Amazon
Avaya
Cisco
CompTIA
CrowdStrike
EC-Council
EXIN
Fortinet
Google
ISC
ISC2
ITIL
Juniper
Microsoft
NVIDIA
Okta
Palo Alto Networks
Salesforce
SAP
ServiceNow
All Vendors
  1. Home
  2. F5
  3. F5CAB5

F5 F5CAB5 Exam (page: 2)
F5 BIG-IP Administration Support and Troubleshooting
Updated on: 19-Feb-2026

Viewing Page 2 of 7
F5CAB5 PDF 42 Questions

Refer to the exhibit.

A BIG-IP Administrator needs to deploy an application on the BIG-IP system to perform SSL offload and re-encrypt the traffic to pool members. During testing, users are unable to connect to the application.

What must the BIG-IP Administrator do to resolve the issue? (Choose one answer)

  1. Remove the configured SSL Profile (Client)
  2. Configure Protocol Profile (Server) as splitsession-default-tcp
  3. Enable Forward Proxy in the SSL Profile (Client)
  4. Configure an SSL Profile (Server)

Answer(s): D

Explanation:

To successfully perform SSL offload and re-encryption on a BIG-IP system, the virtual server must be configured with both a Client SSL profile and a Server SSL profile. The Client SSL profile enables BIG-IP to decrypt inbound HTTPS traffic from clients, while the Server SSL profile is required to re-encrypt traffic before forwarding it to the pool members.

From the exhibit, the virtual server has a Client SSL profile configured, which allows BIG-IP to accept HTTPS connections from clients. However, there is no Server SSL profile attached, meaning BIG-IP attempts to send unencrypted HTTP traffic to pool members listening on HTTPS (port 443). This protocol mismatch causes the server-side SSL handshake to fail, resulting in users being unable to connect to the application.

This behavior is well documented in BIG-IP SSL troubleshooting guides: when backend servers expect HTTPS, a Server SSL profile is mandatory to establish a secure connection from BIG-IP to the pool members.

The other options are incorrect:

Removing the Client SSL profile (Option A) would break client-side HTTPS.

The server-side TCP profile (Option B) is unrelated to SSL encryption.

Forward Proxy (Option C) is only used for outbound SSL inspection scenarios.

Therefore, configuring an SSL Profile (Server) is the correct and required solution.



A BIG-IP Administrator notices that one of the servers that runs an application is NOT receiving any traffic. The BIG-IP Administrator examines the configuration status of the application and observes the displayed monitor configuration and affected pool member status.



What is the possible cause of this issue? (Choose one answer)

  1. The node health monitor is NOT responding.
  2. The application is NOT responding with the expected Receive String.
  3. HTTP 1.1 is NOT appropriate for monitoring purposes.
  4. The BIG-IP device is NOT able to reach the pool.

Answer(s): A

Explanation:

The key clue in the exhibit is the pool member's availability showing "Offline (Enabled) ­ Parent down". In BIG-IP terminology, a pool member inherits the status of its parent node. If the node is marked down (for example, by a node-level monitor or a default "node is down" condition), then all pool members using that node IP will also be marked down and will not receive any traffic, even if the application service on the member port might be healthy.

While the HTTPS monitor configuration (send/receive strings) is displayed, the status specifically indicates a node (parent) failure, not a service-level failure. If the problem were the application not matching the receive string, you would typically see the member down due to the member's monitor failing (and the status would reflect monitor failure details), rather than "parent down."

Option D is too broad; BIG-IP can generally reach the subnet (other servers work), and this symptom points to a specific node condition. Option C is incorrect because HTTP/1.1 is commonly used for monitoring and is valid when properly formatted (especially with a Host header). Therefore, the most likely cause is that the node health monitor is not responding, causing the node--and consequently the member--to be marked down.



Which menu should you use on the BIG-IP Configuration Utility to generate a QKView support file?

