1. Server to server communication using SOAP is dependent upon which two technologies?

(Choose two.)
an authentication protocol such as RADIUS
the message format XML
a database such as SQL
a transport protocol such as HTTP
file sharing using SMB
2. Which F5 product provides de-duplication, compression, and application optimizations?
GTM
APM
ASM
AAM
3. What is the most efficient certificate revocation method?
Server certificate attribute validation
Client certificate attribute validation
Online Certificate Status Protocol
Online Certificate Revocation List
4. An administrator needs to provide additional application layer security for SMTP and FTP
traffic.
Which F5 product provides this functionality?
LTM
GTM
AFM
ASM
5. What are two main benefits of the BIG-IP system redundancy? (Choose two.)
Devices can transfer some of its extra load to one or more devices with less load in the same
device group.
Devices can determine which device should become active based on STP changes in the
network.
Devices can mirror connections to a peer device to prevent interruption in service during
failover.
Devices can synchronize its configuration data for up to 64 BIG-IP devices on a network.
Devices can fail over to one of many available devices.
6. Which method does TCP use to ensure that the contents of a packet are unchanged when it
reaches the destination host?
The sender sends an ACK packet with the total received bytes of the previous packet, and the
receiver validates that the ACK contains the appropriate number of bytes.
The sender includes a calculated content-length TCP header, and the receiver ensures it receives
the correct amount of data.
The sender includes a calculated checksum in the TCP header, and the receiver recalculates the
checksum and validates the received value.
The sender sends an ACK packet in order to ensure that the packet was received correctly.
7. HTTP/1.0 requests are made to a server that supports only HTTP version 1.1.
Which header is required to avoid a “400 Bad Request” response code in this situation?
Accept-Encoding
Connection
Host
Location
8. What would cause a packet’s TCP checksum to be incorrect at the destination?
The packet has arrived at the correct destination, but out of sequence.
The packet was corrupted in transmission.
The packet has arrived at the correct destination, but was fragmented in transit.
The packet was temporarily lost in transmission.
9. Which type of failover is required for a group with more than two BIG-IP devices?
application failover
network failover
serial failover
VLAN failover
10. Which LDAP syntax is correct when asked to reference a specific User Object with an LDIF
formatted distinguished name?
CN=jdoe.OU=users.DC=company.DC=com
ldap://jdoe/users/company/com
ldap://Cn=jdoe/ou=users/dc=company/dc=com
CN=jdoe,OU=users,DC=company,DC=com

QUESTION 1
An administrator is deploying four identical servers to perform load balanced
DNS.
What is the correct configuration to accomplish this?
A. round robin load balancing with simple persistence
B. ratio load balancing with cookie persistence
C. ratio load balancing with simple persistence
D. round robin load balancing without persistence

D or A

QUESTION 2
When load balancers are used to manage application traffic, why are health
monitors important?
A. to signal servers to be ready for client traffic
B. to determine if traffic should be sent to a server
C. to keep connections from timing out
D. to avoid congestion on the network

B
QUESTION 3
What is the initial sequence number during the TCP 3-way handshake?
A. the Julian date minus 1
B. the source port of the client system
C. the destination port of the server system
D. a random number

QUESTION 4
An administrator is deploying an HTTP site that will be accessed by users who
reside behind a large internet proxy.
Which type of persistence should the administrator use?
A. destination address affinity
B. source address affinity
C. SSL session persistence
D. cookie persistence

QUESTION 5
What is the purpose of using persistence when load balancing?
A. to ensure that clients’ requests are not redirected to servers that are marked as
down
B. to ensure that client requests are directed to the same server during the life of
a session
C. to ensure that client requests are evenly distributed among the servers
D. to ensure that the servers run faster

QUESTION 6
A client initiates a TCP connection to the load balancer. The load balancer
opens a new TCP connection to the server.
What is this called?
A. passthrough connection
B. half proxy connection
C. asynchronous connection
D. full proxy connection

QUESTION 7
In which scenario is a packet forwarding architecture sufficient?
A. when the client connection and server connection should decoupled
B. when layer 4 load balancing is demanded
C. when SSL offloading is used
D. when content based load balancing is demanded

7B

QUESTION 8
If a pool member has been marked DOWN by a monitor, what will be the
result?
A. That pool member will receive the same level of traffic regardless of the state
B. That pool member will still receive traffic but will redirect it to other servers.
C. That pool member will only receive traffic for existing connections.
D. That pool member will not receive any more traffic until it comes up.

