Free Preparation Discussions
MENU
F5 Networks F5CAB5 Exam Questions
- Topic 1: Determine resource utilization: This domain covers analyzing system resources including control plane versus data plane usage, CPU statistics per virtual server, interface statistics, and disk and memory utilization.
- Topic 2: Identify network level performance issues: This section focuses on diagnosing network problems including packet capture needs, interface availability, packet drops, speed and duplex settings, and TCP profile optimization.,
- Topic 3: Identify the reason load balancing is not working as expected: This domain addresses troubleshooting load balancing by analyzing persistence, priority groups, rate limits, health monitor configurations, and availability status.
- Topic 4: Identify the reason a virtual server is not working as expected: This section covers diagnosing virtual server issues including availability status, profile conflicts and misconfigurations, and incorrect IP addresses or ports.
- Topic 5: Identify the reason a pool is not working as expected: This domain focuses on troubleshooting pools including health monitor failures, priority group membership, and configured versus availability status of pools and members.
- Topic 6: Given a scenario, review basic stats to confirm functionality: This section involves interpreting traffic object statistics and network configuration statistics to validate system functionality.
- Topic 7: Given a scenario, interpret traffic flow: This domain covers understanding traffic patterns through client-server communication analysis and interpreting traffic graphs and SNMP results.
Free F5 Networks F5CAB5 Exam Actual Questions
Note: Premium Questions for F5CAB5 were last updated On Jun. 02, 2026 (see below)
Refer to the exhibit.
The image shows the status of a virtual server namedapplication_vsin the BIG-IP Configuration Utility.
What is the cause of the status shown? (Choose two answers)
The exhibit shows the virtual serverapplication_vswith a status indicating it isoffline but enabled. In BIG-IP terminology, this status means the virtual server itself is administratively enabled, but it is unable to pass traffic becauseno usable pool members are available.
Two common and documented causes for this condition are:
Pool member(s) administratively disabled (Option A):When all pool members are administratively disabled, BIG-IP removes them from load-balancing decisions. Even though the virtual server remains enabled, it has no available pool members to send traffic to, resulting in an offline status.
Node(s) administratively disabled (Option C):Pool members inherit the status of their parent nodes. If a node is administratively disabled, all associated pool members are also marked unavailable. This condition causes the virtual server to show as offline, even though the virtual server configuration itself is correct.
The other options are incorrect:
Forced offline pool members (Option B)result in a different operational intent and are explicitly set for maintenance scenarios.
Virtual server administratively disabled (Option D)would show the virtual server as disabled, not enabled/offline.
This behavior is consistent with BIG-IP traffic management logic and is commonly verified by reviewingpool and node availability stateswhen diagnosing virtual server availability issues.
A pool member is exhibiting frequent up-and-down state changes, leading the BIG-IP Administrator to suspect a health monitor issue. Which specific log file should the BIG-IP Administrator review to diagnose the problem?
The Local Traffic Manager (LTM) log file is the primary repository for all events related to load balancing objects, including virtual servers, pools, and nodes.
Monitor Logging: When a health monitor marks a pool member as 'UP' or 'DOWN,' the system generates a log entry in /var/log/ltm.
Diagnosing Flaps: To troubleshoot 'flapping' (frequent state changes), an administrator would look for messages like 01010028:3: Pool /Common/http_pool member /Common/10.10.1.1:80 monitor status down followed quickly by an 'up' status. This log provides the timestamp and the specific monitor that triggered the state change.
Refer to the exhibit.
A BIG-IP Administrator needs to deploy an application on the BIG-IP system to performSSL offload and re-encrypt the traffic to pool members. During testing, users are unable to connect to the application.
What must the BIG-IP Administrator do to resolve the issue? (Choose one answer)
To successfully performSSL offload and re-encryptionon a BIG-IP system, the virtual server must be configured withboth a Client SSL profile and a Server SSL profile. The Client SSL profile enables BIG-IP to decrypt inbound HTTPS traffic from clients, while the Server SSL profile is required tore-encrypt traffic before forwarding it to the pool members.
