F5 BIG IP – 101 Exam Application delivery fundamentals (Tips and tricks)

Hello,

Here I come up with one another section of tips and tricks to pass the F5 BIG IP 101 Exam (Application delivery fundamentals) based on my own experience and the blogs I read on the internet :

  1. Most of the paper of 101 is based on networking fundamentals and is not easy like other vendors networking exam.
  2. One really need to understand the TCP/IP concepts. I remember one of the question from my exam asking the first packet number in TCP connection or how the source MAC address will be changed when packets transfers from point A to point B.
  3. Questions are story based where you are provided with a scenario and then you have to answer it.
  4. Since I was from the linux background with not much knowledge about networking, I read Applications delivery network by Philip and Steven and would highly recommend it.
  5. Also the study guide on F5 website is highly recommended. But do not just read this guide, also read in details or follow the links provided in this guide.
  6. The other resource which is helpful is CBT nuggets videos. Watching these videos can help to get speed up with learning BIG IP but they are not sufficient to pass this exam.
  7. During the exam, have a look at the clock. The time may tick away fast unlike other vendor exams where one has plenty of time.

All the very best for your exam and if you are still scared….remember, if you know the basics of networking, you will be through in this exam 🙂

I would love to hear the feedback from you and if you have any new tips for this exam. It would be very nice if you can share the exams topic after appearing in it. This may help other candidates.  🙂

I would not like to create dumps for the exam but just some help to our fellow friends. I will keep updating the below part as and when I will get new feedback from other exam taker.

Update : 02 July 2016 – Here are some more important topics from Jose for the exam.

vCPM
unsecure sslv3 tls 2 sslv2
flow on osi when sender
ethernet on what layer is 1-2 or 2-3
advantages between virtual and hardware
advantage of active/ standby

Update : 26 July 2016 – Here are some more important topics from David for the exam.

ipv6 correct address
ipv6 127.0.0.1 eq
mss , where is defined (syn-syn/ack-ack)
ftp active and passive
saml
ipsec/ssl
3 method for authentication (ex. ldap)
ldap syntax
dns syntax
http keep-alive
224.0.0.1 is used for?
TTL

 

Update : 05  Oct 2016 –  Here are some additional questions shared by Michal

  • In what scenario full proxy is required
  • Exibit where u had ( client ->proxy->LB->server ) and question was Why LB is there??  ( and answer was “because its closest to server” , “because it can forward traffic” and 2 more answers which i dont remeber .
  • AAA what for the 3rd A is standing for .
  • Admin have site example.com under address 192.12.13.14 and there is need to implement same site under new IP X X X X but first what you need to do is test it if its working . What will you do :  change something in DNS server , change local file on server +3 more answers .
  • Flow of osi when sender – when client A is sending packet to B how it will look on OSI  – layer from1 to 7 or from 7 to 1 .
  • There was one question about TCP dump output something like that :
172.23.12.11 > 10.1.2.3
10.1.2.3 >172.23.12.11
who will reply next  ( but note that there were flags etc i dont remember now ). So in short, you should be able to read TCP dump output
  • Output from trap snmp :
192.159.12.12 – 13.44.55.1    1.3.6.1.4.1.2789.5000  -(something like that )
And question what is client what is server .
  • Question where admin used some ip X.X.X.X/28  and something didnt work  answer was easy he used broadcast ip from subnet

 

Update : 07 Aug 2017 – Here are some tips shared by Smith

  • OSI Model ( which layer do you use in a particular situation)
  • Irules iapps icontrol isessions, about this we have a lot of questions
  • Modules (APM, AFM, LTM, GTM) advantages , and how it work each module
  • mac masquerade
  • Full half proxies in a particular situation( Which would you use)
  • protocol SOAP how it works ( the correct answers was XML, HTTP)
  • subnetting one question
  • ipv6 2 questions (localhost, and correct ipv6)
  • VLANS broadcast domain in a particular situation
  • ARP 224.0.0.1 is used for?
  • Questions about security models (positive and negative)
  • High avabaility
  • HA Active/ stanby advantages
  • encryption
  • MSS
  • ipsec/ssl
  • three way handshake, what is the last packet ? And we have to select FIN
    the process of checksum in tcp
  • FTP active passive
  • smtp
  • LDAP attributes
  • how can analyze and interpretation the packet capture examples
  • Packet forwarding
  • How many minimum connections are there in one ftp session?
    HTTP keepalive (header)

Update : 11 Sep 2017 – Here are some tips shared by Baccari

*loopback @ in IPv6
*vCMP used in which f5 platforme (all f5 device or same f5 device or …)
*emailing protocol : SMTP / POPv3
*what is the first sequence number in 3-way-handshk
*protocol that minimize latency over reliability —> udp
*ldap syntax —> DN: CN=exemple, OU=exemple2, DC=exemple3 …
*Means of DN in ldap query : –> simple path name
*which provide AAA —> APM
*Model of security can implement rapidly —> negative
*model F5 work at layer 3 and 4 —> AFM
*How reciever verify non-repuduation : —> public-key
*mac masqurade provide: —> minimize arp communication and drop packet
*.com :—> top level
*MSS value in : SYN/ACK
*Third A in AAA —>
*Protect application from sql injection :—> ASM
*when sender data folow :—-> apllication to physi
*advandge of Active -Active % active – standby
*choose which protocol is link state
*when use full proxy (4-6 question about this)
*tcpdump of SNMP —-> source @ is client , dest @ is server
*primiry function of CA—> VALIDATE AND VERIFY CERTIFICATE
*Which address in data link layer redirect data —-> MAC
*Protocol that resolve IPv6 @ to IP @ :—-> NDP
*where admin used some ip X.X.X.X/28 and something didnt work answer was easy he used broadcast ip from subnet
* Which method used to verify if server support POST method —> trace
*YOU NEED TO KNOW THE CODE IN HTTP RESPONSE ( there is 2 or 3 questions i remember 302 and 401)
* Other questions about tcpdump who send ACK
*Module provide AAA —> APM
*Advandge of VE % hardware

Update: 09 Oct 2017 -Here are some tips shared by  nalaakanono

  • how was the tcp sequence number generated?
    * what is the initial tcp sack in tcp 3 way handshake?
    * SSL offloading advantages?
    * persistence methods? (5 questions)
    * in which scenario does full proxy tcp connection required? (5 questions)

Update 02 Jan 2018 – below are some additional tips from Tanu
* which SSL/TLS version is secure
* Ethernet is on which layer – physical+Data
* http 301 error
* Auto sync failover

Update 21 Feb 2018 –  Below are some questions added by F5er.

1-how client test of a specific method is supported — the answer is OPTION
2-exhibit with tcp dump and the questions who should send the sync\ack — the answer is the Client source address in the second line of the dump.
3-Admin discovered new security vulnerability how can he rapidly fix it? choices “icontrol-isession-iRule-iApp”
4-How to restirect http mthod (irule-http profile-ssl profile)
5-SAML provide what function in AAA i don’t remeber the choices but the answer was ” usage measure & authentication )
6-user sends big amount of data to a server but during the process the server sent tcp window size what is the reason choices were somethinf like ( server can’t handle more data, server rest the session and two other chouces but you should choose just one )
7-what could benfit more from compression (http ,peer-to-peer, video,media)
8-traffic passes though the loadblancer from the client to server but the return traffic pass bypass the LB directly from server to client, what proxy archticure is impelemnteed ( full stack proxy, packt-by-packet proxy and other option )
9-what is responsab;e for flow-controll and error correction in Data-link layer (MAC,LLC,…..and other options)
10-what can add more application security layer to SMTP and FTP (LTM,GTM,APM,AFM)
11-traffic is processed by two units and each units is ready to handle all the traffic of the other failed, what type of high availability is implemented (Active-active,active-standby…..other option)
12-new virtual server is implemented and needed to be tested and the old virtual server is still in use, how it should be tested “or something like that” choices were (add ip address to the FQDN, add entery to client host file )
13-a deployment that is fast to get and deploy answer is virtual server
14-what is minimum objects required for loadbalnce(ip address- desstination server address- helath monitor-presistance profile )

 

Update 11 Apr 2018 : Below tips are from Krish :

Exam questions are Tricky, so recommend you to have good understanding of Layer Technologies.
3. Observed a lot of full-proxy TCP(more than 4 Q’s) scenario questions. So, check what is Full Proxy TCP? How it works?
4. Not observed any True/False questions like the other sites are posting as example questions(Not sure if they were in F5101V1).
Note: I did not see any much importance for practical knowledge. so don’t worry if you do not have good hands-on for this Exam.

Material:
-I strictly Finished the Study Guide and revised it a couple more times.
-Last week before Exam, I studied in depth on Topics suggested in this blog.
-Finally, just checked the topics I was not clear with like LACP,LDAP syntax, Mac masquerade, DNS top-host levels etc.
Used: http://veritablenetworks.blogspot.com/2012/11/f5-application-delivery-fundamentals.html

104 thoughts on “F5 BIG IP – 101 Exam Application delivery fundamentals (Tips and tricks)”

  1. Here are a few question in where you need to be focus

    vCPM
    unsecure sslv3 tls 2 sslv2
    flow on osi when sender
    ethernet on what layer is 1-2 or 2-3
    advantages between virtual and hardware
    advantage of active/ standby

    1. Unfortunately I couldn’t find dumps anywhere. However the questions in book by Phillip and Steven are quite good.

        1. Sorry, I bought it on kindle and as far as i know, this can not be transferred. But it was quite cheap about 9 euros

  2. I am studying for the test 101 , I am using the study guide Eric Mitchell and also the videos of Cbt Nuggets.

    I have worked a few years with the network, so the first part of the study guide is not difficult , however the second part includes the most part of F5 technologies.

    What ends up not helping much and that all the material is in English, which is not my native language , however I am struggling to learn in the best possible way.

    I wonder who has passed that test what are the key questions, and would besides the materials , of course , free.

    1. Hi Renan,

      Unfortunately, its been quite long after I passed the exam and do not remember questions anymore. Though the topics having the maximum questions, I have already written in my another blog. I think F5 should also make their documents in multi languages.

  3. Other tips,
    ipv6 correct address
    ipv6 127.0.0.1 eq
    mss , where is defined (syn-syn/ack-ack)
    ftp active and passive
    saml
    ipsec/ssl
    3 metod for authentication (ex. ldap)
    ldap sintax
    dns sintax
    http keep-alive
    224.0.0.1 is used for?
    TTL

    1. Server send his MSS value in Ip packet in Option filed while sending reply to ack in Three way handshake (ans is Syn-Ack)

  4. Hello.

    I did the exam in December 2016. In the exam I had the same questions that are mentioned here. I am going to retake the exam the next week. Do you think I will have the same questions?

    I tried to find these questions and answers but I can`t find them.

    1. Hi Adrian,

      All the very for the exam. One of my colleague appeared in the exam last week and he informed that there has been no change to the questions.
      I will appreciate if you could also share your questions after the exam here so that it will be helpful for the future F5 certifiers.

      Cheers
      Raj Dudi

      1. Hi Raj,
        Happy New Year .
        Any update on the 101 questions so far ?
        I am preparing for next week and would appreciate if any update is available.

        1. Hello Hillary,
          As far as i know there is no change in the questions for the F5. Sorry I read your message too late. Have you already appeared or will you appear ?

    2. you will not find any pdf with exact match and those question here are no exact copy paste from exam its ALMOST the same everyone probably recall everything they could 🙂 from question .

  5. Hi

    Last week I gave the exam and unfortunately I failed.
    I’m going to share the things they asked me and I remember, they are very similar to what I said earlier

    OSI Model ( wich layer do you use in a particular situation)
    Irules iapps icontrol isessions, about this we have a lot of questions
    Modules (APM, AFM, LTM, GTM) advantages , and how it work each module
    mac masquerade
    Full half proxies in a particular situation( Wich would you use)
    protocol SOAP how it works ( the correct answers was XML, HTTP)
    subnetting one question
    ipv6 2 questions (localhost, and correct ipv6)
    VLANS broadcast domain in a particular situation
    ARP
    224.0.0.1 is used for?
    Questions about security models (positive and negative)
    High avabaility
    HA Active/ stanby advantages
    encryption
    MSS
    ipsec/ssl
    three way handshake, what is the last packet ? And we have tu select FIN
    the process of checksum in tcp
    FTP active passive
    smtp
    LDAP attributes
    how can analyze and interpretation the packet capture examples
    Packet forwarding
    How many minimum connections are there in one ftp session?
    HTTP keepalive (header)

    1. Hi Smith,
      Sorry to hear about your result but thanks a lot for sharing as I am sure they will be helpful for other exam taker. I am going to add them in my blog.

      1. Hi, I have a question do you need to send the fin packet to close the conection?
        or do you think that ack is the final packet

  6. To close the connection will be with the RST

    There are acceptable times for RST packets, however, if there are a large number of RST packets in a conversation, this is definitely something to troubleshoot.

    1. Hi I get the exam on october 6 th, look at the questions in my last post enfocus in study guide and the links we provide them.

      And if you want put your experience with your exam thank you

    2. hi, I cleared my 101 exam today and this are same quations:
      *loopback @ in IPv6
      *vCMP used in which f5 platforme (all f5 device or same f5 device or …)
      *emailing protocol : SMTP / POPv3
      *what is the first sequence number in 3-way-handshk
      *protocol that minimize latency over reliability —> udp
      *ldap syntax —> DN: CN=exemple, OU=exemple2, DC=exemple3 …
      *Means of DN in ldap query : –> simple path name
      *which provide AAA —> APM
      *Model of security can implement rapidly —> negative
      *model F5 work at layer 3 and 4 —> AFM
      *How reciever verify non-repuduation : —> public-key
      *mac masqurade provide: —> minimize arp communication and drop packet
      *.com :—> top level
      *MSS value in : SYN/ACK
      *Third A in AAA —>
      *Protect application from sql injection :—> ASM
      *when sender data folow :—-> apllication to physi
      *advandge of Active -Active % active – standby
      *choose which protocol is link state
      *when use full proxy (4-6 question about this)
      *tcpdump of SNMP —-> source @ is client , dest @ is server
      *primiry function of CA—> VALIDATE AND VERIFY CERTIFICATE
      *Which address in data link layer redirect data —-> MAC
      *Protocol that resolve IPv6 @ to IP @ :—-> NDP
      *where admin used some ip X.X.X.X/28 and something didnt work answer was easy he used broadcast ip from subnet
      * Which method used to verify if server support POST method —> trace
      *YOU NEED TO KNOW THE CODE IN HTTP RESPONSE ( there is 2 or 3 questions i remember 302 and 401)
      * Other questions about tcpdump who send ACK
      *Module provide AAA —> APM
      *Advandge of VE % hardware

      NB : Same of questions in this blogs is alsso exists.

      GOOD LUCK 🙂

  7. Hi Team

    Great work i have planned to take 101 next month
    what would be the time to take 201 after taking 101 exam ? what is the passing score for 101 & 201

    Thanks
    Arjun

    1. Hi Arjun,

      The passing marks are 60% and I would suggest to give 201 exam as soon as you are ready. Please note 201 would really need hand on.
      I would say, practice for about 2-3 months and appear for 201 exam.

  8. How reciever verify non-repuduation >>> Public Key.

    The correct anwser is private key, every one have public keys, but only one have the private key

  9. Yesterday was my 2nd attempt and I failed, getting demoralizing and I hate F5 for not releasing the results to us on the area where we got it incorrect. I found this blog after my 1st attempt and appreciated the effort put in by everybody for making people like us feeling more confident in the test, just to share some questions which I can remember below.

    how was the tcp sequence number generated?
    what is the initial tcp sack in tcp 3 way handshake?
    SSL offloading advantages?
    persistence methods? (5 questions)
    in which scenario does full proxy tcp connection required? (5 questions)

    1. Thanks a lot nalaakanono for sharing the questions.
      Quick note, do not get demoralized but just think about how it would feel like cracking the exam in the next attempt. Success is sweeter if it does not come easy.

  10. Thanks everyone for above inputs. I cleared my 101 Exam today. My suggestion is to appear for F5 practice exam once (cost $25) before attempting. Most of the questions are similar from the practice exam. I don’t want to repeat but please go through the questions/keywords mentioned above by others. This blog post helped me in clearing this exam. Thanks again.

  11. model F5 work at layer 3 and 4

    Anyone can answer the correct answer for below question;

    How reciever verify non-repuduation

    MSS value in

    tcpdump of SNMP

    three way handshake, what is the last packet

  12. Can I pass Exam 101–Application Delivery Fundamentals usina the manual administering Big-IP v11? Is this manual alone enough?

    1. The 101 application delivery fundamental is one of the resource that you need to consider but I higly recommend that you also go through some networking fundamental book if you are new to networking field.

  13. Hi all,
    I passed F5 101 exam last Saturday, this blog is really helpful and informative and the question pattern shared by everyone.
    Few questions which I remember addition to top one
    which SSL/TLS version is secure
    Ethernet is on which layer – physical+Data
    http 301 error
    Auto sync failover

    1. Congratulations Tanu for passing the exam.
      Many thanks for sharing few more tips. I will include them in the blog

  14. Hi All,

    I have passed the exam today blog was very helpful.
    few questions as i remember:
    which protocol send data unencrypted in VPN connection (IPSEC AH, GRE, PPTP, one more IPSEC..)
    many questions on icontrol and ha failover groups.
    Also the book by philip jhonson is very helpful all the questions from the book if read thoroughly.

        1. in my opinion it should be IPSec HA.
          IPSec HA (authentication header) it provides authentication & integrity service but not encrypted the data.
          PPTP encrypted data/payload using GRE.
          cmiiw

      1. Answer is GRE as GRE tunnel are not encrypted as GRE does not encrypt the tunnel but encapsulates it with a GRE header. If data protection is required, IPSec must be configured to provide data confidentiality – this is when a GRE tunnel is transformed into a secure

  15. Cleared F5-101 exam, lots of question came from here.
    here are some questions

    1-how client test of a specific method is supported — the answer is OPTION
    2-exhibit with tcp dump and the questions who should send the sync\ack — the answer is the Client source address in the second line of the dump.
    3-Admin discovered new security vulnerability how can he rapidly fix it? choices “icontrol-isession-iRule-iApp”
    4-How to restirect http mthod (irule-http profile-ssl profile)
    5-SAML provide what function in AAA i don’t remeber the choices but the answer was ” usage measure & authentication )
    6-user sends big amount of data to a server but during the process the server sent tcp window size what is the reason choices were somethinf like ( server can’t handle more data, server rest the session and two other chouces but you should choose just one )
    7-what could benfit more from compression (http ,peer-to-peer, video,media)
    8-traffic passes though the loadblancer from the client to server but the return traffic pass bypass the LB directly from server to client, what proxy archticure is impelemnteed ( full stack proxy, packt-by-packet proxy and other option )
    9-what is responsab;e for flow-controll and error correction in Data-link layer (MAC,LLC,…..and other options)
    10-what can add more application security layer to SMTP and FTP (LTM,GTM,APM,AFM)
    11-traffic is processed by two units and each units is ready to handle all the traffic of the other failed, what type of high availability is implemented (Active-active,active-standby…..other option)
    12-new virtual server is implemented and needed to be tested and the old virtual server is still in use, how it should be tested “or something like that” choices were (add ip address to the FQDN, add entery to client host file )
    13-a deployment that is fast to get and deploy answer is virtual server
    14-what is minimum objects required for loadbalnce(ip address- desstination server address- helath monitor-presistance profile )

  16. @ everyone wanting to seat for the exam this february…can we collectively purchase the practice exam . i noticed the practice exam is 70% of the real exam

  17. I have F5 101 exam on 18 feb . Can you please let me know the topics section wise on which I should focus more ?

  18. I had failed 1st attempt couple of weeks back. Only couple of questions came from here. There were almost 25 questions scenario based 4-5 each for positive and negative security model, SSL offload, Proxy servers, iApps, icontrol, iRule etc. Whatever the dumps are in the market are invalid. Both study guides have explained none of the scenario based situations. Please someone share the answers too

  19. Hi
    just passed 101 exam yesterday. This website helped a lot for me. Almost all questions mentioned here where in exam and if not this site i even didn’t look into TCP flags deep (like flags…) Maybe 4 or 5 questions were about TCP. TCPDUMP as well. Not much questions about LTM it self that is strange.
    My question about VPN was like we need transfer data from 2 data centres in different countries, what we need use: pptp ipsec vpn … Interesting question about DNS like how we call when DNS server forwarding request to other dns server per client request.

    So as i said be prepare answer all questions here and have basic understanding about notwork and you have chances to pass.

  20. Hi Guys,
    Appeared/PASSED(Today) for the 101 exam with good practical and conceptual knowledge.
    Background:
    1.Worked with Configuring LTMs at work and played a lot with GUI.
    TIPS for EXAM:
    1.I have made a list of Q & A format from this blog, which really helped and I observed few questions from them(I will post them soon). This blog really helped me build some confidence on the kind of questions to expect. I checked this blog just a week before my exam.
    2. Exam questions are Tricky, so recommend you to have good understanding of Layer Technologies.
    3. Observed a lot of full-proxy TCP(more than 4 Q’s) scenario questions. So, check what is Full Proxy TCP? How it works?
    4. Not observed any True/False questions like the other sites are posting as example questions(Not sure if they were in F5101V1).
    Note: I did not see any much importance for practical knowledge. so don’t worry if you do not have good hands-on for this Exam.

    Material:
    -I strictly Finished the Study Guide and revised it a couple more times.
    -Last week before Exam, I studied in depth on Topics suggested in this blog.
    -Finally, just checked the topics I was not clear with like LACP,LDAP syntax, Mac masquerade, DNS top-host levels etc.
    Used: http://veritablenetworks.blogspot.com/2012/11/f5-application-delivery-fundamentals.html
    Note: I haven’t used any DUMPs or shortcuts. So I do not recommend them.

    1. Congratulations Krish and thanks for sharing the tips.
      I am sure they would be helpful for the other exam takers.

    2. Please can anyone answer the scenarios for this full proxy tcp connection questions? They look very tricky and confusing.

    3. Hi Krish,

      I am planning to take 101 exam and going through the book.

      Do you think understanding of LTM features is requeired ? I mean, will there be questions on configuring LTM

      or would you say it will be based on pure networking related topics ( in a scenario based questions ) ?

      Thanks
      Jatin

    4. Hi Kirish
      Can you please post/share the list of questions you have made from this blog, icluding the correct answers…!
      it will be very helpful to us.

      Thanks a lot

  21. Hi All,

    I passed F5 ADF 101 with 87 % . Questions were not too tough. If you have handson exp on LTM and have strong networking basics then you can pass it for sure..

  22. Hi,
    Has anyone appeared for the LTM-101 exam recently. Are we still getting questions similar to what others have mentioned here…
    Can anyone please share the latest questions type or the topics i should focus on…
    Thanks…

  23. Hi,
    Any one have correct ans for this 10 que?

    QUESTION 1

    An administrator is deploying four identical servers to perform load balanced DNS.

    What is the correct configuration to accomplish this?

    A. round robin load balancing with simple persistence
    B. ratio load balancing with cookie persistence
    C. ratio load balancing with simple persistence
    D. round robin load balancing without persistence

    QUESTION 2
    When load balancers are used to manage application traffic, why are health monitors important?

    A. to signal servers to be ready for client traffic
    B. to determine if traffic should be sent to a server
    C. to keep connections from timing out
    D. to avoid congestion on the network

    QUESTION 3
    What is the initial sequence number during the TCP 3-way handshake?

    A. the Julian date minus 1
    B. the source port of the client system
    C. the destination port of the server system
    D. a random number

    QUESTION 4
    An administrator is deploying an HTTP site that will be accessed by users who reside behind a large internet proxy.

    Which type of persistence should the administrator use?

    A. destination address affinity
    B. source address affinity
    C. SSL session persistence
    D. cookie persistence

    QUESTION 5
    What is the purpose of using persistence when load balancing?

    A. to ensure that clients’ requests are not redirected to servers that are marked as down
    B. to ensure that client requests are directed to the same server during the life of a session
    C. to ensure that client requests are evenly distributed among the servers
    D. to ensure that the servers run faster

    QUESTION 6

    A client initiates a TCP connection to the load balancer. The load balancer opens a new TCP connection to the server.

    What is this called?

    A. passthrough connection
    B. half proxy connection
    C. asynchronous connection
    D. full proxy connection

    QUESTION 7
    In which scenario is a packet forwarding architecture sufficient?

    A. when the client connection and server connection should decoupled
    B. when layer 4 load balancing is demanded
    C. when SSL offloading is used
    D. when content based load balancing is demanded

    QUESTION 8
    If a pool member has been marked DOWN by a monitor, what will be the result?

    A. That pool member will receive the same level of traffic regardless of the state
    B. That pool member will still receive traffic but will redirect it to other servers.
    C. That pool member will only receive traffic for existing connections.
    D. That pool member will not receive any more traffic until it comes up.

    QUESTION 9
    In which scenario is a packet forwarding architecture sufficient?

    A. when HTTP headers must be modified
    B. when load balancing based on IP address is required
    C. when cookie persistence is demanded
    D. when SSL offloading is performed to reduce the Server load

    QUESTION 10
    At a minimum, which two objects are required in order to achieve load balancing? (Choose two.)

