究極のガイドは303最新2023年12月04日時間限定!今すぐダウンロード! [Q189-Q212]

Share

究極のガイドは303最新2023年12月04日時間限定!今すぐダウンロード!

2023年最新のな厳密検証された合格させる303試験にはリアル問題と解答

質問 # 189
An LTM specialist needs to upgrade a VCMP quest in an HA Setup with minimum interruption for all VCMP guestinstances.
In which should the LTM Specialist perform this upgrade?

  • A. Failover all guests' active traffic-group to the other Host, Relicense the host, copy image to guest, create guest UCS, install and set boot location to new volume , reboot
  • B. Relicense the host. Failover all guest's active traffic-groups to the other host, copy image to gest, create guest UCS install and set boot location to new volume, reboot
  • C. Failover this specific guest's active traffic-group to the other Host, Relicense the guest, copy image to guest , create guest UCS, install and set boot location to new volume, reboot
  • D. Failover all guests' active traffic-group to the other host, copy image to guest, create guest UCS install and set boot location to new volume, reboot, Relicense the host

正解:A

解説:
Explanation
Switch guest, reactive, license first and then upgrade.


質問 # 190
An TLM Specialist has an Exchange that must use the LTM device to route traffic to the internet.
Which SNAT/NAT configure allows the Exchange server's traffic access the internet through the LTM device?

  • A. NAT
  • B. SNAT List
  • C. SNAT Automap
  • D. SNAT Pool

正解:B


質問 # 191
A virtual server is using a TCP profile based on thetop-wan-optimized profile for a streaming application Users report videos are loading slowly.
Which setting should be modified in the TCP profile to optimize the application?

  • A. Disable Slow Start
  • B. Disable Selective ACKs
  • C. Disable Reset on Timeout
  • D. Disable Nagle's Algorithm

正解:A


質問 # 192
An TLM Specialist needs to configure a virtual server to terminate SSL connection on the LTM device.
Cryptographic information must be re-authorized for SSL sessions that remain open for longer than 30 seconds.
Which settings should the LTM Specialist configure in the client SSL profile?

  • A. set the Renegotiate Period to 30 seconds
  • B. set the Renegotiate Max Record Delay to 30
  • C. set the Handshake Timeout to 30 seconds
  • D. enable Require Peer SN1 Support

正解:A


質問 # 193
The active LTM device in a high-availability (HA) pair performs a failover at the same time the network team reports an outage of a switch on the network.
Which two items could have caused the failover event? (Choose two.)

  • A. the standby LTM that lost connectivity on the failover VLAN
  • B. the standby LTM that was rebooted
  • C. an Auditor role that has access to the GUI
  • D. a monitor on a pool in an HA group
  • E. a VLAN fail-safe setting

正解:D、E


質問 # 194
A BIG-IP device is configured with both an internal external and two Corporate VLANs. The virtual server has SNAT enabled and is set to listen on all VLANs Auto Last Hop is disabled. The Corporate users are on
10.0.0.0./24 and 172.16.0.0/12. The BIG-IP has a Self-IP on the 1.0.0.0.0./24 subnet.
Internet users are able to access the virtual server. Only some of the Corporate users are able to connect to the virtual server A BIG-IP Administrator performs a tcpdump on the BIG-IP and verifies that traffic is arriving from users in 10.0.0.0/24.
What should the BIG-IP Administrator do to correct this behaviour?

  • A. Modify the default route of the servers to point to the BIG-IP device
  • B. Add a static route for the 172.16.0.0/12 subnet
  • C. Disable the server on the internal VLAN
  • D. Change the default route to point to the extra firewall

正解:B


質問 # 195
-- Exhibit -


-- Exhibit --
Refer to the exhibits.
After upgrading LTM from v10 to v11, users are unable to connect to an application. The virtual server is using a client SSL profile for re-terminating SSL for payload inspection, but a server SSL profile is being used to re-encrypt the request.
A client side ssldump did NOT show any differences between the traffic going directly to the server and the traffic being processed by the LTM device. However, packet capture was done on the server, and differences were noted.
Which modification will allow the LTM device to process the traffic correctly?

