nerdexam
F5

101 · Question #203

You need to terminate client SSL traffic at the BIG-IP and also to persist client traffic to the same pool member based on a BIG-IP supplied cookie. Which four are profiles that would normally be incl

The correct answer is A. TCP B. HTTP D. ClientSSL F. CookieBased Persistence. Terminating client SSL at BIG-IP and persisting traffic via BIG-IP-inserted cookies requires TCP, HTTP, ClientSSL, and a Cookie Persistence profile on the virtual server.

Section 2: F5 Solutions and Technology

Question

You need to terminate client SSL traffic at the BIG-IP and also to persist client traffic to the same pool member based on a BIG-IP supplied cookie. Which four are profiles that would normally be included in the virtual server's definition. (Choose four.)

Options

  • ATCP
  • BHTTP
  • CHTTPS
  • DClientSSL
  • EServerSSL
  • FCookieBased Persistence

How the community answered

(35 responses)
  • A
    71% (25)
  • C
    17% (6)
  • E
    11% (4)

Why each option

Terminating client SSL at BIG-IP and persisting traffic via BIG-IP-inserted cookies requires TCP, HTTP, ClientSSL, and a Cookie Persistence profile on the virtual server.

ATCPCorrect

TCP is the required base transport-layer profile for all standard BIG-IP virtual servers handling TCP-based traffic.

BHTTPCorrect

The HTTP profile enables Layer 7 parsing of HTTP headers and cookies, which BIG-IP must perform in order to insert or read cookies for persistence.

CHTTPS

HTTPS is a health monitor type in BIG-IP, not a virtual server profile; there is no HTTPS profile available to assign to a virtual server.

DClientSSLCorrect

The ClientSSL profile decrypts inbound SSL/TLS traffic from clients, performing the SSL offload function before traffic is passed to the HTTP layer for inspection.

EServerSSL

ServerSSL is only required when BIG-IP must re-encrypt traffic before forwarding it to backend servers; since traffic is forwarded unencrypted in SSL offload mode, ServerSSL is not needed.

FCookieBased PersistenceCorrect

The Cookie Persistence profile configures BIG-IP to insert a cookie into HTTP responses and use that cookie to route subsequent requests from the same client to the same pool member.

Concept tested: BIG-IP SSL offload with cookie persistence profile selection

Source: https://techdocs.f5.com/en-us/bigip-16-1-0/big-ip-local-traffic-management-profiles-reference.html

Topics

#SSL termination#ClientSSL profile#cookie persistence#virtual server profiles

Community Discussion

No community discussion yet for this question.

Full 101 Practice