CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. Cisco®
  5. 500-220

Free 500-220 Exam Braindumps (page: 1)

Page 1 of 19
PDF with 72 Questions

DRAG DROP (Drag and Drop is not supported)

Drag and drop the descriptions from the left onto the corresponding MX operation mode on the right.

  1. See Explanation section for answer.

Answer(s): A

Explanation:


Routed Mode:
This mode is the default mode of operation

This mode is generally also the default gateway for devices on the LAN Client traffic to the internet has the source IP rewritten to match the WAN IP of the appliance DHCP services can be configured on the MX appliance
Passthrough Mode:
The MX appliance acts as a layer 2 bridge
VLANs cannot be configured
No address translation is provided
This mode is not recommended at the network perimeter This question is related to the topic of MX Addressing and VLANs in the Cisco Meraki documentation. You can find more information about this topic in the MX Addressing and VLANs article or the General MX Best Practices page.



When an SSID is configured with Sign-On Splash page enabled, which two settings must be configured for unauthenticated clients to have full network access and not be allow listed? (Choose two.)

  1. Controller disconnection behavior
  2. Captive Portal strength
  3. Simultaneous logins
  4. Firewall & traffic shaping
  5. RADIUS for splash page settings

Answer(s): A,B

Explanation:

To clarify, when an SSID is configured with Sign-On Splash page enabled, the two settings that must be configured for unauthenticated clients to have full network access and not be allow listed are:
Controller disconnection behavior: This setting determines how the clients are treated when the Meraki cloud controller is unreachable. The options are Restricted or Unrestricted. The former option blocks all traffic from unauthenticated clients until the controller is reachable again. The latter option allows unauthenticated clients to access the network without signing on until the controller is reachable again1.
Captive Portal strength: This setting determines how often the clients are redirected to the splash page for authentication. The options are Block all access until sign-on is complete or Allow non-HTTP traffic prior to sign-on. The latter option allows unauthenticated clients to access other protocols such as DNS, DHCP, ICMP, etc., but blocks HTTP and HTTPS traffic until they sign on. This option is recommended for compatibility with devices that do not support web-based authentication1.


Reference:

https://documentation.meraki.com/MR/Access_Control



Refer to the exhibit.



Assuming this MX has established a full tunnel with its VPN peer, how will the MX route the WebEx traffic?

  1. WebEx traffic will prefer WAN 2 as long as it meets the thresholds in the "Conf" performance class.
  2. WebEx traffic will prefer WAN 1 as it is the primary uplink.
  3. WebEx traffic will prefer WAN 2 as long as it is up.
  4. WebEx traffic will be load-balanced between both active WAN links.

Answer(s): A

Explanation:

Assuming this MX has established a full tunnel with its VPN peer, the MX will route the WebEx traffic based on the SD-WAN policy configured in the exhibit. The SD-WAN policy has two performance classes: Conf and Default. The Conf performance class matches the traffic with destination port 9000, which is used by WebEx for VoIP and video RTP3. The Conf performance class has a preferred uplink of WAN 2 and a failover uplink of WAN 1. It also has thresholds for latency, jitter, and loss that determine when to switch from the preferred uplink to the failover uplink. Therefore, the WebEx traffic will prefer WAN 2 as long as it meets the thresholds in the Conf performance class. If WAN 2 exceeds the thresholds or goes down, the WebEx traffic will switch to WAN 1 as the failover uplink.



For which two reasons can an organization become "Out of License"? (Choose two.)

  1. licenses that are in the wrong network
  2. more hardware devices than device licenses
  3. expired device license
  4. licenses that do not match the serial numbers in the organization
  5. MR licenses that do not match the MR models in the organization

Answer(s): B,C

Explanation:

More hardware devices than device licenses: An organization needs to have enough device licenses to cover all the hardware devices in its network. A device license is consumed by each device that is added to the network. If the number of devices exceeds the number of licenses, the organization will be out of license and will lose access to some features and support until it purchases more licenses or removes some devices4.
Expired device license: A device license has an expiration date that depends on the license term purchased by the organization. If a device license expires, it will no longer be valid and will not count towards the license limit. The organization will need to renew the expired license or purchase a new one to avoid being out of license4.


Reference:

https://documentation.meraki.com/General_Administration/Licensing/Meraki_Licensing_FAQs



Page 1 of 19



Post your Comments and Discuss Cisco® 500-220 exam with other Community members:

Pierre commented on August 01, 2022
The study product is well formatted and very useful. I recommend.
FRANCE
upvote