  • A. Change to different ciphers on the server SSL profile.
  • B. Enable Strict Resume.
  • C. Change Secure Renegotiation to "Request."
  • D. Enable ProxySSL option in the server SSL profile.

正解:C


質問 # 196
Which command will identify the active LTM device currently handling client traffic?

  • A. tmsh show /cm traffic-group
  • B. tmsh run /sys failover standby
  • C. b ha table show
  • D. tmsh list /sys ha-status
  • E. tmsh show /sys ha-status all-properties

正解:A


質問 # 197
Refer to the exhibit.

A BIG-IP Administrator needs to fall over the active device. The administrator logs into the Configuration Unity and navigates to Device Management > Traffic Group. However, Force to Standby is greyed out What is causing this issue?

  • A. The BIG-IP Administrator is on the Standby Device
  • B. The BIG-IP Administrator is NOT logged into command line to tail over
  • C. The BIG-IP Administrator is logged in as root
  • D. The BIG-IP Administrator is logged in as administrator

正解:A


質問 # 198
A BIG-IP Administrator is checking the BIG-IP device for known vulnerabilities. What should the 8IG-IP Administrator upload to BIG-IP iHealth for further analysis?

  • A. UCS
  • B. QKView
  • C. tcpdump
  • D. EUD

正解:B


質問 # 199
-- Exhibit -

-- Exhibit --
Refer to the exhibit.
An LTM Specialist is troubleshooting a sync-failover group of three BIG-IP LTM devices. The command used is "tmsh run cm watch-devicegroup-device." What does the output mean?

  • A. Configuration is synchronized between all the devices.
  • B. Configuration is not synchronized. Some modifications have been done on bigipB.
  • C. Configuration is not synchronized. Some modifications have been done on bigipA.
  • D. Configuration is not synchronized. Some modifications have been done on bigipC.

正解:B


質問 # 200
A device on the network is configured with the same IP address as the management address of the active LTM device, causing the management GUI to be inaccessible.
Which two methods should the LTM Specialist use to access the LTM device in order to change the management IP address? (Choose two.)

  • A. Connect a monitor and keyboard to the LTM device.
  • B. Connect via ssh to the AOM IP address.
  • C. Connect via ssh to the management address.
  • D. Connect to the LTM device via serial connection.
  • E. Connect via ssh to the standby unit and connect via ssh across the serial link between the devices.

正解:B、D


質問 # 201
An LTM Specialist must perform a packet capture on a virtual server with an applied standard FastL4 profile.
The virtual server 10.0.0.1:443 resides on vlan301.
Which steps should the LTM Specialist take to capture the data payload successfully while ensuring no other virtual servers are affected?

  • A. The packet capture tcpdump -ni vlan301 should be executed on the command line interface. There is no need to change profiles or PVA acceleration.
  • B. A new FastL4 profile should be created and applied to the virtual server with PVA acceleration disabled.
    Then the packet capture tcpdump -ni vlan301 should be executed on the command line interface.
  • C. The standard FastL4 profile should have PVA acceleration disabled. Then the packet capture tcpdump
    -ni vlan301 should be executed on the command line interface.
  • D. The LTM device is under light load. The traffic should be mirrored to a dedicated sniffing device. On the sniffing device, the packet capture tcpdump -ni vlan301 should be executed.

正解:B


質問 # 202
A OneConnect profile is applied to a virtual server. The LTM Specialist would like the client source IP addresses within the 10.10.10.0/25 range to reuse an existing server side connection.
Which OneConnect profile source mask should the LTM Specialist use?

  • A. 255.255.255.128
  • B. 255.255.255.224
  • C. 0.0.0.0
  • D. 255.255.255.0
  • E. 255.255.255.255

正解:A


質問 # 203
A BIG-IP Administrator must determine if a Virtual Address is configured to fail over to the standby member of a device group in which area of the Configuration Utility can this be confirmed?

