Amazon
Avaya
Cisco
CompTIA
CrowdStrike
EC-Council
EXIN
Fortinet
Google
ISC
ISC2
ITIL
Juniper
Microsoft
NVIDIA
Okta
Palo Alto Networks
Salesforce
SAP
ServiceNow
All Vendors
  1. Home
  2. F5
  3. F5CAB2

F5 F5CAB2 Exam (page: 2)
F5 BIG-IP Administration Data Plane Concepts
Updated on: 19-Feb-2026

Viewing Page 2 of 6
F5CAB2 PDF 40 Questions

An organization needs to deploy an HTTP application on a BIG-IP system. The requirements specify hardware acceleration to enhance performance, while HTTP optimization features are not required.

What type of virtual server and associated protocol profile should be used to meet these requirements? (Choose one answer)

  1. Type: Stateless Protocol Profile: fastL4
  2. Type: Standard Protocol Profile: tcp-wan-optimized
  3. Type: Performance (Layer 4) Protocol Profile: fastL4
  4. Type: Performance (HTTP) Protocol Profile: fasthttp

Answer(s): C

Explanation:

Comprehensive and Detailed Explanation From BIG-IP Administration Data Plane Concepts documents:

To select the correct virtual server type, an administrator must balance the need for L7 intelligence versus raw throughput and hardware offloading:

Performance (Layer 4) Virtual Server: This type is designed for maximum speed. It uses the fastL4 profile, which allows the BIG-IP system to leverage the ePVA (Embedded Packet Velocity Accelerator) hardware chip.
When a Performance (L4) virtual server is used, the system processes packets at the network layer (L4) without looking into the application payload (L7). This fulfills the requirement for hardware acceleration and avoids the overhead of HTTP optimization features, which are not needed in this scenario.

Performance (HTTP) Virtual Server: While fast, this type uses the fasthttp profile to provide some L7 awareness and optimization (like header insertion or small-scale multiplexing). Since the requirement specifically states HTTP optimization is not required, the L4 variant is more efficient.

Standard Virtual Server: This is a full-proxy type.
While it offers the most features (SSL offload, iRules, Compression), it processes traffic primarily in the TMOS software layer (or via high-level hardware assistance), which is "slower" than the pure hardware switching path of the Performance (L4) type.

Stateless Virtual Server: This is typically used for specific UDP/ICMP traffic where the system does not need to maintain a connection table. It is not appropriate for standard HTTP (TCP) applications requiring persistent sessions or stateful load balancing.

By choosing Performance (Layer 4) with the fastL4 profile, the organization ensures that the traffic is handled by the hardware acceleration chips, providing the lowest latency and highest throughput possible for their HTTP application.



An application is configured so that the same pool member must be used for an entire session, and this behavior must persist across HTTP and FTP traffic. A user reports that a session terminates and must be restarted after the active BIG-IP device fails over to the standby device.

Which configuration settings should the BIG-IP Administrator verify to ensure proper behavior when BIG-IP failover occurs? (Choose one answer)

  1. Cookie persistence and session timeout
  2. Stateful failover and Network Failover detection
  3. Persistence mirroring and Match Across Services
  4. SYN-cookie insertion threshold and connection low-water mark

Answer(s): C

Explanation:

Comprehensive and Detailed Explanation (BIG-IP Administration ­ Data Plane Concepts):

This scenario combines session continuity, multiple protocols (HTTP and FTP), and HA failover behavior, which directly implicates persistence handling across devices and services.

Key Requirements Breakdown

Same pool member for entire session

Session must survive failover

Session must span multiple services (HTTP and FTP)

Why Persistence Mirroring + Match Across Services Is Required

Persistence Mirroring

Ensures persistence records are synchronized from the active BIG-IP to the standby BIG-IP.