From the exhibit, the virtual server has aClient SSL profile configured, which allows BIG-IP to accept HTTPS connections from clients. However, there isno Server SSL profile attached, meaning BIG-IP attempts to sendunencrypted HTTP trafficto pool members listening on HTTPS (port 443). This protocol mismatch causes the server-side SSL handshake to fail, resulting in users being unable to connect to the application.
This behavior is well documented in BIG-IP SSL troubleshooting guides: when backend servers expect HTTPS, a Server SSL profile is mandatory to establish a secure connection from BIG-IP to the pool members.
The other options are incorrect:
Removing the Client SSL profile (Option A) would break client-side HTTPS.
The server-side TCP profile (Option B) is unrelated to SSL encryption.
Forward Proxy (Option C) is only used for outbound SSL inspection scenarios.
Therefore, configuring anSSL Profile (Server)is the correct and required solution.
The BIG-IP appliance fails to boot. The BIG-IP Administrator needs to run the End User Diagnostics (EUD) utility to collect data to send to F5 Support. Where can the BIG-IP Administrator access this utility?
The End User Diagnostics (EUD) utility is a hardware-level testing suite used to verify the integrity of the physical components of a BIG-IP appliance.
Access Requirements: Because the EUD must be run while the TMOS operating system is not loaded (typically when the device cannot boot or requires hardware validation), it cannot be accessed via network-based interfaces like the Management Port or VLANs.
Console Connection: The administrator must connect a terminal to the physical Console Port (using a serial cable) to interact with the boot menu.
Execution Process: Upon restarting the appliance, the administrator must intercept the boot process at the GRUB menu and select the 'End User Diagnostics' option. All output and menu selections are then handled through the serial console session.
A BIG-IP Administrator configured the following virtual server to pass traffic on all addresses and ports. After configuration is completed, the BIG-IP Administrator notices that the virtual server is unable to pass traffic.
Plaintext
ltm virtual forwarding_any_vs {
destination 0.0.0.0:any
ip-forward
mask 255.255.255.255
profiles {
fastL4 {}
}
serverssl-use-sni disabled
source 0.0.0.0/0
translate-address disabled
translate-port disabled
}
Which part of the configuration is the cause of the issue?
The failure of the Forwarding (IP) virtual server is caused by an incorrect Network Mask configuration for a wildcard destination.
Wildcard Destination: The administrator intends to create a 'Wildcard' Virtual Server that listens for any destination IP address (0.0.0.0).
The Mask Conflict: A mask of 255.255.255.255 (or /32) tells the BIG-IP to look for a specific, single host address. When combined with 0.0.0.0, the system is literally looking for traffic destined for the IP 0.0.0.0, which is not a valid routable destination for standard traffic.
Correct Configuration: To allow the virtual server to catch traffic for any IP address, the mask must be changed to 0.0.0.0 (or /0). This signifies that the system should ignore all bits of the destination address and match everything.
Forwarding Logic: The rest of the configuration---including ip-forward (Forwarding IP type), translate-address disabled, and translate-port disabled---is correct for a BIG-IP acting as a router/gateway.
- Select Question Types you want
- Set your Desired Pass Percentage
- Allocate Time (Hours : Minutes)
- Create Multiple Practice tests with Limited Questions
- Customer Support
Joseph Robinson
4 days agoCharles Wright
13 days agoKaren Robinson
1 month agoCynthia Rogers
2 months agoAshley Thompson
1 month agoJoshua Moore
1 month agoLinda Peterson
30 days agoEmma Thomas
26 days agoSandra Mitchell
23 days agoEdison
2 months agoMichael
2 months agoChauncey
3 months agoMarti
3 months agoKristal
3 months agoLavonna
3 months agoBrandon
4 months agoTamar
4 months agoEun
4 months agoShalon
4 months agoJulian
5 months agoJeanice
5 months agoCarmela
5 months agoHillary
5 months agoTeddy
6 months ago