2019 Free F5 EnsurePass 101 Dumps VCE and PDF Download Part 4

EnsurePass Dumps

101 VCE

http://www.ensurepass.com/101.html

 

 

QUESTION 61

Where is persistence mirroring configured?

 

A.

It is always enabled.

B.

It is part of a pool definition.

C.

It is part of a profile definition.

D.

It is part of a virtual server definition.

 

Correct Answer: C

 

 

QUESTION 62

Complete the statement below by choosing the correct word or phrase to complete the sentence. By identifying IP addresses and security categories associated with malicious activity, the BIG-IP _______ service can incorporate dynamic lists of threatening IP addresses into the BIG-IP platform, adding context to policy decisions.

 

A.

Edge Client

B.

iRules

C.

LTM

D.

IP intelligence

E.

iApps

 

Correct Answer: D

 

 

QUESTION 63

A virtual server is listening at 10.10.1.100:any and has the following iRule associated with it:

 

clip_image002

 

If a user connects to 10.10.1.100 and port 22, which pool will receive the request?

 

A.

ftp pool

B.

telnet pool

C.

None. The request will be dropped.

D.

Unknown. The pool cannot be determined from the information provided.

 

Correct Answer: D

QUESTION 64

Which of the following is not a feature of a standalone BIG-IP ASM System?

 

A.

Attack signatures

B.

Multiple pool members

C.

Positive security model

D.

Real-time traffic policy builder

E.

Predefined security policy templates

 

Correct Answer: B

 

 

QUESTION 65

Administrators can customize APM to resemble other internal Web applications in the organization.

 

A.

True

B.

False

 

Correct Answer: A

 

 

QUESTION 66

A _______ object maps a FQDN to virtual servers. (Fill in)

 

Correct Answer: Wide IP

 

 

QUESTION 67

Which four of the monitoring methods listed below can GTM use to determine the status and performance of BIG-IP and servers? (Choose four.)

 

A.

ping

B.

Application monitors

C.

Inband monitors

D.

SSH

E.

iQuery

F.

SNMP

 

Correct Answer: ABEF

 

 

QUESTION 68

A user is building a security policy using the Deployment Wizard and the Rapid Deployment application template. By default, which settings will be applied to the security policy? (Choose three.)

 

A.

Data Guard will be enabled.

B.

The enforcement mode will be set to transparent.

C.

The encoding language will be set to auto detect.

D.

Wildcard tightening will be enabled on file types and parameters.

E.

The Attack signature set applied will be Generic Detection Signatures.

 

Correct Answer: ABE

 

 

QUESTION 69

An LTM has the 3 virtual servers, a SNAT, four self IP addresses defined and the networks shown in the exhibit. Selected options for each object are shown below. Settings not shown are at their defaults. A connection attempt is made with a source IP and port of 10.20.100.50:2222 and a destination IP and port of 10.10.2.102:80. When the request is processed, what will be the destination IP address?

 

clip_image004

 

A.

Destination IP: 10.10.2.10

B.

Destination IP: pool member in the 192.168/16 network.

C.

Destination IP: pool member in the 172.16/16 network

D.

The request will be dropped.

 

Correct Answer: A

 

 

QUESTION 70

Which of the following is a benefit of using iRules?

 

A.

They provide a secure connection between a client and LTM

B.

They enable granular control of traffic

C.

They can be used as templates for creating new applications

D.

They can use Active Directory to authenticate and authorize users

E.

They provide an automated way to create LTM objects

 

Correct Answer: B

 

 

 

 

 

QUESTION 71

Learning suggestions can be the result of:

 

A.

A false positive

B.

A malicious attack

C.

A change in the web site content

D.

All the above

 

Correct Answer: D

 

 

QUESTION 72

All members of a pool must share the same service port?

 

A.

True

B.

False

 

Correct Answer: B

 

 

QUESTION 73

Which two daemons only run after the entire license process has been completed? (Choose two.)

 

A.

zrd

B.

tmm

C.

ntpd

D.

gtmd

 

Correct Answer: AD

 

 

QUESTION 74

Which of the following does not pertain to protecting the Requested Resource (URI) element?

 

A.

File type validation

B.

URL name validation

C.

Domain cookie validation

D.

Attack signature validation

 

Correct Answer: C

 

 

QUESTION 75

GTM can sign a DNS response using DNSSEC only if the DNS request. GTM can sign a DNS response using DNSSEC only if the DNS request.

 

A.

has the DO bit set.

B.

is a part of a DNSSEC zone.

C.

is for a Wide-IP name on the GTM.

D.

is answered by BIND running on the GTM.

 

Correct Answer: B

 

QUESTION 76

An inline ASM configuration requires:

 

A.

Two network connections

B.

None of the above

C.

Two disk drives

D.

Two power supplies

 

Correct Answer: A

 

 

QUESTION 77

Information leakage is a major obstacle to achieving PCI DSS compliance.

 

A.

True

B.

False

 

Correct Answer: A

 

 

QUESTION 78

The F5 Application Delivery Firewall has the ability to outperform traditional and next generation firewalls during DDoS attacks by leveraging the performance and scalability of BIG-IP to hand extremely high loads, including high throughput, high connection count, and high number of connections per second.

 

A.

True

B.

False

 

Correct Answer: A

 

 

QUESTION 79

Assuming there are open connections through an active system’s virtual servers and a failover occurs, by default, what happens to the connections?

 

A.

All open connections are lost.

B.

All open connections are maintained.

C.

When persistence mirroring is enabled, open connections are maintained even if a failover occurs.

D.

Long-lived connections such as Telnet and FTP are maintained, but short-lived connections such as HTTP are lost.

E.

All open connections are lost, but new connections are initiated by the newly active BIG-IP, resulting in minimal client downtime.

 

Correct Answer: A

 

 

QUESTION 80

Which statement is true concerning packet filters?

 

A.

In addition to administrator-created filters, three always exists a “deny all” filter that processes traffic last.

B.

Filters cannot prevent access to the management port.

C.

The order of filters does not affect which traffic is accepted or denied.

D.

Filters cannot prevent the BIG_IP synching process from taking place.

 

Correct Answer: B


Leave a Reply

Your email address will not be published. Required fields are marked *

  • Categories

  • Tags

  • Hot Exam List

  • Hot Exams

  • Hot Catageories List