Without mirroring:

After failover, the standby device has no persistence table

Clients are load-balanced again

Sessions break, forcing users to restart

Persistence mirroring is essential for session continuity during failover

Match Across Services

Allows a single persistence record to be shared across multiple virtual servers / protocols

Required when:

HTTP and FTP must use the same pool member

Multiple services are part of a single application session

Together, these settings ensure:

Persistence survives device failover

Persistence is honored across HTTP and FTP

Why the Other Options Are Incorrect

A . Cookie persistence and session timeout

Cookie persistence only applies to HTTP and does not address FTP or failover synchronization.

B . Stateful failover and Network Failover detection

Stateful failover applies to connection state, not persistence records, and does not link HTTP and FTP sessions.
D . SYN-cookie insertion threshold and connection low-water mark

These are DoS / SYN flood protection settings, unrelated to persistence or HA behavior.



The BIG-IP Administrator wants to provide quick failover between the F5 LTM devices that are configured as an HA pair with a single Self IP using the MAC Masquerade feature. The administrator configures MAC masquerade for traffic-group-1 using the following command:

`tmsh modify /cm traffic-group traffic-group-1 mac 02:12:34:56:00:00`

However, the Network Operations team identifies an issue with using the same MAC address across multiple VLANs. As a result, the administrator enables Per-VLAN MAC Masquerade to ensure a unique MAC address per VLAN by running:

`tmsh modify /sys db tm.macmasqaddr_per_vlan value true`

What would be the resulting MAC address on a tagged VLAN with ID 1501? (Choose one answer)

  1. 02:12:34:56:01:15
  2. 02:12:34:56:dd:05
  3. 02:12:34:56:05:dd
  4. 02:12:34:56:15:01

Answer(s): C

Explanation:

Comprehensive and Detailed Explanation From BIG-IP Administration Data Plane Concepts documents:

In BIG-IP high availability (HA) configurations, MAC Masquerade is used to speed up failover by allowing traffic-group-associated Self IPs to retain the same MAC address when moving between devices. This prevents upstream switches and routers from having to relearn ARP entries during a failover event, resulting in near-instant traffic recovery.

By default, MAC masquerade applies one MAC address per traffic group, regardless of how many VLANs the traffic group spans. This can create problems in some network designs because the same

MAC address appearing on multiple VLANs may violate network policies or confuse switching infrastructure.

To address this, BIG-IP provides Per-VLAN MAC Masquerade, enabled by the database variable:

`tm.macmasqaddr_per_vlan = true`

When this feature is enabled:

BIG-IP derives a unique MAC address per VLAN

The base MAC address configured on the traffic group remains the first four octets

The last two octets are replaced with the VLAN ID expressed in hexadecimal

The VLAN ID is encoded in network byte order (high byte first, low byte second)

### VLAN ID Conversion:

VLAN ID: 1501 (decimal)

Convert to hexadecimal:

1501 = 0x05DD

High byte: 05

Low byte: DD

### Resulting MAC Address:

Base MAC: `02:12:34:56:00:00`

Per-VLAN substitution last two bytes = `05:DD`

Final MAC address:

`02:12:34:56:05:dd`

### Why the Other Options Are Incorrect:

A (01:15) ­ Incorrect hexadecimal conversion of 1501

B (dd:05) ­ Byte order reversed (little-endian, not used by BIG-IP)

D (15:01) ­ Uses decimal values instead of hexadecimal

### Key BIG-IP HA Concept Reinforced:

Per-VLAN MAC Masquerade ensures Layer 2 uniqueness per VLAN while preserving the fast failover benefits of traffic groups, making it the recommended best practice in multi-VLAN HA deployments.



A BIG-IP Administrator makes a configuration change to a Virtual Server on the Standby device of an HA pair. The HA pair is currently configured with Auto-Sync enabled.
What effect will the change have on the HA pair configuration? (Choose one answer)

  1. The change will be undone next time a configuration change is made on the Active device.
  2. The change will be propagated next time a configuration change is made on the Active device.
  3. The change will be undone when Auto-Sync propagates the config to the Standby device.
  4. The change will take effect when Auto-Sync propagates the config to the HA pair.

Answer(s): C

Explanation:

Comprehensive and Detailed Explanation From BIG-IP Administration Data Plane Concepts documents:

In a BIG-IP high availability (HA) configuration, Auto-Sync is a device trust feature that automatically synchronizes configuration changes from the Active device to the Standby device within a Sync- Failover device group.

