BD2G Flashcards
In an organization that uses the Co-Termination licensing model, which two operations enable licenses to be applied?
(Choose two.)
A. Renew the Dashboard license.
B. License a network.
C. License more devices.
D. Call Meraki support.
E. Wait for the devices to auto-renew.
Answer: AC
Which two Systems Manager Live tools are available only for Apple Macs and Windows PCs and cannot be used on
iOS or Android mobile devices? (Choose two.)
A. OS updates
B. Send notification
C. Selective wipe
D. Screenshot
E. Remote Desktop
Answer: CE
What happens when an additional seven APs are claimed on this network without adding licenses?
A. All APs immediately stop functioning.
B. All network devices stop functioning in 30 days.
C. One AP Immediately stops functioning.
D. All APs stop functioning in 30 days.
Answer: B
Refer to the exhibit. What does the MX Security Appliance send to determine whether VPN traffic exceeds the
configured latency threshold in the VoIP custom performance class?
A. 1000-byte TCP probes every second, through VPN tunnels that are established over the primary
WAN link.
B. 100-byte UDP probes every second, through VPN tunnels that are established over every WAN
link.
C. 100-byte UDP probes every second, through VPN tunnels that are established over the primary
WAN link.
D. 1000-byte TCP probes every second, through VPN tunnels that are established over every WAN
link.
Answer: D
What is the role of the Meraki Dashboard as the service provider when using SAML for single sign-on to the
Dashboard?
A. The Dashboard generates the SAML request.
B. The Dashboard provides user access credentials.
C. The Dashboard parses the SAML request and authenticates users.
D. The Dashboard generates the SAML response.
Answer: A
Refer to the exhibit. What are two outcomes reflected in the Web App Health application? (Choose two.)
A. Users on both networks may be experiencing issues when attempting to reach Google.
B. Network #1 could not load Google because of a remote server issue.
C. Network #2 had better application performance than Network #1.
D. Network #2 could not load Google because of a local client misconfiguration.
E. Neither network recorded any server-side performance issues.
Answer: BE
What are two organization permission types? (Choose two.)
A. Full
B. Read-only
C. Monitor-only
D. Write
E. Write-only
Answer: AB
Refer to the exhibit. Which design recommendation should be considered?
A. A 25-percent throughput loss occurs for every hop. Cisco Meraki best practice recommends a 1-
hop maximum.
B. A 25-percent throughput loss occurs for every hop. Cisco Meraki best practice recommends a 2-
hop maximum.
C. A 50-percent throughput loss occurs for every hop. Cisco Meraki best practice recommends a 1-
hop maximum.
D. A 50-percent throughput loss occurs for every hop. Cisco Meraki best practice recommends a 2-
hop maximum.
Answer: A
What are two roles of the network and device tags in a Dashboard? (Choose two.)
A. Tags enable administrators to configure a combination of network and device specific tags to
create summary reports filtered for specific devices across multiple networks.
B. Network tags can be used to assign networks to separate Auto VPN domains in an Organization
with many networks.
C. Network tags can be used to simplify the assignment of network-level permissions in an
Organization with many networks.
D. Device tags can be used to simplify the assignment of device-level permissions in an
Organization with many administrators.
E. Device tags can be assigned to MR APs to influence the gateway selection for repeaters in a
mesh wireless network.
Answer: AE
Refer to the exhibit. Which outcome occurs when logging is set to Enabled?
A. Outbound flows are sent to a configured syslog server if a syslog sender is configured for flows.
B. The hits counter within this section is now enabled.
C. This firewall rule is now enabled.
D. Inbound flows are sent to a configured syslog server if a syslog server configured for flows.
Answer: D
Refer to the exhibit. What is the minimal Cisco Meraki Insight licensing requirement?
A. A single Meraki Insight license must be configured on network A to gain Web App Health visibility
on network B.
B. A single Meraki Insight license must be configured on network B to gain Web App Health visibility
on network B.
C. A single Meraki Insight license must be configured on network A, and a single license must be
configured on network B, to gain Web App Health visibility on network B.
D. Two Meraki Insight licenses must be configured on network A to gain Web App Health visibility on
network B.