  • A. Local Traffic > Virtual Servers
  • B. Device Management > Overview
  • C. Device Management > Traffic Groups
  • D. Device Management > Devices

正解:A


質問 # 204
-- Exhibit -

-- Exhibit --
Refer to the exhibit.
Users report that a web application works incorrectly. Sometimes contextual data displayed on the web pages is accurate; other times it is inaccurate.
The LTM administrator looks at the connection table with a filter on one of the client IP addresses currently connected using the command "tmsh show sys connection cs-client-addr 10.0.20.1" with the following results:
10.0.20.1:60048 10.0.20.88:80 10.0.20.1:60048 172.16.20.1:80 tcp 3 (tmm: 0)
10.0.20.1:60050 10.0.20.88:80 10.0.20.1:60050 172.16.20.3:80 tcp 3 (tmm: 0)
10.0.20.1:60047 10.0.20.88:80 10.0.20.1:60047 172.16.20.2:80 tcp 3 (tmm: 0)
10.0.20.1:60049 10.0.20.88:80 10.0.20.1:60049 172.16.20.1:80 tcp 3 (tmm: 0) What is the solution to the problem?

  • A. Synchronize the clock of the LTM device with NTP.
  • B. Modify the setup of the monitor bound to the pool used by the application.
  • C. Set up an HTTP cookie insert profile in the virtual server.
  • D. Modify the load balancing method attached to the pool.

正解:C


質問 # 205
New Syslog servers have been deployed in an organization. The BIG-IP Administrator must reconfigure the BIG-IP system to send log messages to these servers.
In which location in the Configuration Utility can the BIG-IP Administrator make the needed configuration changes to accomplish this?

  • A. System > Logs > Audit
  • B. System > Configuration > Local Traffic
  • C. System > Logs > Configuration
  • D. System > Configuration > Device

正解:C


質問 # 206
The LTM device is configured to provide load balancing to a set of web servers that implement access control lists (ACL) based on the source IP address of the client. The ACL is at the network level and the web server is configured to send a TCP reset back to the client if it is NOT permitted to connect.
The virtual server is configured with the default OneConnect profile.
The ACL is defined on the web server as:
Permit: 192.168.136.0/24
Deny: 192.168.116.0/24
The packet capture is taken of two individual client flows to a virtual server with IP address 192.168.136.100.
Client A - Src IP 192.168.136.1 - Virtual Server 192.168.136.100:
Clientside:
09:35:11.073623 IP 192.168.136.1.55684 > 192.168.136.100.80: S 869998901:869998901(0) win 8192 <mss
1460,nop,wscale 2,nop,nop,sackOK>
09:35:11.073931 IP 192.168.136.100.80 > 192.168.136.1.55684: S 2273668949:2273668949(0) ack
869998902 win 4380 <mss 1460,nop,wscale 0,sackOK,eol>
09:35:11.074928 IP 192.168.136.1.55684 > 192.168.136.100.80: . ack 1 win 16425
09:35:11.080936 IP 192.168.136.1.55684 > 192.168.136.100.80: P 1:299(298) ack 1 win 16425
09:35:11.081029 IP 192.168.136.100.80 > 192.168.136.1.55684: . ack 299 win 4678 Serverside:
09:35:11.081022 IP 192.168.136.1.55684 > 192.168.116.128.80: S 685865802:685865802(0) win 4380 <mss
1460,nop,wscale 0,sackOK,eol>
09:35:11.081928 IP 192.168.116.128.80 > 192.168.136.1.55684: S 4193259095:4193259095(0) ack
685865803 win 5840 <mss 1460,nop,nop,sackOK,nop,wscale 6>
09:35:11.081943 IP 192.168.136.1.55684 > 192.168.116.128.80: . ack 1 win 4380
09:35:11.081955 IP 192.168.136.1.55684 > 192.168.116.128.80: P 1:299(298) ack 1 win 4380
09:35:11.083765 IP 192.168.116.128.80 > 192.168.136.1.55684: . ack 299 win 108 Client B - Src IP 192.168.116.1 - Virtual Server 192.168.136.100:
Clientside:
09:36:11.244040 IP 192.168.116.1.55769 > 192.168.136.100.80: S 3320618938:3320618938(0) win 8192
<mss 1460,nop,wscale 2,nop,nop,sackOK>
09:36:11.244152 IP 192.168.136.100.80 > 192.168.116.1.55769: S 3878120666:3878120666(0) ack
3320618939 win 4380 <mss 1460,nop,wscale 0,sackOK,eol>
09:36:11.244839 IP 192.168.116.1.55769 > 192.168.136.100.80: . ack 1 win 16425
09:36:11.245830 IP 192.168.116.1.55769 > 192.168.136.100.80: P 1:299(298) ack 1 win 16425
09:36:11.245922 IP 192.168.136.100.80 > 192.168.116.1.55769: . ack 299 win 4678 Serverside:
09:36:11.245940 IP 192.168.136.1.55684 > 192.168.116.128.80: P 599:897(298) ack 4525 win 8904
09:36:11.247847 IP 192.168.116.128.80 > 192.168.136.1.55684: P 4525:5001(476) ack 897 win 142 Why was the second client flow permitted by the web server?