Key principles from BIG-IP Administration Data Plane Concepts:

The Active device is always the authoritative source of configuration

Configuration changes are intended to be made only on the Active device

With Auto-Sync enabled, any time the Active device configuration changes, the system automatically pushes the configuration to all Standby members of the device group

Configuration changes made directly on a Standby device are not preserved

In this scenario:

The administrator modifies a Virtual Server on the Standby device

That change is local only and does not alter the device group's synchronized configuration

When Auto-Sync next runs (triggered by a change on the Active device or an internal sync event), the Active device configuration overwrites the Standby configuration

As a result, the configuration change made on the Standby device is undone.

Why the Other Options Are Incorrect:

A ­ The change is not undone only when another change is made; it is undone during the next Auto-

Sync operation

B ­ Changes made on the Standby device are never propagated to the Active device

D ­ Auto-Sync does not merge or promote Standby changes into the HA pair configuration

Best Practice Reinforced:

Always perform configuration changes on the Active BIG-IP device when Auto-Sync is enabled to ensure consistent and predictable HA behavior.



What is the result when a BIG-IP Administrator manually disables a pool member? (Choose one answer)

  1. The disabled pool member stops processing persistent connections.
  2. All pool members continue to process persistent connections.
  3. The disabled pool member stops processing existing connections.
  4. All pool members stop accepting new connections.

Answer(s): A

Explanation:

Comprehensive and Detailed Explanation From BIG-IP Administration Data Plane Concepts documents:

In BIG-IP LTM, a pool member state directly affects how traffic is handled at the data plane level.
When a pool member is manually disabled, BIG-IP changes the member's availability state to disabled, which has specific and predictable traffic-handling consequences.

According to BIG-IP Administration Data Plane Concepts:

A disabled pool member:

Does not accept new connections

Continues to process existing non-persistent connections until they naturally close

Is removed from load-balancing decisions, including persistence lookups

Most importantly for this question:
Persistent connections

(such as those created using source-address persistence, cookie persistence, or SSL persistence) are not honored for a disabled pool member

BIG-IP will not send new persistent traffic to a disabled member, even if persistence records exist

Therefore, when a pool member is manually disabled, it stops processing persistent connections, while allowing existing non-persistent flows to drain gracefully.

Why the Other Options Are Incorrect:

B ­ Persistent connections are not honored for a disabled pool member

C ­ Existing connections are not immediately terminated when a pool member is disabled

D ­ Only the disabled pool member stops accepting new connections, not all pool members

Key Data Plane Concept Reinforced:

Manually disabling a pool member is a graceful administrative action that prevents new and persistent traffic from reaching the member while allowing existing connections to complete, which is critical for maintenance and troubleshooting scenarios.



A BIG-IP Administrator assigns the default HTTP health monitor to a pool that has three members listening on port 80.
When the administrator connects to each pool member using the curl utility, two of the members respond with a status of 404 Not Found, while the third responds with 200 OK.
What will the pool show for member availability? (Choose one answer)

  1. Two members offline and one member online
  2. Two members online and one member offline
  3. All members offline
  4. All members online

Answer(s): A

Explanation:

Comprehensive and Detailed Explanation From BIG-IP Administration Data Plane Concepts documents:

In BIG-IP LTM, health monitors are used to determine the availability of pool members and directly influence traffic flow decisions in the data plane.

Key characteristics of the default HTTP monitor according to BIG-IP Administration Data Plane Concepts:

Sends an HTTP request (typically GET /)

Expects an HTTP response code of 200 OK

Any response other than 200 is treated as a monitor failure

A failed monitor causes the pool member to be marked offline (down)

In this scenario:

Two pool members return 404 Not Found

A 404 response indicates that the requested object was not found

This does not meet the success criteria of the default HTTP monitor

These two members are therefore marked offline

One pool member returns 200 OK

This matches the expected response

The member is marked online

Resulting Pool Member Availability:

2 members: Offline

1 member: Online

Why the Other Options Are Incorrect:

B ­ 404 responses are not considered healthy by the default HTTP monitor

C ­ At least one member responds with the expected 200 OK

D ­ Members returning 404 responses fail the monitor and cannot be marked online

Key Data Plane Concept Reinforced:

BIG-IP health monitors make binary availability decisions based strictly on configured success criteria. For HTTP monitors, response codes matter--404 is a failure, even if the service is technically reachable.