E. Two Meraki Insight licenses must be configured on network A and a single license must be
configured on network B, to gain Web App Health visibility on network B.
Answer: E
Air Marshal has contained a malicious SSID.
What are two effects on connectivity? (Choose two.)
A. Currently associated clients stay connected.
B. New clients can connect.
C. Currently associated clients are affected by restrictive traffic shaping rules.
D. New clients cannot connect.
E. Currently associated clients are disconnected.
Answer: DE
What is the best practice Systems Manager enrollment method when deploying corporate-owned iOS devices?
A. manual
B. Apple Configurator
C. Sentry enrollment
D. DEP
Answer: D
** Corrected **
A customer requires a hub-and-spoke Auto VPN deployment with two NAT-mode hubs with dual uplink connections
and 50 remote sites with a single uplink connection.
How many tunnels does each hub need to support?
A. 52
B. 54
C. 100
D. 104
Answer: C
Which order is accurate for a firmware upgrade on MX appliances in a high-availability configuration?
A. starts on the secondary MX appliance and then occurs on the primary MX appliance
B. starts on both MX appliances at the same time and then reboots both appliances after traffic on
the primary MX appliance ceases
C. starts on both MX appliances at the same time and then immediately reboots both appliances
D. starts on the primary MX appliance and then occurs on the secondary MX appliance
Answer: D
Confirmed
How is high-availability supported for Cisco Meraki devices?
A. Only the MX Security Appliances that use VRRP support high availability.
B. An active/active high-availability pair is recommended for MX Security Appliances.
C. The MX Security Appliances and MS Series Switches that use VRRP support an active/passive
high-availability pair.
D. The MX Security Appliances and MS Series Switches that use HSRP support an active/passive
high-availability pair.
Answer: A
Which three verbs of request are available in the Cisco Meraki API? (Choose three.)
A. SET
B. PUT
C. PATCH
D. ADD
E. POST
F. GET
Answer: BEF
A customer wants to use Microsoft Azure to host corporate application servers.
Which feature does the customer get by using a vMX appliance rather than connecting directly to Azure by VPN?
A. malware protection
B. SD-WAN
C. next-generation firewall
D. intrusion prevention
Answer: C
Refer to the exhibit. What is an advantage of implementing inter-VLAN routing on an MX Security Appliance rather than
performing inter-VLAN routing on an MS Series Switch?
A. The MX appliance performs IDS/IPS for inter-VLAN traffic.
B. The MX appliance performs AMP for inter-VLAN traffic.
C. The MX appliance performs data encryption for inter-VLAN traffic.
D. The MX appliance performs content filtering for inter-VLAN traffic.
Answer: C
** Need to check **
Which API endpoint clones a new Organization?
A. POST /organizations/clone/{organizationId}
B. PUT /organizations/{organizationId}/clone
C. POST /organizations/{organizationId}/new
D. POST /organizations/{organizationId}/clone
Answer: C
What happens to an unsupervised iOS device when the “Meraki management” profile is removed?
A. The “Meraki management” profile is removed. All configuration profiles that Systems Manager
pushed remain.
B. The “Meraki management” profile is removed. All configuration profiles that Systems Manager
pushed are also removed.
C. The “Meraki management” profile is removed and then pushed automatically by Systems
Manager.
D. The “Meraki management” profile cannot be removed.
Answer: B
Which requirement is needed to implement Fast Lane on Cisco Meraki APs?
A. wireless profile installed on an Apple iOS device
B. wireless profile installed on a Cisco iOS access point
C. adaptive 802.11r disabled
D. traffic shaping rule tagging traffic with a DSCP value of 46 to Apple.com
Answer: A
Which type of authentication protocol is used when using OSPF on an MX appliance?
A. MD5
B. certificate
C. plaintext
D. SHA-1
Answer: A
When wireless SSIDs are configured in Dashboard, which setting on the Access Control page affects the ability of a 2.4
GHz only client device from associating to the WLAN for the first time?
A. Content filtering
B. Bridge mode
C. 802.11r
D. Dual band operating with Band Steering
Answer: D
Which two actions can extend the video retention of a Cisco Meraki MV Smart Camera? (Choose two.)
