Amazon
Avaya
Checkpoint
Cisco®
CompTIA
CrowdStrike
EC-Council
EXIN
Fortinet
Google
ISC
ISC2
ITIL®
Juniper
Microsoft
MuleSoft
Okta
Palo Alto Networks
Salesforce
SAP
All Vendors
  1. Home
  2. F5
  3. 301b

F5 301b Exam (page: 7)
F5 BIG-IP Local Traffic Manager (LTM) Specialist: Maintain & Troubleshoot
Updated on: 28-Jul-2025

Viewing Page 7 of 43
301b PDF 210 Questions

A web application requires knowledge of the client's true IP address for logging and analysis purposes. Instances of the application that can decode X-Forwarded-For HTTP headers reside in pool_a, while pool_b instances assume the source IP is the true address of the client.
Which iRule provides the proper functionality?

  1. when HTTP_DATA {
    if {[HTTP::header exists X-Forwarded-For]}{
    pool pool_a
    } else {
    pool pool_b
    }
    }
  2. when HTTP_RESPONSE {
    if {[HTTP::header exists X-Forwarded-For]}{
    pool pool_a
    } else {
    pool pool_b
    }
    }
  3. when HTTP_REQUEST {
    if {[HTTP::header exists X-Forwarded-For]}{
    pool pool_a
    } else {
    pool pool_b
    }
    }
  4. when HTTP_OPEN {
    if {[HTTP::header exists X-Forwarded-For]}{
    pool pool_a
    } else {
    pool pool_b
    }
    }

Answer(s): C



Which iRule will reject any connection originating from a 10.0.0.0/8 network?

  1. when CLIENT_ACCEPTED {
    set remote_ip [IP::addr [IP::remote_addr] mask 8]
    switch $remote_ip {
    "10.0.0.0" { reject }
    "11.0.0.0" { pool pool_http1}
    default { pool http_pool }
    }
    }
  2. when CLIENT_ACCEPTED {
    set remote_ip [IP::addr [IP::local_addr] mask 8]
    switch $remote_ip {
    "10.0.0.0" { reject }
    "11.0.0.0" { pool pool_http1}
    default { pool http_pool }
    }
    }
  3. when CLIENT_ACCEPTED {
    set remote_ip [IP::addr [IP::client_addr] mask 255.0.0.0] switch $remote_ip {
    "10.0.0.0" { reject }
    "11.0.0.0" { pool pool_http1}
    default { pool http_pool }
    }
    }
  4. when CLIENT_ACCEPTED {
    set remote_ip [IP::addr [IP::local_addr] mask 255.0.0.0] switch $remote_ip {
    "10.0.0.0" { reject }
    "11.0.0.0" { pool pool_http1}
    default { pool http_pool }
    }
    }

Answer(s): C



There is a fault with an LTM device load balanced trading application that resides on directly connected VLAN vlan-301. The application virtual server is 10.0.0.1:80 with trading application backend servers on subnet 192.168.0.0/25. The LTM Specialist wants to save a packet capture with complete payload for external analysis.
Which command should the LTM Specialist execute on the LTM device command line interface?

  1. tcpdump -vvv -w /var/tmp/trace.cap 'net 192.168.0.0/25'
  2. tcpdump -vvv -s 0 -w /var/tmp/trace.cap 'net 192.168.0.0/25'
  3. tcpdump -vvv -nni vlan-301 -w /var/tmp/trace.cap 'net 192.168.0.0/25'
  4. tcpdump -vvv -s 0 -nni vlan-301 -w /var/tmp/trace.cap 'net 192.168.0.0/25'

Answer(s): D



An LTM Specialist has just captured trace /var/tmp/trace.cap for site www.example.com while listening on virtual address 10.0.0.1:443 configured on partition Application A. The data payload being captured is SSL encrypted.
Which command should the LTM Specialist execute to decrypt the data payload?

  1. ssldump -Aed -nr /var/tmp/trace.cap -k
    /config/filestore/files_d/Common_d/certificate_d/:Common:www.example.com.crt_1
  2. ssldump -Aed -nr /var/tmp/trace.cap -k
    /config/filestore/files_d/Common_d/certificate_key_d/:Common:www.example.com.key_1
  3. ssldump -Aed -nr /var/tmp/trace.cap -k
    /config/filestore/files_d/ApplicationA_d/certificate_d/:ApplicationA:www.example.com.crt_1
  4. ssldump -Aed -nr /var/tmp/trace.cap -k
    /config/filestore/files_d/ApplicationA_d/certificate_key_d/:ApplicationA:www.example.com.key_1

Answer(s): B



An LTM Specialist must perform a packet capture on a virtual server with an applied standard FastL4 profile. The virtual server 10.0.0.1:443 resides on vlan301.
Which steps should the LTM Specialist take to capture the data payload successfully while ensuring no other virtual servers are affected?

  1. The standard FastL4 profile should have PVA acceleration disabled. Then the packet capture tcpdump -ni vlan301 should be executed on the command line interface.
  2. The packet capture tcpdump -ni vlan301 should be executed on the command line interface.
    There is no need to change profiles or PVA acceleration.
  3. A new FastL4 profile should be created and applied to the virtual server with PVA acceleration disabled. Then the packet capture tcpdump -ni vlan301 should be executed on the command line interface.
  4. The LTM device is under light load. The traffic should be mirrored to a dedicated sniffing device. On the sniffing device, the packet capture tcpdump -ni vlan301 should be executed.

Answer(s): C



Viewing Page 7 of 43



Share your comments for F5 301b exam with other users:

ethan 9/24/2023 12:38:00 PM

could you please upload practice questions for scr exam ?
HONG KONG