A BIG-IP Administrator assigns the default HTTP health monitor to a pool that has three members listening on port 80.
When the administrator connects to each pool member using the curl utility, two of the members respond with a status of 404 Not Found, while the third responds with 200 OK.
What will the pool show for member availability? (Choose one answer)

  1. Two members offline and one member online
  2. Two members online and one member offline
  3. All members offline
  4. All members online

Answer(s): A

Explanation:

Comprehensive and Detailed Explanation From BIG-IP Administration Data Plane Concepts documents:

In BIG-IP LTM, pool member availability is determined by health monitors, which continuously test application responsiveness and correctness.

For the default HTTP monitor, the behavior is defined as follows:

BIG-IP sends an HTTP request (by default, GET /)

The monitor expects a response with HTTP status 200 OK

Any HTTP response code other than 200 is considered a monitor failure

A failed monitor causes the associated pool member to be marked offline (down)

Applying this to the scenario:

Two pool members return 404 Not Found

A 404 response indicates the requested object is missing

This response does not satisfy the success criteria of the default HTTP monitor

BIG-IP marks these two members as offline

One pool member returns 200 OK

This matches the expected response code

BIG-IP marks this member as online

Resulting Pool Status:

2 members: Offline

1 member: Online

Why the Other Options Are Incorrect:

B ­ Members returning 404 responses cannot be considered healthy

C ­ At least one member responds with 200 OK, so the entire pool is not offline

D ­ Not all members meet the monitor success criteria

Key Data Plane Concept Reinforced:

BIG-IP health monitors validate not just reachability, but application correctness. For HTTP monitors, the response code is critical--404 is treated as a failure, even though the service is reachable.



An ecommerce company is experiencing latency issues with online shops during Black Friday's peak season. The BIG-IP Administrator detects an overall high CPU load on the BIG-IP device and wants to move the top utilized Virtual Servers to a dedicated BIG-IP device.
Where should the BIG-IP Administrator determine the problematic Virtual Servers? (Choose one answer)

  1. Local Traffic > Virtual Servers > Virtual Server List
  2. System > Platform
  3. Statistics > Module Statistics > Local Traffic > Virtual Servers
  4. Local Traffic > Network Map

Answer(s): C

Explanation:

Comprehensive and Detailed Explanation From BIG-IP Administration Data Plane Concepts documents:

When troubleshooting performance and latency issues on BIG-IP, especially under peak load conditions, it is critical to identify which Virtual Servers are consuming the most resources. This is a core data plane analysis task.

BIG-IP provides multiple views of configuration and status, but only certain areas expose real-time and historical traffic statistics that correlate directly with CPU usage and throughput.

Why Option C Is Correct:

Statistics > Module Statistics > Local Traffic > Virtual Servers provides:

Real-time and cumulative statistics per Virtual Server

Metrics such as:

Bits in / Bits out

Packets in / Packets out

Current connections

Connection rate

Total requests

The ability to identify high-traffic or high-connection Virtual Servers, which are the most likely contributors to elevated CPU utilization

These statistics allow the administrator to objectively determine which Virtual Servers are the top consumers of system resources and therefore good candidates for migration to a dedicated BIG-IP device.

Why the Other Options Are Incorrect:

A . Local Traffic > Virtual Servers > Virtual Server List

Primarily a configuration view

Does not provide sufficient performance or utilization statistics to identify CPU-heavy Virtual Servers

B . System > Platform

Displays hardware-level information such as CPU cores, memory, disk, and platform type

Does not break down utilization by Virtual Server

D . Local Traffic > Network Map

Provides a logical topology view of Virtual Servers, pools, and pool members

Useful for understanding relationships, but not for identifying high-utilization Virtual Servers

Key Data Plane Concept Reinforced:

To diagnose performance problems and plan traffic redistribution, BIG-IP administrators must rely on Module and object-level statistics, not configuration screens. The Virtual Server statistics view is the authoritative location for identifying traffic hotspots that directly impact CPU and latency during peak events such as Black Friday.