A. enabling audio compression
B. installing an SSD memory extension
C. enabling motion-based retention
D. enabling maximum retention limit
E. configuring a recording schedule
Answer: CE
How does a Meraki device behave if cloud connectivity is temporarily lost?
A. The offline device continues to run with its last known configuration until cloud connectivity is
restored.
B. The offline device reboots every 5 minutes until connection is restored.
C. The offline device stops passing traffic.
D. The offline device tries to form a connection with a local backup sever.
Answer: A
** Corrected **
Where should a network admin navigate to investigate wireless mesh information between Meraki APs?
A. Wireless > Monitor > Access Points > AP > RF
B. Wireless > Configure > Radio Settings
C. Wireless > Monitor > Wireless Health
D. Wireless > Monitor > RF Spectrum
Answer: A
Refer to the exhibit (meraki-scanning). During a Meraki AP deployment, the default SSID that the exhibit shows is broadcast.
What causes this behavior?
A. An AP does not have a wired connection to the network.
B. An AP cannot connect to the default gateway.
C. An AP has never connected to the Meraki Cloud Controller.
D. An AP has Site Survey mode enabled.
Answer: C
A Cisco Meraki MV camera is monitoring an office and its field of vision currently captures work desks and employee
computer screens. However, recording employee computer screens is prohibited by local regulation.
Which feature in Dashboard can be used to preserve the current position of the camera while also meeting regulation
requirements?
A. zone exclusion
B. privacy window
C. area or interest
D. sensor crop
E. restricted mode
Answer: B
** Corrected **
Which Cisco Meraki product must be deployed in addition to Systems Manager so that Systems Manager Sentry
enrollment can be used?
A. MS Switch
B. Meraki Insight
C. MR Access Point
D. MV Smart Camera
Answer: C
Which information do the MXs in a High Availability pair share?
A. spanning-tree state
B. time synchronization state
C. DHCP association database
D. stateful firewall database
Answer: C
** Corrected **
Which VLAN is used to source pings across the site-to-site VPN when using the MX Live tools?
A. highest VLAN ID that is configured and set to NO to use VPN
B. lowest VLAN ID that is configured and set to YES to use VPN
C. highest VLAN ID that is configured and set to YES to use VPN
D. lowest VLAN ID configured and set to NO to use VPN
Answer: C
A new application needs to be pushed to all iOS devices. Some devices report “NotNow” in the event log and do not
install the application.
What does the “NotNow” event indicate?
A. The application requires the most recent iOS version.
B. The device is locked with a passcode.
C. The device cannot connect to Apple servers.
D. The device cannot connect to Cisco Meraki servers.
Answer: B
Which information is used to calculate whether a WAN link has high usage?
A. data under Security & SD WAN > Appliance Status > Uplink > Live Data
B. total historical throughput of an uplink
C. total number of devices that are actively passing traffic
D. value under Security & SD WAN > SD WAN & Traffic Shaping > Uplink Configuration
Answer: D
Which configuration step is necessary when automatic updating is required of iOS apps provisioned through Systems
Manager that are found in the App Store?
A. No configuration step is necessary; automatic updating is the default behavior.
B. Configure automatic updating of iOS devices in the Meraki installed profile.
C. Create a security policy that enables automatic updates.
D. Create a profile with automatic update enabled and apply it to iOS devices.
Answer: C
Of which two solutions is a Cisco Meraki device a component? (Choose two.)
A. cloud-managed
B. on premises
C. hybrid
D. Cisco Catalyst
E. Cisco Prime Infrastructure
Answer: AC
When an SSID is configured with Sign-On Splash page enabled, which two settings must be configured for
unauthenticated clients to have full network access and not be allow listed? (Choose two.)
A. Controller disconnection behavior
B. Captive Portal strength
C. Simultaneous logins
D. Firewall & traffic shaping
E. RADIUS for splash page settings
Answer: AB
Refer to the exhibit. Assuming this MX has established a full tunnel with its VPN peer, how will the MX route the WebEx
traffic?
A. WebEx traffic will prefer WAN 2 as long as it meets the thresholds in the “Conf” performance
class.
