Reading...
Play button
Play button
Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
166 Cards in this Set
- Front
- Back
|
Are BIG-IP devices shipped with a license?
|
No.
|
|
|
Prior to licensing and configuring the system, how can you access the device?
|
Via the management ethernet port, or the serial console.
|
|
|
In what files are LTM configuration settings stored?
|
/config/bigip.conf
/config/bigip_base.conf /config/BigDB.dat |
|
|
Where is the BIG-IP license stored?
|
/config/bigip.license
|
|
|
What file can be used to restrict access by IP to certain daemons?
|
/etc/hosts.allow
|
|
|
What file can be used to specifically restrict HTTPD access to the BIG-IP?
|
/config/httpd/conf/httpd.conf
|
|
|
What is the default idle timeout for TCP?
|
300 seconds
|
|
|
What is the default idle timeout for FastL4?
|
300 seconds
|
|
|
What is the default idle timeout for UDP?
|
60 seconds
|
|
|
What tasks does a the standard connection reaper perform?
|
Removes connections from the connections table after a configurable idle timeout.
|
|
|
Where is the idle timeout for a connection set?
|
In the transport profile that applies to that session.
|
|
|
What is the adaptive reaper?
|
A custom connection reaper whose behavior is based on system memory utilization thresholds.
|
|
|
What happens when the low water mark memory threshold is reached?
|
Half-open connections are deleted from the connections table first. If that doesn't bring memory below the low water mark, then idle timeout reaping becomes more aggressive until memory utilization is below the low water mark.
|
|
|
What happens when the high water mark memory threshold is reached?
|
The system stops accepting new connections until the memory usage drops below the low water mark.
|
|
|
To disable adaptive reaping, what needs to be done?
|
Set the low and high water marks to 100%
|
|
|
What is the default low water mark for memory utilization?
|
85%
|
|
|
What is the default high water mark for memory utilization?
|
95%
|
|
|
Do adaptive reaper settings apply to SSL connections?
|
No, but normal connection reaper idle timeouts do.
|
|
|
When are adaptive reaper log messages sent?
|
Whenever adaptive reaping is entered or exited.
|
|
|
What is the rate limit on adaptive reaper log messages?
|
One per ten seconds.
|
|
|
When the adaptive reaper high water mark is met, what is displayed on the LCD on the front of the BIG-IP?
|
"Blocking DOS Attack"
|
|
|
By default, what is the minimum value allowed for the adaptive reaper high water mark?
|
85
|
|
|
By default, what is the minimum value allowed for the Adaptive Reaper low water mark?
|
70
|
|
|
What variable in BigDB.dat contains settings for the adaptive reaper low water mark?
|
[Connection.AdaptiveReaper.Lowater]
|
|
|
What variable in BigDB.dat contains settings for the adaptive reaper high water mark?
|
[Connection.AdaptiveReaper.Hiwater]
|
|
|
What is the purpose of the SYN Check feature on the LTM?
|
To alleviate SYN flood attacks.
|
|
|
How does the SYN Check feature function?
|
Sends information about a flow as cookies to a client, so that the SYN-RECEIVED state does not need to be maintained on the LTM.
|
|
|
What variable in BigDB.dat contains SYN Check settings?
|
[Connection.SynCookies.Threshold]
|
|
|
What is the SYN Check Activation Threshold?
|
A variable that determines the number of connections that need to be on the LTM before SYN Check is enabled.
|
|
|
What is the default setting for the SYN Check Activation Threshold?
|
16,384
|
|
|
To disable SYN Check, what needs to be done?
|
Set the SYN Check Activation Threshold to 0.
|
|
|
What services and protocols do the default port lockdown settings allow, in 9.3.x versions?
|
UDP:
53 (DNS) 161 (SNMP) 520 (RIP) 4353 (iQuery) TCP: 22 (SSH) 53 (DNS) 161 (SNMP) 443 (HTTPS) 4353 (iQuery) IP Protocol: 89 (OSPF) |
|
|
Why do some versions display "efs" as the service type for UDP port 520?
|
This is an error in the /etc/services file. It has been corrected in 9.4.6.
|
|
|
What service was added to the default port lockdown list in version 9.4.5?
|
UDP port 1026 (Network Failover)
|
|
|
Where are port lockdown settings stored?
|
Settings for floating self IP addresses are stored in /config/bigip.conf, and settings for non-floating self IP addresses are stored in /config/bigip_base.conf
|
|
|
What file can be modified to restrict SSH access to specific IP addresses?
|
/etc/hosts.allow
|
|
|
In the following line from hosts.allow, what addresses are allowed?
sshd: 192.168.21. 192.168.20. 172.16.16.31 |
192.168.21.0/24, 192.168.20.0/24, and 172.16.16.31
|
|
|
What is the configuration of the /etc/hosts.allow file by default?
|
Allow any hosts.
|
|
|
In what order are the lines of /etc/hosts.allow evaluated?
|
In the order they appear in the file.
|
|
|
In 4.x and earlier versions of BIG-IP software, what was used for packet filtering?
|
ipfw
|
|
|
What are the three steps for configuring packet filters?
|
1) Enable packet filters.