Viewing Page 2 of 6



Share your comments for F5 F5CAB2 exam with other users:

Eman Sawalha 6/10/2023 6:18:00 AM

next time i will write a full review
GREECE


johnpaul 11/15/2023 7:55:00 AM

first time using this site
ROMANIA


omiornil@gmail.com 7/25/2023 9:36:00 AM

please sent me oracle 1z0-1105-22 pdf
BANGLADESH


John 8/29/2023 8:59:00 PM

very helpful
Anonymous


Kvana 9/28/2023 12:08:00 PM

good info about oml
UNITED STATES


Checo Lee 7/3/2023 5:45:00 PM

very useful to practice
UNITED STATES


dixitdnoh@gmail.com 8/27/2023 2:58:00 PM

this website is very helpful.
UNITED STATES


Sanjay 8/14/2023 8:07:00 AM

good content
INDIA


Blessious Phiri 8/12/2023 2:19:00 PM

so challenging
Anonymous


PAYAL 10/17/2023 7:14:00 AM

17 should be d ,for morequery its scale out
Anonymous


Karthik 10/12/2023 10:51:00 AM

nice question
Anonymous


Godmode 5/7/2023 10:52:00 AM

yes.
NETHERLANDS


Bhuddhiman 7/30/2023 1:18:00 AM

good mateial
Anonymous


KJ 11/17/2023 3:50:00 PM

good practice exam
Anonymous


sowm 10/29/2023 2:44:00 PM

impressivre qustion
Anonymous


CW 7/6/2023 7:06:00 PM

questions seem helpful
Anonymous


luke 9/26/2023 10:52:00 AM

good content
Anonymous


zazza 6/16/2023 9:08:00 AM

question 21 answer is alerts
ITALY


Abwoch Peter 7/4/2023 3:08:00 AM

am preparing for exam
Anonymous


mohamed 9/12/2023 5:26:00 AM

good one thanks
EGYPT


Mfc 10/23/2023 3:35:00 PM

only got thru 5 questions, need more to evaluate
Anonymous


Whizzle 7/24/2023 6:19:00 AM

q26 should be b
Anonymous


sarra 1/17/2024 3:44:00 AM

the aaa triad in information security is authentication, accounting and authorisation so the answer should be d 1, 3 and 5.
UNITED KINGDOM


DBS 5/14/2023 12:56:00 PM

need to attend this
UNITED STATES


Da_costa 8/1/2023 5:28:00 PM

these are free brain dumps i understand, how can one get free pdf
Anonymous


vikas 10/28/2023 6:57:00 AM

provide access
EUROPEAN UNION


Abdullah 9/29/2023 2:06:00 AM

good morning
Anonymous


Raj 6/26/2023 3:12:00 PM

please upload the ncp-mci 6.5 dumps, really need to practice this one. thanks guys
Anonymous


Miguel 10/5/2023 12:21:00 PM

question 16: https://help.salesforce.com/s/articleview?id=sf.care_console_overview.htm&type=5
SPAIN


Hiren Ladva 7/8/2023 10:34:00 PM

yes i m prepared exam
Anonymous


oliverjames 10/24/2023 5:37:00 AM

my experience was great with this site as i studied for the ms-900 from here and got 900/1000 on the test. my main focus was on the tutorials which were provided and practice questions. thanks!
GERMANY


Bhuddhiman 7/20/2023 11:52:00 AM

great course
UNITED STATES


Anuj 1/14/2024 4:07:00 PM

very good question
Anonymous


Saravana Kumar TS 12/8/2023 9:49:00 AM

question: 93 which statement is true regarding the result? sales contain 6 columns and values contain 7 columns so c is not right answer.
INDIA