8D

QUESTION 9
In which scenario is a packet forwarding architecture sufficient?
A. when HTTP headers must be modified
B. when load balancing based on IP address is required
C. when cookie persistence is demanded
D. when SSL offloading is performed to reduce the Server load

9B

QUESTION 10
At a minimum, which two objects are required in order to achieve load
balancing? (Choose two.)
A. an HTIP profile
B. a health check
C. a persistence profile
D. an IP address
E. destination servers

10 D E

QUESTION 1
What is the correct result of the BIG-IP ConfigSync process?
A. If a file in a synchronized directory is deleted, the corresponding file on the
peer unit is deleted by the
ConfigSync process as well.
B. If changes have been made to the shared configuration on both units, all the
changes on each unit will be synchronized.
C. Any changes made to networking part of configuration will be synchronized
to the peer unit.
D. If changes have been made to the shared configuration on both units, any
changes that were made on the target unit will be lost.

1 D – https://support.f5.com/csp/article/K7024
QUESTION 2
An administrator needs to restrict the HTTP methods that a client can use to
interact with an application.
Which F5 feature provides this functionality?
A. Streaming profiles
B. HTTP profiles
C. iControl
D. iRules
2 B/D

QUESTION 3
A pair of load balancers is configured so that each device is processing traffic
and is ready to take over for the other if failover occurs.
Which type of configuration is this an example of?
A. standby-active
B. active-standby
C. active-active
D. standby-standby

3C

QUESTION 4
An administrator updates an HTTP application. The resource layout changes,
and the users’ bookmarks no longer work.
Which F5 feature can solve this problem quickly?
A. iApp
B. iControl
C. iRules
D. iSession

4C

QUESTION 5
What is an advantage of deploying applications using iApps?
A. It reduces the complexity of iRules.
B. It ensures more secure applications.
C. It provides a single configuration language to deploy an application.
D. It provides a significant reduction of time to deploy an application.

5D

QUESTION 6
An administrator has been asked to create a template to deploy an application
traffic management solution on many BIG-IP devices.
Which F5 technology should the administrator use?
A. iRules
B. iControl
C. iApps
D. iSessions

6C
QUESTION 7
What does the existence of an open network socket in listening state on the host
indicate?
A. It is the client.
B. It is the server.
C. It is a peer unit
D. It is an API socket.

7B

QUESTION 8
Which F5 feature provides custom Data Loss Prevention (DLP)?
A. TCP profile
B. SSL profile
C. iRules
D. iControl

8C

QUESTION 9
Which F5 technology allows an administrator to create application-centric
views of BIG-IP configuration objects?
A. iRules
B. iApps
C. iControl
D. iSessions

9B

QUESTION 10
In which scenario is a full proxy TCP connection required?
A. when access lists are enabled
B. when SYN cookie DOS protection is enabled
C. when caching is enabled
D. when connection mirroring is enabled

10 C
QUESTION 11
An administrator has a specific file that is requested frequently on the web
application. How can the administrator reduce traffic to the servers?
A. serve the file from RAM cache
B. enable file compression
C. use a longer packet TTL
D. use TCP optiization

11 A

QUESTION 12
In which scenario is a full proxy TCP connection required?
A. when enabling TCP routing on the external facing interface of the load
balancer
B. when configuring different maximum segment sizes on the client and server
sides of the load balancer
C. when changing the source IP address when crossing from the client to the
server side of the load balancer
D. when passing the client IP address to originating servers

12 C

QUESTION 13
In which security model is all traffic denied by default?
A. rule-based security model
B. positive security model
C. negative security model
D. role-based security model

13 C

QUESTION 14
Which security model can be deployed most rapidly to protect a web
application?
A. ACL security model
B. negative security model
C. open security model
D. positive security model

14 B

QUESTION 15
Which security policy protects from known attacks and defines resources that
should be accessible?
A. a security policy using both positive and negative security
B. a security policy using ACL security
C. a security policy using negative security only
D. a security policy using positive security only

15 A

QUESTION 16
What are two advantages of running a virtualized load balancer over running a
hardware load balancer? (Choose two.)
A. A virtual load balancer runs newer code than a hardware load balancer.
B. A virtual load balancer can be deployed remotely via software.
C. A virtual load balancer is faster.
D. A virtual load balancer is easier to configure.
E. A virtual load balancer is cheaper.

16 B/D

QUESTION 17
Which three factors should influence the decision to choose hardware or a
virtual appliance? (Choose three.)
A. multiprotocol support
B. power and cooling
C. management API
D. available rack space
E. performance

17 B/D/E
1 – A network 192.168.100 / 27 how many hosts and subnets is it possible to
have? -> 30 host and 8 subnets
2 – Network Protocol – (IPv4, ICMP, ARP, TCP and …) Respond – (IPv4 and
ICMP) In some literature use ARP as layer 3 others use as Layer 2.
3 – What kind of FTP server, where the server sends an ACK — (I think it’s
passive) Ref. http://slacksite.com/other/ftp.html
4 – Physical layer PDU —> bits
5 – Network layer PDU —> datagram
6 – Something about checking F5 box update … (Options – f5.com,
ihealth.f5.com, askf5.com, devcentral.f5.com)
7 – Host A sends some packets to the HostB, the packet arrives out of order.
What does hostB do?
8 – In a failover the user must re-authenticate in the application. Because? —>
Mirror is not enabled

