Amazon
Avaya
Cisco
CompTIA
CrowdStrike
EC-Council
EXIN
Fortinet
Google
ISC
ISC2
ITIL
Juniper
Microsoft
NVIDIA
Okta
Palo Alto Networks
Salesforce
SAP
ServiceNow
All Vendors
  1. Home
  2. F5
  3. F5CAB4

F5 F5CAB4 Exam (page: 2)
F5 BIG-IP Administration Control Plane Administration
Updated on: 19-Feb-2026

Viewing Page 2 of 8
F5CAB4 PDF 53 Questions

A BIG-IP Administrator uses a device group to share the workload and needs to perform service on a BIG-IP device currently active for a traffic group. The administrator needs to enable the traffic group to run on another BIG-IP device in the device group.

What should the administrator do to meet the requirement? (Choose one answer)

  1. Create a new Traffic Group and then fail to Standby Unit
  2. Select Traffic Group and then select Failover
  3. Select Traffic Group and then select Force to Standby
  4. Select Traffic Group on Primary Unit and then select Demote

Answer(s): B

Explanation:

Comprehensive and Detailed Explanation From BIG-IP Administration Control Plane Administration documents:

Traffic Groups are the mechanism BIG-IP uses to control which device owns specific application traffic in a high-availability (HA) configuration.
When maintenance is required on a device that is currently active for a traffic group, the correct and recommended action is to fail over that traffic group to another device in the device group.

Failing over the traffic group moves ownership of that traffic group (and the virtual servers associated with it) to another available device without forcing the entire device into standby.

This allows targeted maintenance while minimizing impact to other traffic groups that may still be active on the device.

Why the other options are incorrect:

A is unnecessary and incorrect; traffic groups are not recreated for routine maintenance.

C forces the entire device to standby, which may move more traffic than intended.

D (Demote) affects device trust/priority behavior and is not the standard or recommended method for moving traffic group ownership.

Therefore, selecting the Traffic Group and choosing Failover is the correct solution.



As an organization grows, more people have to log into the BIG-IP. Instead of adding more local users, the BIG-IP Administrator is asked to configure remote authentication against a central authentication server.

Which two types of remote server can be used here? (Choose two answers)

  1. LDAP
  2. OAUTH
  3. RADIUS
  4. SAML

Answer(s): A,C

Explanation:

Comprehensive and Detailed Explanation From BIG-IP Administration Control Plane Administration documents:

BIG-IP supports remote authentication by integrating with centralized authentication services through its AAA framework. The supported and commonly used remote authentication servers include:

LDAP (A)

Used to authenticate users against directory services such as Active Directory or other LDAP- compliant directories.

RADIUS (C)

Commonly used for centralized authentication, authorization, and accounting, especially in network and security environments.

Why the other options are incorrect:

OAUTH (B) is an authorization framework, not supported as a direct administrative authentication backend for BIG-IP management access.

SAML (D) is primarily used for single sign-on (SSO) in application authentication scenarios, not for BIG-IP administrative login authentication.

Thus, the correct remote authentication server types are LDAP and RADIUS.



An organization is performing a major release upgrade to its BIG-IP system. The system is under medium load and has enough disk space to perform the upgrade.

Which pre-upgrade task is disruptive to regular system performance and should be performed during a maintenance window? (Choose one answer)

  1. Create a QKView
  2. Reactivate the license
  3. tmsh save sys config
  4. Generate a UCS

Answer(s): B

Explanation:

Comprehensive and Detailed Explanation From BIG-IP Administration Control Plane Administration documents:

Reactivating a BIG-IP license is a traffic-disruptive operation. During the license reactivation process, the BIG-IP system performs a configuration reload, which results in a temporary interruption of all traffic processing. Because traffic handling is affected, F5 explicitly recommends scheduling license updates during a maintenance window.

This behavior is documented in F5 Knowledge Base articles, which state that license reactivation impacts traffic and must be planned accordingly during upgrades or system changes.

The other options are not considered disruptive:

Creating a QKView is primarily a diagnostic task and does not interrupt traffic.

Running tmsh save sys config only saves the running configuration to disk.

Generating a UCS is resource-intensive but does not reload configuration or interrupt traffic processing.



New Syslog servers have been deployed in an organization. The BIG-IP Administrator must reconfigure the BIG-IP system to send log messages to these servers.

