Which statement is true concerning cookie persistence?
A.
Cookie persistence allows persistence independent of IP addresses.
B.
Cookie persistence allows persistence even if the data are encrypted from client to pool
member.
C.
Cookie persistence uses a cookie that stores the virtual server, pool name, and member IP
address in cleartext.
D.
If a client's browser accepts cookies, cookie persistence will always cause a cookie to be
written to theclient's file system.
Cookie persistence allows persistence independent of IP addresses.
Assume a virtual server has a ServerSSL profile. What SSL certificates are required on the pool
members?
A.
No SSL certificates are required on the pool members.
B.
The poolmembers SSL certificates must only exist.
C.
The poolmembers SSL certificates must be issued from a certificate authority.
D.
The poolmembers SSL certificates must be created within the company hosting the BIG-IPs.
The poolmembers SSL certificates must only exist.
Assume a virtual server is configured with a ClientSSL profile. What would the result be if the
virtual server's destination port were not 443?
A.
SSL termination could not be performed if the virtual server's port was not port 443.
B.
Virtual servers with aClientSSL profile are always configured with a destination port of 443.
C.
As long as client traffic was directed to the alternate port, the virtual server would work as
intended.
D.
Since the virtual server is associated with aClientSSL profile, it will always process traffic sent
to port 443.
As long as client traffic was directed to the alternate port, the virtual server would work as
intended.
Which is an advantage of terminating SSL communication at the BIG-IP rather than the ultimate
web server?
A.
Terminating SSL at the BIG-IP can eliminate SSL processing at the web servers.
B.
Terminating SSL at the BIG-IP eliminates all un-encrypted traffic from the Internal network.
C.
Terminating SSL at the BIG-IP eliminates the need to purchase SSL certificates from a
certificate authority.
D.
Terminating SSL at the BIG-IP eliminates the need to use SSL acceleration hardware
anywhere in thenetwork.
Terminating SSL at the BIG-IP can eliminate SSL processing at the web servers.
Assume a client's traffic is being processed only by a NAT; no SNAT or virtual server processing takes place.
Also assume that the NAT definition specifies a NAT address and an origin address while all other
settings are left at their defaults. If the origin server were to initiate traffic via the BIG-IP, what
changes, if any, would take place when the BIG-IP processes such packets?
A.
The BIG-IP would drop the request since the traffic didnt arrive destined to the NAT address.
B.
The source address would not change, but the destination address would be changed to the
NAT address.
C.
The source address would be changed to the NAT address and destination address would be
leftunchanged.
D.
The source address would not change, but the destination address would be changed to a self-
IP of theBIG-IP.
The source address would be changed to the NAT address and destination address would be
leftunchanged.
A site wishes to perform source address translation on packets arriving from the Internet for clients
using some pools but not others. The determination is not based on the client's IP address, but on
the pool they are load balanced to. What could best accomplish this goal?
A.
A SNAT for all addresses could be defined, and then disable the SNAT processing for select
pools.
B.
The decision to perform source address translation is always based on VLAN. Thus, the goal
cannot beachieved.
C.
For each virtual server, regardless their default load balancing pools, association with SNAT
pools couldvary dependent upon need.
D.
The decision to perform source address translation is always based on a client's address (or
network).Thus, this goal cannot be achieved.
A SNAT for all addresses could be defined, and then disable the SNAT processing for select
pools.
Which two statements are true about SNATs? (Choose two.)
A.
SNATs are enabled on all VLANs, by default.
B.
SNATs can be configured within a Profile definition.
C.
SNATs can be configured within a Virtual Server definition.
D.
SNAT's are enabled only on the VLAN where origin traffic arrives, by default
SNATs are enabled on all VLANs, by default.
SNATs can be configured within a Virtual Server definition.
A BIG-IP has two load balancing virtual servers at 150.150.10.10:80 and 150.150.10.10:443. The
port 80 virtual server has SNAT automap configured. There is also a SNAT configured at
150.150.10.11 set for a source address range of 200.200.1.0 / 255.255.255.0. All other settings
are at their default states. If a client with the IP address 200.200.1.1 sends a request to
https://150.150.10.10, what is the source IP address when the associated packet is sent to the
pool member?
A.
200.200.1.1
B.
150.150.10.11
C.
Floating self IP address on VLAN where the packet leaves the system
D.
Floating self IP address on VLAN where the packet arrives on the system
150.150.10.11
Which statement is true concerning SNATs using automap?
A.
Only specified self-IP addresses are used as automap addresses.
B.
SNATs using automap will translate all client addresses to an automap address.
C.
A SNAT using automap will preferentially use a floating self-IP over a non-floating self-IP.
D.
A SNAT using automap can be used to translate the source address of all outgoing traffic to the
sameaddress regardless of which VLAN the traffic is sent through.
A SNAT using automap will preferentially use a floating self-IP over a non-floating self-IP.
Which two statements are true about NATs? (Choose two.)
A.
NATs support UDP, TCP, and ICMP traffic.
B.
NATs can be configured with mirroring enabled or disabled.
C.
NATs provide a one-to-one mapping between IP addresses.
D.
NATs provide a many-to-one mapping between IP addresses
NATs support UDP, TCP, and ICMP traffic.
NATs provide a one-to-one mapping between IP addresses.
| Page 3 out of 43 Pages |
| Previous |
Copyright © - All Rights Reserved