CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. F5
  5. 301b

Free 301b Exam Braindumps (page: 11)

Page 11 of 53
PDF with 210 Questions

Given this as the first packet displayed of an ssldump:
2 2 1296947622.6313 (0.0001) S>CV3.1(74) Handshake
ServerHello
Version 3.1
random[32]=
19 21 d7 55 c1 14 65 63 54 23 62 b7 c4 30 a2 f0
b8 c4 20 06 86 ed 9c 1f 9e 46 0f 42 79 45 8a 29
session_id[32]=
c4 44 ea 86 e2 ba f5 40 4b 44 b4 c2 3a d8 b4 ad
4c dc 13 0d 6c 48 f2 70 19 c3 05 f4 06 e5 ab a9
cipherSuite TLS_RSA_WITH_RC4_128_SHA
compressionMethod NULL
In reviewing the rest of the ssldump, the application data is NOT being decrypted.
Why is ssldump failing to decrypt the application data?

  1. The application data is encrypted with SSLv3.
  2. The application data is encrypted with TLSv1.
  3. The data is contained within a resumed TLS session.
  4. The BigDB Key Log.Tcpdump.Level needs to be adjusted.

Answer(s): C



An LTM Specialist is troubleshooting virtual server 10.0.0.1:443 residing on VLAN vlan301. The web application is accessed via www.example.com. The LTM Specialist wants to save a packet capture with complete decrypted payload for external analysis.
Which command should the LTM Specialist execute on the LTM device command line interface?

  1. tcpdump -vvv -s 0 'host 10.0.0.1 and port 443' -w /var/tmp/trace.cap
  2. tcpdump -vvv -s 0 -ni vlan301 'host 10.0.0.1 and port 443' -w /var/tmp/trace.cap
  3. ssldump -Aed -k
    /config/filestore/files_d/Common_d/certificate_key_d/:Common:www.example.com.key_1 > /var/tmp/trace.cap
  4. ssldump -Aed -ni vlan301 -k
    /config/filestore/files_d/Common_d/certificate_key_d/:Common:www.example.com.key_1 > /var/tmp/trace.cap

Answer(s): D



An application is configured on an LTM device:
Virtual server: 10.0.0.1:80 (VLAN vlan301)
SNAT IP: 10.0.0.1
Pool members: 10.0.1.1:8080, 10.0.1.2:8080, 10.0.1.3:8080 (VLAN vlan302)
Which packet capture should the LTM Specialist perform on the LTM device command line interface to capture only server traffic specifically for this application?

  1. tcpdump -ni 0.0:nnn -s 0 'host 10.0.0.1' -w /var/tmp/trace.cap
  2. tcpdump -ni vlan301 -s 0 'port 80 and host 10.0.0.1' -w /var/tmp/trace.cap
  3. tcpdump -ni vlan302 -s 0 'port 8080 and (host 10.0.1.1 or host 10.0.1.2 or host 10.0.1.3)' -w /var/tmp/trace.cap
  4. tcpdump -ni 0.0:nnn -s 0 '(port 80 and host 10.0.0.1) or (port 8080 and host 10.0.1.1 or host 10.0.1.2 or host 10.0.1.3)' -w /var/tmp/trace.cap

Answer(s): C



An LTM Specialist sees these entries in /var/log/ltm:
Oct 25 03:34:31 tmm warning tmm[7150]: 01260017:4: Connection attempt to insecure SSL server (see RFC5746) aborteD. 172.16.20.1:443
Oct 25 03:34:32 tmm warning tmm[7150]: 01260017:4: Connection attempt to insecure SSL server (see RFC5746) aborteD. 172.16.20.1:443
Oct 25 03:34:32 tmm warning tmm[7150]: 01260017:4: Connection attempt to insecure SSL server (see RFC5746) aborteD. 172.16.20.1:443
Oct 25 03:34:32 tmm warning tmm[7150]: 01260017:4: Connection attempt to insecure SSL server (see RFC5746) aborteD. 172.16.20.1:443
Oct 25 03:34:32 tmm warning tmm[7150]: 01260017:4: Connection attempt to insecure SSL server (see RFC5746) aborteD. 172.16.20.1:443
Oct 25 03:34:33 tmm warning tmm[7150]: 01260017:4: Connection attempt to insecure SSL server (see RFC5746) aborteD. 172.16.20.1:443
Assume 172.16.20.0/24 is attached to the VLAN "internal."
What should the LTM Specialist use to troubleshoot this issue?

  1. curl -d - -k https://172.16.20.1
  2. ssldump -i internal host 172.16.20.1
  3. tcpdump -i internal host 172.16.20.1 > /shared/ssl.pcap ssldump < /shared/ssl.pcap
  4. tcpdump -s 64 -i internal -w /shared/ssl.pcap host 172.16.20.1 ssldump -r /shared/ssl.pcap

Answer(s): B



Page 11 of 53



Post your Comments and Discuss F5 301b exam with other Community members:

jay commented on April 26, 2024
I think Q2 answer is B.sharing not C.Reduction.
KOREA REPUBLIC OF
upvote

Awad commented on April 21, 2024
In my struggles to pass this freaking exam, I found this website. Their guide became my lifeline. The purchase process was very easy and secure. I downloaded my study package and studied for 3 weeks. Come test day, I faced it with newfound confidence. The result? An 91% score—a testament to preparation and determination.
UNITED STATES
upvote

Mary commented on April 20, 2024
Thank you seems many of them appeared in practice exam for 04/2024 too
POLAND
upvote

ethan commented on September 24, 2023
could you please upload practice questions for scr exam ?
HONG KONG
upvote

ethan commented on September 24, 2023
could you please upload practice questions for SCR exam ?
HONG KONG
upvote