In which location in the Configuration Utility can the BIG-IP Administrator make the needed configuration changes to accomplish this? (Choose one answer)

  1. System > Configuration > Local Traffic
  2. System > Logs > Configuration
  3. System > Logs > Audit
  4. System > Configuration > Device

Answer(s): B

Explanation:

Comprehensive and Detailed Explanation From BIG-IP Administration Control Plane Administration documents:

On a BIG-IP system, remote syslog server configuration is managed through the logging configuration framework. In the Configuration Utility, this is accessed via:

System > Logs > Configuration

This section allows the administrator to:

Define remote syslog destinations

Configure log publishers

Control which log types (system, audit, LTM, ASM, etc.) are forwarded to external syslog servers

Why the other options are incorrect:

A . System > Configuration > Local Traffic

Used for traffic management settings, not logging.

C . System > Logs > Audit

Displays audit log settings and content but does not configure remote syslog destinations.

D . System > Configuration > Device

Used for device-level settings such as hostname and platform configuration, not logging.

Therefore, the correct location to reconfigure BIG-IP to send logs to new syslog servers is System > Logs > Configuration.

===========



The BIG-IP Administrator suspects unauthorized SSH login attempts on the BIG-IP system.

Which log file would contain details of these attempts? (Choose one answer)

  1. /var/log/messages
  2. /var/log/secure
  3. /var/log/audit
  4. /var/log/ltm

Answer(s): B

Explanation:

Comprehensive and Detailed Explanation From BIG-IP Administration Control Plane Administration documents:

On BIG-IP systems, authentication and authorization events are logged in /var/log/secure. This includes:

Successful and failed SSH login attempts

Invalid user authentication attempts

PAM (Pluggable Authentication Module) authentication failures

Access denials related to secure services

Why the other options are incorrect:

/var/log/messages contains general system messages and service events, not detailed authentication failures.

/var/log/audit records administrative configuration changes (who changed what and when), not login attempts.

/var/log/ltm logs traffic-management (TMM) and application-related events.

Therefore, the correct log file for investigating unauthorized SSH login attempts is /var/log/secure.

===========



Which command will provide the BIG-IP Administrator with the current device HA status? (Choose one answer)

  1. list /cm failover
  2. show /sys failover
  3. show /cm failover-status

Answer(s): C

Explanation:

Comprehensive and Detailed Explanation From BIG-IP Administration Control Plane Administration documents:

To determine the current failover (HA) status of a BIG-IP system using tmsh, F5 documentation explicitly states that the administrator should use the following command:

show /cm failover-status

This command displays:

The current failover state (active, standby, or offline)

Detailed failover status information

The operational HA condition of the device within a device group

According to F5 Knowledge Base Article K08452454, the documented procedure for checking failover status is:

Log in to the TMOS Shell (tmsh)

Run show /cm failover-status

Why the other options are incorrect:

A . list /cm failover shows configuration settings, not operational HA status.

B . show /sys failover is not the documented command for checking current failover status and does not align with F5's recommended procedure.



In which of the following log files would log events pertaining to pool members being marked "UP" or "DOWN" by their Health Monitors be written? (Choose one answer)

  1. /var/log/audit
  2. /var/log/ltm
  3. /var/log/secure
  4. /var/log/monitors

Answer(s): B

Explanation:

Comprehensive and Detailed Explanation From BIG-IP Administration Control Plane Administration documents:

On BIG-IP systems, Local Traffic Manager (LTM) is responsible for:

Pool and pool member management

Health monitor execution

Marking pool members UP or DOWN based on monitor results

Events related to health monitor status changes, including when pool members transition between UP and DOWN, are logged in /var/log/ltm.

Why the other options are incorrect:

/var/log/audit records administrative configuration changes, not runtime health status.

/var/log/secure logs authentication and authorization events.

/var/log/monitors is not a standard BIG-IP log file.

Therefore, the correct log file for pool member health monitor status events is /var/log/ltm.

===========



Administrative user accounts have been defined on the remote LDAP server and are unable to log in to the BIG-IP device.

Which log file should the BIG-IP Administrator check to find the related messages? (Choose one answer)

  1. /var/log/user.log
  2. /var/log/ltm
  3. /var/log/messages
  4. /var/log/secure

Answer(s): D

Explanation:

Comprehensive and Detailed Explanation From BIG-IP Administration Control Plane Administration documents:

When BIG-IP is configured to use remote authentication (such as LDAP), all authentication and authorization attempts--including successes and failures--are logged to /var/log/secure.

For LDAP-based administrative login issues, /var/log/secure contains:

LDAP authentication failures

PAM authentication errors

Authorization and access-denied messages

Details explaining why a remote user could not log in

Why the other options are incorrect:

/var/log/user.log is not a standard BIG-IP log file for authentication.