2) Define global packet filter settings 3) Define filter rules |
|
|
What are the four possible actions in a packet filter rule?
|
Accept, discard, reject, continue.
|
|
|
What are the possible match parameters for packet filter exemptions?
|
MAC address, IP address, VLAN.
|
|
|
What is the standard use for the "continue" action in packet filters?
|
Logging.
|
|
|
In /config/bigip.conf, where does the order number assigned to packet filter rules come from?
|
The order value comes from the position of the rule in the GUI (or is manually assigned via bigpipe). If using the GUI, the order is the rule number times 5 (5 for rule 1, 10 for rule 2, etc.)
|
|
|
Where are the general properties for packet filters stored?
|
/config/BigDB.dat
|
|
|
What variable determines the threshold at which the SYN Check feature is activated?
|
Connection.SynCookies.Threshold in /config/BigDB.dat
|
|
|
What is the default value of the SYN Check activation threshold?
|
16,384
|
|
|
How can the SYN Check feature be disabled?
|
Set the value of Connection.SynCookies.Threshold in /config/BigDB.dat to 0.
|
|
|
What are the four common methods to define members of a VLAN?
|
Port, MAC, VLAN Tag, VLAN Name
|
|
|
What method does the BIG-IP LTM use for VLAN tagging?
|
802.1q -- This is not compatible with Cisco ISL tagging.
|
|
|
If VLAN tagging is used, what are the default VLAN tags for the "internal" and "external" VLANs?
|
Internal: 4093
External: 4094 |
|
|
In order for failover to occur, how many trunked interface in a single trunked group must fail?
|
All of them.
|
|
|
How many total interfaces should be placed in a trunk?
|
Any power of two, for example: 1, 2, 4, or 8.
|
|
|
If selecting the "Allow Default" Port Lockdown settings for a self-IP, what UDP and TCP services are allowed?
|
UDP: DNS(53), SNMP(161), RIP(520), iQuery(4353)
TCP: SSH(22), DNS(22), SNMP(161), HTTPS(443), iQuery(4353) |
|
|
What file can be modified to allow only specific hosts to connect via SSH?
|
/etc/hosts.allow
|
|
|
What is the default packet filter action for unhandled packets?
|
Allow.
|
|
|
What are the three general steps for configuring packet filters on the LTM?
|
1. Enable packet filters
2. Define global settings 3. Define specific filter rules |
|
|
What four actions can a packet filter rule perform?
|
Accept, Discard, Reject, Continue
|
|
|
What syntax do LTM packet filter rules use?
|
libpcap -- the same format used by tcpdump.
|
|
|
In what file are the actual packet filter rules stored on an LTM?
|
/config/bigip.conf
|
|
|
What file holds general packet filter rules, including whether packet filters are enabled?
|
/config/BigDB.dat
|
|
|
Generally speaking, what is the syntax of using tcpdump?
|
tcpdump <switches> <filters>
|
|
|
What is the default output file for the qkview script?
|
/var/tmp/hostname-tech.out
|
|
|
What command can be used to limit the underlying command resource utilization of qkview?
|
nice
|
|
|
What is the lowest possible priority you can use with the "nice" command?
|
19
|
|
|
What is the default refresh timeout for the bigtop command?
|
4 seconds
|
|
|
In the node status section of the bigtop command, what is the short-lived state indicating that no test has succeeded *or* timed out?
|
CHKG
|
|
|
In the node status section of the bigtop command, what status indicates that a node is not configured for any type of service checking?
|
UNCKD
|
|
|
If you want to display the In and Out statistics of the bigtop command in bytes instead of bits, what option should you pass to the bigtop command?
|
-bytes
|
|
|
If you want to display the In and Out statistics of the bigtop command in packets instead of bits, what option should you pass to the bigtop command?
|
-pkts
|
|
|
To display the Conn statistics of the bigtop command in requests instead of connections, what option should you pass to the bigtop command?
|
-reqs
|
|
|
If you don't want bigtop to display any virtual server data, what option should you pass to the bigtop command?
|
-vips 0
|
|
|
If you don't want bigtop to display any node data, what option should you pass to the bigtop command?
|
-nodes 0
|
|
|
If you want bigtop to display data once and then exit, what option should you pass to the bigtop command?
|
-once
|
|
|
What bigtop option determines the number of seconds between refreshes?
|
-delay <value>
|
|
|
What bigtop option disables fullscreen (cursers) mode?