(Choose one answer)

  1. System > Configuration
  2. System > Archive
  3. System > Support
  4. System > Logs

Answer(s): C

Explanation:

A QKView is the primary diagnostic file used by F5 Support to analyze BIG-IP system health, configuration, performance, and logs. It collects a wide range of data, including running configuration, license details, module provisioning, hardware status, logs, statistics, and diagnostic command output. Generating a QKView is a standard first step when troubleshooting issues or opening a support case with F5.

In the BIG-IP Configuration Utility (GUI), the correct location to generate a QKView is System > Support (Option C). This menu is specifically designed for support and troubleshooting activities. From this section, administrators can create QKView files, upload them directly to F5 iHealth, or download them locally for later analysis or submission to F5 Support.

The other options are incorrect:

System > Configuration (Option A) is used for system-wide settings such as device name, NTP, and DNS.

System > Archive (Option B) is used to create UCS backups, not diagnostic QKViews.

System > Logs (Option D) is used to view and manage log files, not to generate support bundles.

This workflow is clearly documented in BIG-IP Administration and Support guides and is considered a best practice for efficient troubleshooting and support engagement.



A device group is currently in the Changes Pending sync status. How can the BIG-IP Administrator determine which member of the device group has the most recent configuration? (Choose one answer)

  1. Device Management > Overview
  2. Device Management > Devices
  3. System > High Availability
  4. Device Management > Device Groups

Answer(s): D

Explanation:

When a BIG-IP device group shows a Changes Pending status, it indicates that one or more devices in the group have configuration changes that have not yet been synchronized to the other members. To identify which device has the most recent (authoritative) configuration, the administrator must view the detailed synchronization status at the device group level.

The correct location is Device Management > Device Groups (Option D). Within this menu, the BIG-IP Configuration Utility displays each device group along with its synchronization status and provides details about which device has pending changes. From this view, the administrator can clearly see which device is marked as having changes pending, making it the source device that should be used to initiate a Sync to Group operation.

The other options do not provide the required level of detail:

Device Management > Overview (Option A) shows general HA status but not configuration ownership.

Device Management > Devices (Option B) lists devices but does not clearly identify which one holds unsynchronized changes.

System > High Availability (Option C) focuses on failover and traffic groups, not configuration sync state.

This workflow aligns with BIG-IP best practices for configuration synchronization and ensures changes are propagated correctly without overwriting newer configurations.



A BIG-IP Administrator suspects that one of the BIG-IP device power supplies is experiencing power outages.

Which log file should the BIG-IP Administrator check to verify the suspicion? (Choose one answer)

  1. /var/log/daemon.log
  2. /var/log/kern.log
  3. /var/log/ltm
  4. /var/log/audit

Answer(s): C

Explanation:

According to official F5 documentation (K52015891 ­ Troubleshooting BIG-IP power supply issues), hardware-related alerts for power supplies, fans, and chassis components are logged in /var/log/ltm.

When a BIG-IP device experiences a power supply issue--such as failure, intermittent outages, or fan-related faults--the system generates alerts through internal platform monitoring services. These alerts are written to the /var/log/ltm file and often appear with messages similar to:

Chassis power supply 2 has experienced an issue. Status is as follows: FAN=bad; STATUS=bad.

This makes /var/log/ltm the authoritative log file for identifying and verifying power supply and chassis-related problems on BIG-IP systems.

The other log files are not appropriate for this purpose:

/var/log/daemon.log contains general daemon messages but is not the primary source for chassis hardware alerts.

/var/log/kern.log logs kernel-level events, not platform power status.

/var/log/audit records administrative actions and configuration changes.

Conclusion:
Per F5-supported guidance, when suspecting power supply outages or chassis hardware issues, the BIG-IP Administrator should always check /var/log/ltm first.



Refer to the exhibit.



The image shows the status of a virtual server named application_vs in the BIG-IP Configuration Utility.

What is the cause of the status shown? (Choose two answers)

  1. Pool member(s) administratively disabled
  2. Pool member(s) forced offline
  3. Node(s) administratively disabled
  4. Virtual Server administratively disabled

Answer(s): A,C

Explanation:

The exhibit shows the virtual server application_vs with a status indicating it is offline but enabled. In BIG-IP terminology, this status means the virtual server itself is administratively enabled, but it is unable to pass traffic because no usable pool members are available.