/var/log/ltm logs traffic management events, not user authentication.

/var/log/messages contains general system messages but not detailed authentication failure information.

Therefore, the correct log file to troubleshoot LDAP administrative login failures is /var/log/secure.

===========



Viewing Page 2 of 8



Share your comments for F5 F5CAB4 exam with other users:

zazza 6/16/2023 10:47:00 AM

question 44 answer is user risk
ITALY


Prasana 6/23/2023 1:59:00 AM

please post the questions for preparation
Anonymous


test user 9/24/2023 3:15:00 AM

thanks for the questions
AUSTRALIA


Draco 7/19/2023 5:34:00 AM

please reopen it now ..its really urgent
UNITED STATES


Megan 4/14/2023 5:08:00 PM

these practice exam questions were exactly what i needed. the variety of questions and the realistic exam-like environment they created helped me assess my strengths and weaknesses. i felt more confident and well-prepared on exam day, and i owe it to this exam dumps!
UNITED KINGDOM


abdo casa 8/9/2023 6:10:00 PM

thank u it very instructuf
Anonymous


Danny 1/15/2024 9:10:00 AM

its helpful?
INDIA


hanaa 10/3/2023 6:57:00 PM

is this dump still valid???
Anonymous


Georgio 1/19/2024 8:15:00 AM

question 205 answer is b
Anonymous


Matthew Dievendorf 5/30/2023 9:37:00 PM

question 39, should be answer b, directions stated is being sudneted from /21 to a /23. a /23 has 512 ips so 510 hosts. and can make 4 subnets out of the /21
Anonymous


Adhithya 8/11/2022 12:27:00 AM

beautiful test engine software and very helpful. questions are same as in the real exam. i passed my paper.
UNITED ARAB EMIRATES


SuckerPumch88 4/25/2022 10:24:00 AM

the questions are exactly the same in real exam. just make sure not to answer all them correct or else they suspect you are cheating.
UNITED STATES


soheib 7/24/2023 7:05:00 PM

question: 78 the right answer i think is d not a
Anonymous


srija 8/14/2023 8:53:00 AM

very helpful
EUROPEAN UNION


Thembelani 5/30/2023 2:17:00 AM

i am writing this exam tomorrow and have dumps
Anonymous


Anita 10/1/2023 4:11:00 PM

can i have the icdl excel exam
Anonymous


Ben 9/9/2023 7:35:00 AM

please upload it
Anonymous


anonymous 9/20/2023 11:27:00 PM

hye when will post again the past year question for this h13-311_v3 part since i have to for my test tommorow…thank you very much
Anonymous


Randall 9/28/2023 8:25:00 PM

on question 22, option b-once per session is also valid.
Anonymous


Tshegofatso 8/28/2023 11:51:00 AM

this website is very helpful
SOUTH AFRICA


philly 9/18/2023 2:40:00 PM

its my first time exam
SOUTH AFRICA


Beexam 9/4/2023 9:06:00 PM

correct answers are device configuration-enable the automatic installation of webview2 runtime. & policy management- prevent users from submitting feedback.
NEW ZEALAND


RAWI 7/9/2023 4:54:00 AM

is this dump still valid? today is 9-july-2023
SWEDEN


Annie 6/7/2023 3:46:00 AM

i need this exam.. please upload these are really helpful
PAKISTAN


Shubhra Rathi 8/26/2023 1:08:00 PM

please upload the oracle 1z0-1059-22 dumps
Anonymous


Shiji 10/15/2023 1:34:00 PM

very good questions
INDIA


Rita Rony 11/27/2023 1:36:00 PM

nice, first step to exams
Anonymous


Aloke Paul 9/11/2023 6:53:00 AM

is this valid for chfiv9 as well... as i am reker 3rd time...
CHINA


Calbert Francis 1/15/2024 8:19:00 PM

great exam for people taking 220-1101
UNITED STATES


Ayushi Baria 11/7/2023 7:44:00 AM

this is very helpfull for me
Anonymous


alma 8/25/2023 1:20:00 PM

just started preparing for the exam
UNITED KINGDOM


CW 7/10/2023 6:46:00 PM

these are the type of questions i need.
UNITED STATES


Nobody 8/30/2023 9:54:00 PM

does this actually work? are they the exam questions and answers word for word?
Anonymous


Salah 7/23/2023 9:46:00 AM

thanks for providing these questions
Anonymous