|
-scroll.
|
|
|
What bigtop option disables sorting?
|
-nosort
|
|
|
What bigtop option changes the sort method to connection count?
|
-conn
|
|
|
What is the default sort method for the bigtop command?
|
Byte/bit count
|
|
|
What bigtop option changes the sort method to count since last sample?
|
-delta
|
|
|
What bigtop option disables name resolution and prints IP addresses and service names in numeric format?
|
-n
|
|
|
What two optional command components can be passed to the bigstart command?
|
An action and a process name.
|
|
|
If an action is specified in the bigstart command, but a process is not, what is the effect?
|
The action is applied to all "default" processes.
|
|
|
What bigstart action can be used to add a list of processes to those that are initialized at boot time?
|
add
|
|
|
What bigstart action is used to remove a process from those that are initialized at boot time?
|
del or remove
|
|
|
What bigstart action is used to add a process or list of processes to the "default" list?
|
add --default
|
|
|
What bigstart action is used to remove a process from the "default" list?
|
del --default or remove --default
|
|
|
What bigstart action is not recommended but used to remove a process from those that are managed by bigstart?
|
erase
|
|
|
What bigstart action is used to stop a process if stop or shutdown fail to stop the process?
|
kill
|
|
|
What bigstart option lists all processes and their startup state?
|
list
|
|
|
What bigstart option lists memory status, maximum available, and current usage for listed processes?
|
memstat
|
|
|
What bigstart action reinitializes listed processes?
|
reinit
|
|
|
What bigstart action shuts down and restarts listed processes?
|
restart
|
|
|
What bigstart actions shut down listed processes?
|
shutdown or stop
|
|
|
What bigstart actions start up listed processes?
|
startup or start
|
|
|
What bigstart action displays the process ID and current uptime for listed processes?
|
status
|
|
|
What bigstart actions cannot act on "default" processes and must have processes explicitly listed?
|
erase, kill, reinit
|
|
|
What are the two parts of a log message that it is defined by?
|
Facility and level
|
|
|
What are the facilities used by system log messages?
|
authpriv
auth cron daemon kern news user local0 through local7 |
|
|
What are the log levels, from highest severity to lowest?
|
emerg
alert crit err warning notice info debug |
|
|
What type of events is the local0 facility used for?
|
Local Traffic Manager events
|
|
|
What type of events is the local1 facility used for?
|
Enterprise Manager events
|
|
|
What type of events is the local2 facility used for?
|
Global Traffic Manager events
|
|
|
What type of events is the local3 facility used for?
|
Application Security Manager events
|
|
|
What type of events is the local4 facility used for?
|
iControl events
|
|
|
What type of events is the local5 facility used for?
|
Packet filter events
|
|
|
What type of events is the local6 facility used for?
|
Web and SSL module events
|
|
|
What type of events is the local7 facility used for?
|
System boot events
|
|
|
In LTM version 9.0.0 to 9.0.4, what file is used for logging configuration?
|
/etc/syslog/conf
|
|
|
In LTM version 9.0.5 and forward, what file is used for logging configuration?
|
/etc/syslog-ng/syslog-ng.conf
|
|
|
By default, how many days worth of log files does the BIG-IP LTM store?
|
Today's logs and the previous eight days' logs.
|
|
|
When are BIG-IP LTM log files rotated?
|
Daily or when the files reach a maximum size.
|
|
|
What type of events are contained in the Local Traffic Management log files?
|
All local0.* events.
|
|
|
By default, what files contain the Local Traffic Management logs?
|
/var/log/ltm
|
|
|
What type of events are contained in the system log files?
|
All kern.* events.
|
|
|
By default, what files contain the system logs?
|
/var/log/messages
|
|
|
What type of events are contained in the Enterprise Manager log files?
|
local1.* events
|
|
|
By default, what files contain the Enterprise Manager logs?
|
/var/log/em
|
|
|
By default, what type of events are contained in the GTM log files?
|
local2.* events
|
|
|
By default, what type of events are contained in the Security Manager log files?
|
local3.* events
|
|
|
By default, what type of events are contained in the packet filter log files?
|
local5.* events
|
|
|
By default, what type of events are contained in the configuration utility error log?
|
local6.* events
|
|
|
By default, what type of events are contained in the boot log files?
|
local7.* events
|
|
|
By default, what file contains the GTM logs?
|
/var/log/gtm
|
|
|
By default, what file contains the Application Security Manager logs?
|
/var/log/asm
|
|
|
By default, what file contains the iControl log files?
|
/var/log/ltm
|
|
|
By default, what file contains the packet filter log files?
|
/var/log/pktfilter
|
|
|
By default, what file contains the configuration utility error logs?