B. WebEx traffic will prefer WAN 1 as it is the primary uplink.
C. WebEx traffic will prefer WAN 2 as long as it is up.
D. WebEx traffic will be load-balanced between both active WAN links.
Answer: B
For which two reasons can an organization become “Out of License”? (Choose two.)
A. licenses that are in the wrong network
B. more hardware devices than device licenses
C. expired device license
D. licenses that do not match the serial numbers in the organization
E. MR licenses that do not match the MR models in the organization
Answer: BC
Refer to the exhibit. Which two actions are required to optimize load balancing asymmetrically with a 4:1 ratio between
links? (Choose two.)
A. Change the primary uplink to “none”.
B. Add an internet traffic preference that defines the load-balancing ratio as 4:1.
C. Enable load balancing.
D. Set the speed of the cellular uplink to zero.
E. Change the assigned speeds of WAN 1 and WAN 2 so that the ratio is 4:1.
Answer: BC
How is an organization defined within the context of the Cisco Meraki dashboard?
A. It serves as the boundary of the administrative domain of the account including license, inventory,
and user management.
B. It is defined by the network construct of the user and categorized as either SME (small medium
enterprise), campus, or a distributed enterprise
C. It contains Cisco Meraki devices, their configurations, statistics, and any client device information.
D. It consists of multiple service
Answer: A
What are two ways peers interact with ports that Auto VPN uses? (Choose two.)
A. For IPsec tunneling, peers use high UDP ports within the 32768 to 61000 range.
B. Peers contact the VPN registry at UDP port 9350.
C. For IPsec tunneling, peers use high TCP ports within the 32768 to 61000 range.
D. Peers contact the VPN registry at TCP port 9350.
E. For IPsec tunneling, peers use UDP ports 500 and 4500.
Answer: BC
** Need to Research **
What occurs when a configuration change is made to an MX network that is bound to a configuration template?
A. The configuration change in the bound network is combined with the template configuration inside
the template.
B. The more restrictive configuration is preferred.
C. The configuration change in the bound network overrides the template configuration.
D. The template configuration overrides the configuration change in the bound network.
Answer: A
One thousand concurrent users stream video to their laptops. A 30/70 split between 2.4 GHz and 5 GHz is used.
Based on client count, how many APs (rounded to the nearest whole number) are needed?
A. 26
B. 28
C. 30
D. 32
Answer: C
Refer to the exhibit . For an AP that displays this alert, which network access control method must be in use?
A. preshared key
B. WPA2-enterprise with my RADIUS server
C. splash page with my RADIUS server
D. MAC-based access control with RADIUS server
Answer: A
Which Meraki Dashboard menu section is accessed to enable Sentry enrollment on an SSID?
A. Wireless > Configure > Access Control
B. Wireless > Configure > Splash page
C. Wireless > Configure > Firewall & Traffic Shaping
D. Wireless > Configure > SSIDs
Answer: A
Company iPads are enrolled in Systems Manager without supervision, and profiles are pushed through Systems
Manager.
Which outcome occurs when a user attempts to remove the “Meraki Management” profile on an iPad?
A. The “Meraki Management” profile cannot be removed.
B. The “Meraki Management” profile is removed and then pushed automatically by Systems
Manager.
C. The “Meraki Management” profile is removed. All the profiles that Systems Manager pushed are
also removed.
D. The “Meraki Management” profile is removed. All the profiles Systems Manager pushed remain.
Answer: C
Refer to the exhibit. Which IDS/IPS mode is the MX Security Appliance configured for?
A. quarantine
B. prevention
C. detection
D. blocking
Answer: B
Which two primary metrics does Meraki Insight use to calculate the Application Performance Score? (Choose two.)
A. Maximum Jitter
B. Total Bandwidth Usage
C. Maximum Latency
D. Per-flow Goodput
E. Application Response Time
Answer: DE
What is a feature of distributed Layer 3 roaming?
A. An MX Security Appliance is not required as a concentrator.
B. An MX Security Appliance is required as a concentrator.
C. All wireless client traffic can be split-tunneled.
D. All wireless client traffic is tunneled.
Answer: A