  • A. The idle TCP session from the first client was re-used.
  • B. SNAT automap was enabled on the virtual server.
  • C. A global SNAT is defined.
  • D. A source address persistence profile is assigned to the virtual server.

正解:A


質問 # 207
An LTM Specialist has just captured trace /var/tmp/trace.cap for site www.example.com while listening on virtual address 10.0.0.1:443 configured on partition ApplicationA. The data payload being captured is SSL encrypted.
Which command should the LTM Specialist execute to decrypt the data payload?

  • A. ssldump -Aed -nr /var/tmp/trace.cap -k
    /config/filestore/files_d/ApplicationA_d/certificate_d/:ApplicationA:www.example.com.crt_1
  • B. ssldump -Aed -nr /var/tmp/trace.cap -k
    /config/filestore/files_d/ApplicationA_d/certificate_key_d/:ApplicationA:www.example.com.key_1
  • C. ssldump -Aed -nr /var/tmp/trace.cap -k
    /config/filestore/files_d/Common_d/certificate_key_d/:Common:www.example.com.key_1
  • D. ssldump -Aed -nr /var/tmp/trace.cap -k
    /config/filestore/files_d/Common_d/certificate_d/:Common:www.example.com.crt_1

正解:C


質問 # 208
A BIG-IP Administrator uses a device group to share the workload and needs to perform service on a BIG-IP device currently active for a traffic group. The administrator needs to enable the traffic group to run on another BIG-IP device in the device group. What should the administrator do to meet the requirement?

  • A. Select Traffic Group on Primary Unit and then select Demote
  • B. Select Traffic Group and then select Force to Standby
  • C. Create a new Traffic Group and then fail to Standby Unit
  • D. Select Traffic Group and then select Failover

正解:B


質問 # 209
Refer to the exhibit.

An LTM device has a virtual server mapped to www.f5.com. Users report that when they connect to
/resources/201.1.2h.l_l.com they are unable to receive content.
What is the likely cause of the issue?

  • A. The virtual address does not have ARP enabled.
  • B. The pool associated with the virtual server does not have priority group activation enabled.
  • C. The pool associated with the virtual server is falling its health check.
  • D. The virtual address does not have route advertising enabled.

正解:A


質問 # 210
An SSL application is being migrated to the LTM device. Both encrypted and unencrypted traffic are accepted by the server. The virtual server configuration is as follows:

Which LTM device profile should be used on the LTM device to reduce the CPU load on the current.

  • A. serverssl
  • B. clientsssl
  • C. Protocol
  • D. stream

正解:B


質問 # 211
Refer to the exhibit.

The BIG-IP Administrator is investigating disk utilization on the BIG-IP device.
What should the BIG-IP Administrator check next?

  • A. Results from the platform diagnostics test
  • B. Large files on /usr file system
  • C. Results from the EUD test
  • D. Large files on the / file system

正解:D


質問 # 212
......

問題集全額返金保証付き!303問題公式問題集:https://jp.fast2test.com/303-premium-file.html

厳密検証された303試験問題集PDF[2023年最新] 時間限定無料アクセスFast2test:https://drive.google.com/open?id=1wONd2s1qxbWHd8J5OSvsv7HEKtA4bzQe


弊社を連絡する

我々は12時間以内ですべてのお問い合わせを答えます。

我々の働いている時間: ( GMT 0:00-15:00 )
月曜日から土曜日まで

サポート: 現在連絡 

English Deutsch 繁体中文 한국어