|
/var/log/httpd/httpd_errors
|
|
|
By default, what file contains the boot log files?
|
/var/log/boot.log
|
|
|
What is the bigpipe command to specify a destination for a remote syslog server?
|
bigpipe syslog remote server x.x.x.x
|
|
|
What common term does the SNMP term "Community Strings" most closely coincide with?
|
Password
|
|
|
What common term does the SNMP term "Sink" most closely coincide with?
|
Destination IP address
|
|
|
What type of administrator has full access to the local traffic section of the configuration utility (all partitions), but read-only access to the network and system sections?
|
Resource administrator.
|
|
|
What are the nine authorization roles on an LTM?
|
1) Administrator
2) Resource Administrator 3) User Manager 4) Manager 5) Application Security Editor 6) Application Editor 7) Operator 8) Guest 9) No access |
|
|
What is the default role given to a user that is authenticated remotely with no specific account on the LTM system?
|
No Access
|
|
|
What authorization roles can be configured to allow a user to access the advanced CLI shell?
|
Administrator or Resource Administrator
|
|
|
What is the name of the one partition that exists on an LTM system by default?
|
Common
|
|
|
What partition's objects can be referenced by objects in other partitions?
|
The Common partition
|
|
|
How do you move an object from one partition to another?
|
You can't. You have to delete the object from the first partition and recreate it in the second partition.
|
|
|
What three monitors does the LTM have that are specifically designed to determine a server's service levels for use with dynamic load balancing?
|
1) WMI (Windows Management Instrumentation)
2) Real_Server (Real Server traffic loads) 3) SNMP_dca (SNMP Data Collection Agent) |
|
|
In what directory should the script files used for scripted monitors be saved?
|
/config/eav
|
|
|
What two types of statements does a script for a scripted monitor contain?
|
"send" and "expect" statements.
|
|
|
Where are the external service checker programs for EAV monitors located?
|
/usr/bin/monitors
|
|
|
What checks does an FTP monitor attempt?
|
An FTP monitor attempts to download a specified file to /var/tmp. If the file is retrieved, the check is considered successful.
|
|
|
What data must be supplied to an FTP monitor?
|
user name, password, full path to a file to be retrieved
|
|
|
What is required for an IMAP monitor check to be successful?
|
The monitor must be able to log into the IMAP server and open a specified mail folder.
|
|
|
What data must be supplied to the IMAP monitor?
|
user name, password, folder name.
|
|
|
What security settings are available for an LDAP monitor?
|
SSL, TLS, none
|
|
|
What should you do first if you're trying to configure an MSSQL monitor, and you receive an error stating that the connection was refused?
|
Verify that the IP address and port number or service are correct.
|
|
|
What type of driver do you need to install on the LTM before performing a login for an MSSQL login?
|
A JDBC driver.
|
|
|
In an MSSQL monitor, what setting is optional and specifies a SQL query statement that the LTM should send to the MSSQL server?
|
The Send String
|
|
|
What data is required to run an NNTP monitor?
|
A newsgroup name, and username/password if necessary.
|
|
|
What is required in order for an NNTP monitor to be successful?
|
The monitor must be able to retrieve a newsgroup identification string from the server.
|
|
|
What information about the server must you configure in order to run a POP3 monitor?
|
Username and password
|
|
|
What response is required in order for a POP3 monitor to be successful?
|
The monitor must be able to connect to the POP3 server, log in as the indicated user, and log out.
|
|
|
What data is required to run a RADIUS monitor?
|
User name, password, shared secret string.
|
|
|
In a SIP monitor, what are the possible values for the "Mode" setting?
|
TCP, UDP
|
|
|
In a SIP monitor, what are the possible values for the "Additional Accepted Status Codes" setting?
|
Any, None, Status Code List...
|
|
|
What server behavior is required for an SMTP monitor to be successful?
|
The mail server must respond to HELO and QUIT commands.
|
|
|
What data must be provided to an SMTP monitor?
|
Domain
|
|
|
How can an admin modify the real_server monitor?
|
They cannot. Like all pre-configured monitors, the real_server monitor is not user-modifiable.
However, an admin can create a custom Real Server monitor, and modify the settings of that custom monitor. |
|
|
What type of load balancing generally uses performance monitors?
|
Dynamic Ratio Load Balancing
|
|
|
Except for Interval, Timeout, Alias Address, and Alias Service Port settings in monitors, what is important to remember when entering values for the settings?
|
All settings should be entered as quoted strings, even if they are numeric.
|
|
|
If both the Send String and Receive String in an http monitor are left blank, what kind of check is performed?
|
Only a simple connection check.
|
|
|
If a resource goes down, and that resource has a monitor assigned to it with Manual Resume set to "Yes," when will that resource be marked as available again?
|
Not until the administrator manually re-enables the resource.
|
