtual server
C. Persistence is a global setting; once enabled, load balancing choices are superceded by the persistence method that is specified
D. Persistence is an option for each pool member
عرض الإجابة
اجابة صحيحة: B
السؤال #37
Which statement describes a typical purpose of iRules?
A. iRules can be used to add individual control characters to an HTTP data stream
B. iRules can be used to update the timers on monitors as a server load changes
C. iRules can examine a server response and remove it from a pool if the response is unexpected
D. iRules can be used to look at client requests and server responses to choose a pool member to select for load balancing
عرض الإجابة
اجابة صحيحة: AC
السؤال #38
Which level of parameter assumes the highest precedence in BIG-IP ASM System processing logic?
A. Flow
B. Object
C. Global
D. URL
عرض الإجابة
اجابة صحيحة: A
السؤال #39
Which of the following protocol protections is not provided by the Protocol Security Manager?
A. FTP
B. SSH
C. HTTP
D. SMTP
عرض الإجابة
اجابة صحيحة: C
السؤال #40
Which of the following does not pertain to protecting the Requested Resource (URI) element?
A. File type validation
B. URL name validation
C. Domain cookie validation
D. Attack signature validation
عرض الإجابة
اجابة صحيحة: D
السؤال #41
Assume a virtual server has a ServerSSL profile. What SSL certificates are required on the pool members.
A. No SSL certificates are required on the pool members
B. The pool members SSL certificates must only exist
C. The pool members SSL certificates must be issued from a certificate authority
D. The pool members SSL certificates must be created within the company hosting the BIG-IPs
عرض الإجابة
اجابة صحيحة: B
السؤال #42
There are multiple HTTP class profiles assigned to a virtual server. Each profile has Application Security enabled. Which statement is true?
A. Traffic will process through every HTTP class profile every time
B. Traffic will process through the first HTTP class profile that it matches and then stops
C. Traffic will process through one HTTP class profile and if the traffic matches another profile, BIG-IP System will send a redirect to the client
D. Traffic will only process through the HTTP class profile that it matches but always processes through the whole list and will process through each HTTP class profile it matches
عرض الإجابة
اجابة صحيحة: B
السؤال #43
A site has six members in a pool. All of the servers have been designed, built, and configured with the same applications. It is known that each client's interactions vary significantly and can affect the performance of the servers. If traffic should be sent to all members on a regular basis, which load balancing mode is most effective if the goal is to maintain a relatively even load across all servers.
A. Ratio
B. Priority
C. Observed
D. Round Robin
عرض الإجابة
اجابة صحيحة: DE
السؤال #44
Which of the following statements are incorrect regarding protection of web services? (Choose two.)
A. The BIG-IP ASM System checks to ensure web services use cookies
B. The BIG-IP ASM System parses XML requests and XML responses
C. The BIG-IP ASM System checks to ensure XML documents are well formed
D. The BIG-IP ASM System uses attack signatures to enforce negative security logic
E. The BIG-IP ASM System checks for XML syntax, schema validation, and WSDL validation
عرض الإجابة
اجابة صحيحة: BC
السؤال #45
The current status of a given pool is offline (red). Which condition could explain that state? Assume the descriptions below include all monitors assigned for each scenario.
A. No monitors are currently assigned to any pool, member or node
B. The pool has a monitor assigned to it, and none of the pool members passed the test
C. The pool has a monitor assigned to it, and only some of the pool's members passed the test
D. A monitor is assigned to all nodes and all nodes have passed the test
عرض الإجابة
اجابة صحيحة: A
السؤال #46
What does the BIG-IP_add script do?
A. add BIG-IP servers to the wideip
B. add an existing GTM System to a sync group
C. synchronize configuration files between BIG-IP Systems
D. exchange web certificates and keys between BIG-IP Systems
عرض الإجابة
اجابة صحيحة: ADE
السؤال #47
Which file contains the list of events for which the GTM System will send traps to an SNMP manager?
A. /etc/snmpd
B. /etc/syslogng
C. /etc/alertd/alert
D. /etc/gtm_snmptrap
عرض الإجابة
اجابة صحيحة: B
السؤال #48
How is traffic flow through transparent virtual servers different from typical virtual servers?
A. Traffic flow through transparent virtual servers must be forwarded through a single routing device
B. Traffic flow through transparent virtual servers does not have IP address translation performed
C. Traffic flow through transparent virtual severs is not load balanced
D. Traffic flow through transparent virtual servers is bridged (leave IP and MAC
عرض الإجابة
اجابة صحيحة: C

عرض الإجابات بعد التقديم

يرجى إرسال البريد الإلكتروني الخاص بك والواتس اب للحصول على إجابات الأسئلة.

ملحوظة: يرجى التأكد من صلاحية معرف البريد الإلكتروني وWhatsApp حتى تتمكن من الحصول على نتائج الاختبار الصحيحة.

بريد إلكتروني:
رقم الواتس اب/الهاتف: