F5 BIG IP – 101 Exam Application delivery fundamentals (Tips and tricks)

Hello,

Here I come up with one another section of tips and tricks to pass the F5 BIG IP 101 Exam (Application delivery fundamentals) based on my own experience and the blogs I read on the internet :

  1. Most of the paper of 101 is based on networking fundamentals and is not easy like other vendors networking exam.
  2. One really need to understand the TCP/IP concepts. I remember one of the question from my exam asking the first packet number in TCP connection or how the source MAC address will be changed when packets transfers from point A to point B.
  3. Questions are story based where you are provided with a scenario and then you have to answer it.
  4. Since I was from the linux background with not much knowledge about networking, I read Applications delivery network by Philip and Steven and would highly recommend it.
  5. Also the study guide on F5 website is highly recommended. But do not just read this guide, also read in details or follow the links provided in this guide.
  6. The other resource which is helpful is CBT nuggets videos. Watching these videos can help to get speed up with learning BIG IP but they are not sufficient to pass this exam.
  7. During the exam, have a look at the clock. The time may tick away fast unlike other vendor exams where one has plenty of time.

All the very best for your exam and if you are still scared….remember, if you know the basics of networking, you will be through in this exam 🙂

I would love to hear the feedback from you and if you have any new tips for this exam. It would be very nice if you can share the exams topic after appearing in it. This may help other candidates.  🙂

I would not like to create dumps for the exam but just some help to our fellow friends. I will keep updating the below part as and when I will get new feedback from other exam taker.

Update : 02 July 2016 – Here are some more important topics from Jose for the exam.

vCPM
unsecure sslv3 tls 2 sslv2
flow on osi when sender
ethernet on what layer is 1-2 or 2-3
advantages between virtual and hardware
advantage of active/ standby

Update : 26 July 2016 – Here are some more important topics from David for the exam.

ipv6 correct address
ipv6 127.0.0.1 eq
mss , where is defined (syn-syn/ack-ack)
ftp active and passive
saml
ipsec/ssl
3 method for authentication (ex. ldap)
ldap syntax
dns syntax
http keep-alive
224.0.0.1 is used for?
TTL

 

Update : 05  Oct 2016 –  Here are some additional questions shared by Michal

  • In what scenario full proxy is required
  • Exibit where u had ( client ->proxy->LB->server ) and question was Why LB is there??  ( and answer was “because its closest to server” , “because it can forward traffic” and 2 more answers which i dont remeber .
  • AAA what for the 3rd A is standing for .
  • Admin have site example.com under address 192.12.13.14 and there is need to implement same site under new IP X X X X but first what you need to do is test it if its working . What will you do :  change something in DNS server , change local file on server +3 more answers .
  • Flow of osi when sender – when client A is sending packet to B how it will look on OSI  – layer from1 to 7 or from 7 to 1 .
  • There was one question about TCP dump output something like that :
172.23.12.11 > 10.1.2.3
10.1.2.3 >172.23.12.11
who will reply next  ( but note that there were flags etc i dont remember now ). So in short, you should be able to read TCP dump output
  • Output from trap snmp :
192.159.12.12 – 13.44.55.1    1.3.6.1.4.1.2789.5000  -(something like that )
And question what is client what is server .
  • Question where admin used some ip X.X.X.X/28  and something didnt work  answer was easy he used broadcast ip from subnet

 

Update : 07 Aug 2017 – Here are some tips shared by Smith

  • OSI Model ( which layer do you use in a particular situation)
  • Irules iapps icontrol isessions, about this we have a lot of questions
  • Modules (APM, AFM, LTM, GTM) advantages , and how it work each module
  • mac masquerade
  • Full half proxies in a particular situation( Which would you use)
  • protocol SOAP how it works ( the correct answers was XML, HTTP)
  • subnetting one question
  • ipv6 2 questions (localhost, and correct ipv6)
  • VLANS broadcast domain in a particular situation
  • ARP 224.0.0.1 is used for?
  • Questions about security models (positive and negative)
  • High avabaility
  • HA Active/ stanby advantages
  • encryption
  • MSS
  • ipsec/ssl
  • three way handshake, what is the last packet ? And we have to select FIN
    the process of checksum in tcp
  • FTP active passive
  • smtp
  • LDAP attributes
  • how can analyze and interpretation the packet capture examples
  • Packet forwarding
  • How many minimum connections are there in one ftp session?
    HTTP keepalive (header)

Update : 11 Sep 2017 – Here are some tips shared by Baccari

*loopback @ in IPv6
*vCMP used in which f5 platforme (all f5 device or same f5 device or …)
*emailing protocol : SMTP / POPv3
*what is the first sequence number in 3-way-handshk
*protocol that minimize latency over reliability —> udp
*ldap syntax —> DN: CN=exemple, OU=exemple2, DC=exemple3 …
*Means of DN in ldap query : –> simple path name
*which provide AAA —> APM
*Model of security can implement rapidly —> negative
*model F5 work at layer 3 and 4 —> AFM
*How reciever verify non-repuduation : —> public-key
*mac masqurade provide: —> minimize arp communication and drop packet
*.com :—> top level
*MSS value in : SYN/ACK
*Third A in AAA —>
*Protect application from sql injection :—> ASM
*when sender data folow :—-> apllication to physi
*advandge of Active -Active % active – standby
*choose which protocol is link state
*when use full proxy (4-6 question about this)
*tcpdump of SNMP —-> source @ is client , dest @ is server
*primiry function of CA—> VALIDATE AND VERIFY CERTIFICATE
*Which address in data link layer redirect data —-> MAC
*Protocol that resolve IPv6 @ to IP @ :—-> NDP
*where admin used some ip X.X.X.X/28 and something didnt work answer was easy he used broadcast ip from subnet
* Which method used to verify if server support POST method —> trace
*YOU NEED TO KNOW THE CODE IN HTTP RESPONSE ( there is 2 or 3 questions i remember 302 and 401)
* Other questions about tcpdump who send ACK
*Module provide AAA —> APM
*Advandge of VE % hardware

Update: 09 Oct 2017 -Here are some tips shared by  nalaakanono

  • how was the tcp sequence number generated?
    * what is the initial tcp sack in tcp 3 way handshake?
    * SSL offloading advantages?
    * persistence methods? (5 questions)
    * in which scenario does full proxy tcp connection required? (5 questions)

46 thoughts on “F5 BIG IP – 101 Exam Application delivery fundamentals (Tips and tricks)”

  1. Here are a few question in where you need to be focus

    vCPM
    unsecure sslv3 tls 2 sslv2
    flow on osi when sender
    ethernet on what layer is 1-2 or 2-3
    advantages between virtual and hardware
    advantage of active/ standby

    1. Unfortunately I couldn’t find dumps anywhere. However the questions in book by Phillip and Steven are quite good.

  2. I am studying for the test 101 , I am using the study guide Eric Mitchell and also the videos of Cbt Nuggets.

    I have worked a few years with the network, so the first part of the study guide is not difficult , however the second part includes the most part of F5 technologies.

    What ends up not helping much and that all the material is in English, which is not my native language , however I am struggling to learn in the best possible way.

    I wonder who has passed that test what are the key questions, and would besides the materials , of course , free.

    1. Hi Renan,

      Unfortunately, its been quite long after I passed the exam and do not remember questions anymore. Though the topics having the maximum questions, I have already written in my another blog. I think F5 should also make their documents in multi languages.

  3. Other tips,
    ipv6 correct address
    ipv6 127.0.0.1 eq
    mss , where is defined (syn-syn/ack-ack)
    ftp active and passive
    saml
    ipsec/ssl
    3 metod for authentication (ex. ldap)
    ldap sintax
    dns sintax
    http keep-alive
    224.0.0.1 is used for?
    TTL

    1. Server send his MSS value in Ip packet in Option filed while sending reply to ack in Three way handshake (ans is Syn-Ack)

  4. Hello.

    I did the exam in December 2016. In the exam I had the same questions that are mentioned here. I am going to retake the exam the next week. Do you think I will have the same questions?

    I tried to find these questions and answers but I can`t find them.

    1. Hi Adrian,

      All the very for the exam. One of my colleague appeared in the exam last week and he informed that there has been no change to the questions.
      I will appreciate if you could also share your questions after the exam here so that it will be helpful for the future F5 certifiers.

      Cheers
      Raj Dudi

    2. you will not find any pdf with exact match and those question here are no exact copy paste from exam its ALMOST the same everyone probably recall everything they could 🙂 from question .

  5. Hi

    Last week I gave the exam and unfortunately I failed.
    I’m going to share the things they asked me and I remember, they are very similar to what I said earlier

    OSI Model ( wich layer do you use in a particular situation)
    Irules iapps icontrol isessions, about this we have a lot of questions
    Modules (APM, AFM, LTM, GTM) advantages , and how it work each module
    mac masquerade
    Full half proxies in a particular situation( Wich would you use)
    protocol SOAP how it works ( the correct answers was XML, HTTP)
    subnetting one question
    ipv6 2 questions (localhost, and correct ipv6)
    VLANS broadcast domain in a particular situation
    ARP
    224.0.0.1 is used for?
    Questions about security models (positive and negative)
    High avabaility
    HA Active/ stanby advantages
    encryption
    MSS
    ipsec/ssl
    three way handshake, what is the last packet ? And we have tu select FIN
    the process of checksum in tcp
    FTP active passive
    smtp
    LDAP attributes
    how can analyze and interpretation the packet capture examples
    Packet forwarding
    How many minimum connections are there in one ftp session?
    HTTP keepalive (header)

    1. Hi Smith,
      Sorry to hear about your result but thanks a lot for sharing as I am sure they will be helpful for other exam taker. I am going to add them in my blog.