Two common and documented causes for this condition are:

Pool member(s) administratively disabled (Option A):
When all pool members are administratively disabled, BIG-IP removes them from load-balancing decisions. Even though the virtual server remains enabled, it has no available pool members to send traffic to, resulting in an offline status.

Node(s) administratively disabled (Option C):
Pool members inherit the status of their parent nodes. If a node is administratively disabled, all associated pool members are also marked unavailable. This condition causes the virtual server to show as offline, even though the virtual server configuration itself is correct.

The other options are incorrect:

Forced offline pool members (Option B) result in a different operational intent and are explicitly set for maintenance scenarios.

Virtual server administratively disabled (Option D) would show the virtual server as disabled, not enabled/offline.

This behavior is consistent with BIG-IP traffic management logic and is commonly verified by reviewing pool and node availability states when diagnosing virtual server availability issues.



Which menu should you use on the BIG-IP Configuration Utility to generate a QKView support file? (Choose one answer)

  1. System > Configuration
  2. System > Archive
  3. System > Support
  4. System > Logs

Answer(s): C

Explanation:

Comprehensive and Detailed 150 to 250 Words Explanation From BIG-IP Administration, Support, and Troubleshooting Documents:

A QKView file is the primary diagnostic support bundle used by F5 Support to troubleshoot BIG-IP system issues. It contains comprehensive system information, including running configuration, licensing details, module provisioning, hardware status, software versions, log files, statistics, and the output of numerous diagnostic commands. Generating a QKView is a standard and recommended first step when investigating performance problems, configuration issues, or when opening a support case with F5.

In the BIG-IP Configuration Utility (GUI), the correct and supported location to generate a QKView is System > Support. This menu is specifically designed for support and troubleshooting operations. From this section, administrators can generate a QKView file, monitor its creation progress,

download it locally, or upload it directly to F5 iHealth for automated analysis. This workflow is clearly documented in BIG-IP Administration and Support guides and aligns with F5 best practices.

The other menu options are not appropriate:

System > Configuration is used for system-wide settings such as DNS, NTP, and device identity.

System > Archive is used to create UCS backup files, which are configuration backups, not diagnostic bundles.

System > Logs is used only for viewing system logs, not generating support files.

Therefore, System > Support is the correct and only valid answer.



A BIG-IP Administrator observes the following messages in the /var/log/ltm log:

warning tmm[pid]: 011e0002: sweeper_segment_cb_any: Aggressive mode /Common/default- eviction-policy activated (0) (global memory) (345209/690176 pages)

warning tmm[pid]: 011e0003: Aggressive mode sweeper /Common/default-eviction-policy (0) (global memory) 1 connections killed warning tmm[pid]: 011e0003: Aggressive mode sweeper /Common/default-eviction-policy (0) (global memory) 1 connections killed warning tmm[pid]: 011e0003: Aggressive mode sweeper /Common/default-eviction-policy (0) (global memory) 1 connections killed

What is happening when the BIG-IP Administrator sees the messages displayed above? (Choose two answers)

  1. The global eviction policy is triggered due to TMM memory exhaustion
  2. The BIG-IP system starts reaping connections; all the connections will be dropped
  3. The BIG-IP system starts reaping connections; some connections will be dropped
  4. The global eviction policy is triggered due to swap memory being used too high

Answer(s): A,C

Explanation:

Comprehensive and Detailed 150 to 250 Words Explanation From BIG-IP Administration, Support, and Troubleshooting Documents:

These log messages indicate that the BIG-IP system's Traffic Management Microkernel (TMM) has entered aggressive eviction mode due to high global memory utilization.
When TMM memory consumption reaches critical thresholds, BIG-IP activates the default eviction policy to protect system stability and prevent a full traffic processing failure. This condition directly corresponds to Option A, where the global eviction policy is triggered because TMM memory resources are nearing exhaustion.