– A network 192.168.100 / 27 how many hosts and subnets is it possible to

have? -> 30 host and 8 subnets – easy question.
– Some questions about PDU and whitch layer determined protocol works.
– In mi test had much questions about the difference between full proxy
architecture and foward packet architecture.
– Network Protocol – (IPv4, ICMP, ARP, TCP and …) Respond – (IPv4 and ICMP)
In some literature use ARP as layer 3 others use as Layer.
– One especific question about ipv6. whitch is the last address that is usable for
the network 2001:db8::/64. I chose the 2001:db8:ffff:ffff:ffff:ffff;

OSI layer funtionality , it provides logical representation & host to host

communication
minimum tcp connection for ftp , 2
what is this ip used for 224.0.0.1 > its multicast IP for local subnet
usable for the network 2001:db8::/64. I chose the 2001:db8:ffff:ffff:ffff:ffff;
A network 192.168.100 / 27 how many hosts and subnets is it possible to have?
-> 30 host and 8 subnets
Network Protocol – (IPv4, ICMP, ARP, TCP and …) Respond – (IPv4 and
ICMP)
checking F5 box update … (Options – f5.com, ihealth.f5.com, askf5.com,
devcentral.f5.com) AskF5.com
In a failover the user must re-authenticate in the application. Because? —>
Mirror is not enabled

Central management of Certificates > Big IQ

multiple questions on Full proxy and packet forward architectures , like in what
scenario are they going to be used.

Questions on HA like what causes a failover , >heartbeat

question on device trust in HA
question like what are parts of ssl communication .
Client A connect with Client B in transparent HUB what mac address will client
B see
SAML question , something like what does service this protocol provide ,> SSO
questions related to OSI layer data packets , bit – physical layer , Network data
gram, TCP – segment
question like what ARP provides , IP to mac binding
question on AAA , what provides accounting service > DIAMETER
in AAA what does SAML provide autherization & access filter

QUESTION 1
If a pool member has been marked DOWN by a monitor, what will be the
result?
A. That pool member will receive the same level of traffic regardless of the state
B. That pool member will still receive traffic but will redirect it to other servers.
C. That pool member will only receive traffic for existing connections.
D. That pool member will not receive any more traffic until it comes up.

1.D

QUESTION 2
An administrator is deploying four identical servers to perform load balanced
DNS.
What is the correct configuration to accomplish this?
A. round robin load balancing with simple persistence
B. ratio load balancing with cookie persistence
C. ratio load balancing with simple persistence
D. round robin load balancing without persistence

2.A

QUESTION 3
A client initiates a TCP connection to the load balancer. The load balancer
opens a new TCP connection to the server.
What is this called?
A. passthrough connection
B. half proxy connection
C. asynchronous connection
D. full proxy connection

3.A

QUESTION 4
Which term describes the systems and processes used to associate users with
digital identities?
A.Certificate Authority
B.Hardware Security Module
C.Digital Rights Management
D.Public Key Infrastructure

4.A

QUESTION 5
Which security policy protects from known attacks and defines resources that
should be accessible?
A. a security policy using both positive and negative security
B. a security policy using ACL security
C. a security policy using negative security only
D. a security policy using positive security only

5.C
3. D. The load balancer builds a new connection with client and also server, it
functions as full-proxy mode.
5. A. To protects from known attacks, deny rules are needed, which is negative
security. And to define resources that should be accessible, is equivalent to
allow or permit certain resources, positive security is needed.

1) which can act as client and server – one more option I dont remember

FTP
downloading email
sMTP

2) access applications on corporate data centers across mobile networks, remote

users, branch offices
which F5

APM
GTM
AFM
LTM

3) User A and User B are on the same vlan, and connected to layer 2 transparent
bridge
In ARP what MAC address will User B see ?

Logical port MAC address connected to layer 2 on User B

Logical port MAC address connected to layer 2 on User A
User A MAC address
User B MAC address

4) https://www.myserver.com DNS ?
A
AAAA
MX
NS
5) In which scenario full proxy is used? (2 questions) – I just rememberd below
options from 2 questions

compression is enabled
UDP sync
TCP routing
IV4 to IP6
UDP to ICMP
when it is strictly used for layer 4
when DNS load balancing is used

6) benefits of hardware over virtual

ssl termination
management capablities
failure isolation
HA capabilities

7) when an administrator is increasing the private key from 1023 to 2048 bits ,
what should he consider in this case?

certificates will not support 2048

Hardware wil not support 2048
processing speed will be fast
processing speed will be slow

8) false-positives comes in?

positve
negative
context based
role based

9) how big-IP devices trust each other

device group
unit id
certification authorty
trust id

10) what is the use of keep alive, load balancing, file caching(dont remember
the options)

11) question on VCMP and options are

VCMP enabled on VE
VCMP enabled on certian f5 devices
VCMP enabled on all f5 devices