    A. an HTIP profile
    B. a health check
    C. a persistence profile
    D. an IP address
    E. destination servers

  24. Hi Juan,
    Please find the answers below. Please let me know if you have some other thoughts.
    1 D or A
    2 B
    3 D
    4 D
    5 B
    6 D
    7 B
    8 D
    9 B
    10 D E

  25. Thanks yogi, Ans 1 you said D or A, What you think??

    Any one have correct ans for this 17 Que?

    QUESTION 1
    What is the correct result of the BIG-IP ConfigSync process?

    A. If a file in a synchronized directory is deleted, the corresponding file on the peer unit is deleted by the
    ConfigSync process as well.
    B. If changes have been made to the shared configuration on both units, all the changes on each unit will be synchronized.
    C. Any changes made to networking part of configuration will be synchronized to the peer unit.
    D. If changes have been made to the shared configuration on both units, any changes that were made on the target unit will be lost.

    QUESTION 2
    An administrator needs to restrict the HTTP methods that a client can use to interact with an application.

    Which F5 feature provides this functionality?

    A. Streaming profiles
    B. HTTP profiles
    C. iControl
    D. iRules

    QUESTION 3
    A pair of load balancers is configured so that each device is processing traffic and is ready to take over for the other if failover occurs.

    Which type of configuration is this an example of?

    A. standby-active
    B. active-standby
    C. active-active
    D. standby-standby

    QUESTION 4
    An administrator updates an HTTP application. The resource layout changes, and the users’ bookmarks no longer work.

    Which F5 feature can solve this problem quickly?

    A. iApp
    B. iControl
    C. iRules
    D. iSession

    QUESTION 5
    What is an advantage of deploying applications using iApps?

    A. It reduces the complexity of iRules.
    B. It ensures more secure applications.
    C. It provides a single configuration language to deploy an application.
    D. It provides a significant reduction of time to deploy an application.

    QUESTION 6
    An administrator has been asked to create a template to deploy an application traffic management solution on many BIG-IP devices.

    Which F5 technology should the administrator use?

    A. iRules
    B. iControl
    C. iApps
    D. iSessions

    QUESTION 7
    What does the existence of an open network socket in listening state on the host indicate?

    A. It is the client.
    B. It is the server.
    C. It is a peer unit
    D. It is an API socket.

    QUESTION 8
    Which F5 feature provides custom Data Loss Prevention (DLP)?

    A. TCP profile
    B. SSL profile
    C. iRules
    D. iControl

    QUESTION 9
    Which F5 technology allows an administrator to create application-centric views of BIG-IP configuration objects?

    A. iRules
    B. iApps
    C. iControl
    D. iSessions

    QUESTION 10
    In which scenario is a full proxy TCP connection required?

    A. when access lists are enabled
    B. when SYN cookie DOS protection is enabled
    C. when caching is enabled
    D. when connection mirroring is enabled

    QUESTION 11
    An administrator has a specific file that is requested frequently on the web application. How can the administrator reduce traffic to the servers?

    A. serve the file from RAM cache
    B. enable file compression
    C. use a longer packet TTL
    D. use TCP optiization

    QUESTION 12
    In which scenario is a full proxy TCP connection required?

    A. when enabling TCP routing on the external facing interface of the load balancer
    B. when configuring different maximum segment sizes on the client and server sides of the load balancer
    C. when changing the source IP address when crossing from the client to the server side of the load balancer
    D. when passing the client IP address to originating servers

    QUESTION 13
    In which security model is all traffic denied by default?

    A. rule-based security model
    B. positive security model
    C. negative security model
    D. role-based security model

    QUESTION 14
    Which security model can be deployed most rapidly to protect a web application?

    A. ACL security model
    B. negative security model
    C. open security model
    D. positive security model

    QUESTION 15
    Which security policy protects from known attacks and defines resources that should be accessible?

    A. a security policy using both positive and negative security
    B. a security policy using ACL security
    C. a security policy using negative security only
    D. a security policy using positive security only

    QUESTION 16
    What are two advantages of running a virtualized load balancer over running a hardware load balancer? (Choose two.)

    A. A virtual load balancer runs newer code than a hardware load balancer.
    B. A virtual load balancer can be deployed remotely via software.
    C. A virtual load balancer is faster.
    D. A virtual load balancer is easier to configure.
    E. A virtual load balancer is cheaper.