Once aggressive mode is activated, BIG-IP begins using the connection sweeper mechanism, which selectively terminates existing connections to free memory. The repeated log entries stating "1 connections killed" confirm that the system is reaping some connections, not all connections. This behavior matches Option C. The eviction process is incremental and controlled, targeting idle, low- priority, or least-recently-used connections first to minimize impact on active traffic.

Option B is incorrect because BIG-IP does not drop all connections during aggressive mode; it only removes enough connections to relieve memory pressure. Option D is also incorrect because TMM eviction is based on TMM global memory usage, not swap memory utilization. TMM does not rely on swap space in the same way the host Linux system does.

These messages are a critical warning sign that the system is under memory stress and may require traffic optimization, connection limits, or hardware scaling.



Viewing Page 2 of 7



Share your comments for F5 F5CAB5 exam with other users:

Gerard 6/29/2023 11:14:00 AM

good so far
Anonymous


Limbo 10/9/2023 3:08:00 AM

this is way too informative
BOTSWANA


Tejasree 8/26/2023 1:46:00 AM

very helpfull
UNITED STATES


Yolostar Again 10/12/2023 3:02:00 PM

q.189 - answers are incorrect.
Anonymous


Shikha Bakra 9/10/2023 5:16:00 PM

awesome job in getting these questions
AUSTRALIA


Kevin 10/20/2023 2:01:00 AM

i cant find aws certified practitioner clf-c01 exam in aws website but i found aws certified practitioner clf-c02 exam. can everyone please verify the difference between the two clf-c01 and clf-c02? thank you
UNITED STATES


D Mario 6/19/2023 10:38:00 PM

grazie mille. i got a satisfactory mark in my exam test today because of this exam dumps. sorry for my english.
ITALY


Bharat Kumar Saraf 10/31/2023 4:36:00 AM

some of the answers are incorrect. need to be reviewed.
HONG KONG


JP 7/13/2023 12:21:00 PM

so far so good
Anonymous


Kiky V 8/8/2023 6:32:00 PM

i am really liking it
Anonymous


trying 7/28/2023 12:37:00 PM

thanks good stuff
UNITED STATES


exampei 10/4/2023 2:40:00 PM

need dump c_tadm_23
Anonymous


Eman Sawalha 6/10/2023 6:18:00 AM

next time i will write a full review
GREECE


johnpaul 11/15/2023 7:55:00 AM

first time using this site
ROMANIA


omiornil@gmail.com 7/25/2023 9:36:00 AM

please sent me oracle 1z0-1105-22 pdf
BANGLADESH


John 8/29/2023 8:59:00 PM

very helpful
Anonymous


Kvana 9/28/2023 12:08:00 PM

good info about oml
UNITED STATES


Checo Lee 7/3/2023 5:45:00 PM

very useful to practice
UNITED STATES


dixitdnoh@gmail.com 8/27/2023 2:58:00 PM

this website is very helpful.
UNITED STATES


Sanjay 8/14/2023 8:07:00 AM

good content
INDIA


Blessious Phiri 8/12/2023 2:19:00 PM

so challenging
Anonymous


PAYAL 10/17/2023 7:14:00 AM

17 should be d ,for morequery its scale out
Anonymous


Karthik 10/12/2023 10:51:00 AM

nice question
Anonymous


Godmode 5/7/2023 10:52:00 AM

yes.
NETHERLANDS


Bhuddhiman 7/30/2023 1:18:00 AM

good mateial
Anonymous


KJ 11/17/2023 3:50:00 PM

good practice exam
Anonymous


sowm 10/29/2023 2:44:00 PM

impressivre qustion
Anonymous


CW 7/6/2023 7:06:00 PM

questions seem helpful
Anonymous


luke 9/26/2023 10:52:00 AM

good content
Anonymous


zazza 6/16/2023 9:08:00 AM

question 21 answer is alerts
ITALY


Abwoch Peter 7/4/2023 3:08:00 AM

am preparing for exam
Anonymous


mohamed 9/12/2023 5:26:00 AM

good one thanks
EGYPT


Mfc 10/23/2023 3:35:00 PM

only got thru 5 questions, need more to evaluate
Anonymous


Whizzle 7/24/2023 6:19:00 AM

q26 should be b
Anonymous