      1. Hi, I have a question do you need to send the fin packet to close the conection?
        or do you think that ack is the final packet

  6. To close the connection will be with the RST

    There are acceptable times for RST packets, however, if there are a large number of RST packets in a conversation, this is definitely something to troubleshoot.

    1. Hi I get the exam on october 6 th, look at the questions in my last post enfocus in study guide and the links we provide them.

      And if you want put your experience with your exam thank you

    2. hi, I cleared my 101 exam today and this are same quations:
      *loopback @ in IPv6
      *vCMP used in which f5 platforme (all f5 device or same f5 device or …)
      *emailing protocol : SMTP / POPv3
      *what is the first sequence number in 3-way-handshk
      *protocol that minimize latency over reliability —> udp
      *ldap syntax —> DN: CN=exemple, OU=exemple2, DC=exemple3 …
      *Means of DN in ldap query : –> simple path name
      *which provide AAA —> APM
      *Model of security can implement rapidly —> negative
      *model F5 work at layer 3 and 4 —> AFM
      *How reciever verify non-repuduation : —> public-key
      *mac masqurade provide: —> minimize arp communication and drop packet
      *.com :—> top level
      *MSS value in : SYN/ACK
      *Third A in AAA —>
      *Protect application from sql injection :—> ASM
      *when sender data folow :—-> apllication to physi
      *advandge of Active -Active % active – standby
      *choose which protocol is link state
      *when use full proxy (4-6 question about this)
      *tcpdump of SNMP —-> source @ is client , dest @ is server
      *primiry function of CA—> VALIDATE AND VERIFY CERTIFICATE
      *Which address in data link layer redirect data —-> MAC
      *Protocol that resolve IPv6 @ to IP @ :—-> NDP
      *where admin used some ip X.X.X.X/28 and something didnt work answer was easy he used broadcast ip from subnet
      * Which method used to verify if server support POST method —> trace
      *YOU NEED TO KNOW THE CODE IN HTTP RESPONSE ( there is 2 or 3 questions i remember 302 and 401)
      * Other questions about tcpdump who send ACK
      *Module provide AAA —> APM
      *Advandge of VE % hardware

      NB : Same of questions in this blogs is alsso exists.

      GOOD LUCK 🙂

  7. Hi Team

    Great work i have planned to take 101 next month
    what would be the time to take 201 after taking 101 exam ? what is the passing score for 101 & 201

    Thanks
    Arjun

    1. Hi Arjun,

      The passing marks are 60% and I would suggest to give 201 exam as soon as you are ready. Please note 201 would really need hand on.
      I would say, practice for about 2-3 months and appear for 201 exam.

  8. How reciever verify non-repuduation >>> Public Key.

    The correct anwser is private key, every one have public keys, but only one have the private key

  9. Yesterday was my 2nd attempt and I failed, getting demoralizing and I hate F5 for not releasing the results to us on the area where we got it incorrect. I found this blog after my 1st attempt and appreciated the effort put in by everybody for making people like us feeling more confident in the test, just to share some questions which I can remember below.

    how was the tcp sequence number generated?
    what is the initial tcp sack in tcp 3 way handshake?
    SSL offloading advantages?
    persistence methods? (5 questions)
    in which scenario does full proxy tcp connection required? (5 questions)

    1. Thanks a lot nalaakanono for sharing the questions.
      Quick note, do not get demoralized but just think about how it would feel like cracking the exam in the next attempt. Success is sweeter if it does not come easy.

  10. Thanks everyone for above inputs. I cleared my 101 Exam today. My suggestion is to appear for F5 practice exam once (cost $25) before attempting. Most of the questions are similar from the practice exam. I don’t want to repeat but please go through the questions/keywords mentioned above by others. This blog post helped me in clearing this exam. Thanks again.

  11. model F5 work at layer 3 and 4

    Anyone can answer the correct answer for below question;

    How reciever verify non-repuduation

    MSS value in

    tcpdump of SNMP

    three way handshake, what is the last packet

  12. Can I pass Exam 101–Application Delivery Fundamentals usina the manual administering Big-IP v11? Is this manual alone enough?

    1. The 101 application delivery fundamental is one of the resource that you need to consider but I higly recommend that you also go through some networking fundamental book if you are new to networking field.

Leave a Reply

Your email address will not be published. Required fields are marked *