    QUESTION 17
    Which three factors should influence the decision to choose hardware or a virtual appliance? (Choose three.)

    A. multiprotocol support
    B. power and cooling
    C. management API
    D. available rack space
    E. performance

  26. Dear Yogi, Juan!

    I think these are the correct answers:
    1, D, because we not need sticky
    8, C, because the active connection not close

    Juan, thanks the questions!

    I think about 17Q:
    1, B
    2, B
    3, C
    4, C
    5, D
    6, C
    7, B
    8, C
    9, B
    10, B
    11, A
    12, B
    13, B
    14, B
    15, A
    16, B,E
    17, B,D,E

  27. Hi MatBel,

    This on 17Q,

    The First question – answer is “D” – https://support.f5.com/csp/article/K7024

    What is the correct result of the BIG-IP ConfigSync process?

    A. If a file in a synchronized directory is deleted, the corresponding file on the peer unit is deleted by the
    ConfigSync process as well.
    B. If changes have been made to the shared configuration on both units, all the changes on each unit will be synchronized.
    C. Any changes made to networking part of configuration will be synchronized to the peer unit.
    D. If changes have been made to the shared configuration on both units, any changes that were made on the target unit will be lost.

    As per F5: if changes have been made to the shared configuration on both units, any changes that were made on the target unit will be lost when the shared configuration from the source unit is installed.

  28. Hi Mike,

    Q4 –>> Answer is C – iRules.

    iRule can parse the entire header and payload of the data as it is being passed through the BIG-IP and, at wire speed, execute an entire script of commands on that traffic. The commands at your disposal range from logging to redirecting traffic, from
    modifying the URI or port to actually rewriting the payload itself.

    Question:

    An administrator updates an HTTP application. The resource layout changes, and the users’ bookmarks no longer work.

    Which F5 feature can solve this problem quickly?

    My Understanding: administrator updates an HTTP application and assume that location of the page changed so that users’ bookmarks no longer work.

    iRule can parse the entire header and redirect the traffic to valid location.
    ————————————————————————————————–
    The F5 iControl API makes it easy to integrate with third-party management systems

    Please Correct me if wrong.

  29. wich application type would benefit from BIG-IP Aplication Acceleration Manager?
    a. streaming video
    b. HTTP
    c. peer-to-peer
    d. VoIP

  30. Hi All,
    Cleared 101 last week with 85 % score. Thank you every one for posting questions here. Lots of questions in exam were from this blog… The exam was not too tough but not too easy either. one should have good knowledge of TCP/IP in order to score good in the exam.

    All the best every one & happy studying 🙂
    yogi

    1. Dear Yogi,
      Congrats to you ….
      Friday I have scheduled for exam, please can you share any new question here, or correct any wrong answers to the questions that are posted here.

  31. Hi Malikhe,

    Question:

    wich application type would benefit from BIG-IP Aplication Acceleration Manager?

    a. streaming video
    b. HTTP
    c. peer-to-peer
    d. VoIP

    Answer: HTTP

    FYI: streaming video and VoIP are real time applications are no way to optimized (Acceleration).

  32. In which scenario is a full proxy TCP connection required?

    A. when access lists are enabled
    B. when SYN cookie DOS protection is enabled
    C. when caching is enabled
    D. when connection mirroring is enabled

    Is right for the answer B?

  33. Hi all if any one completed the F5 101 Exam , if yes please share your experience and if any new tricky questions came . I plan to write this month end .

  34. Hi guys , if anyone completed F5 101 exam recently if yes please share your experience here , if any new questions came ?

  35. Just passed the exam. All the questions discussed in this blog is still valid. Please do not buy any dump. You need to have the concept of HTTP, TCP/IP stack and working with F5 to pass this exam, to be honest.

    -Which protocol works in network layer or below? (TCP, UDP, ESP), the answer is ESP

    -Which SSL version is less secure? SSLV2

  36. I am going to write exam on july 21.any tips for passing bcoz i have gone through all of your comments and the study guide was useful??

  37. Juan 7th question
    What does the existence of an open network socket in listening state on the host indicate?

    A. It is the client.
    B. It is the server.
    C. It is a peer unit
    D. It is an API socket.

    answer should be A because client will send all the request to server and starts listening to responses from server.

Leave a Reply

Your email address will not be published. Required fields are marked *