Free Cisco CLCEI 300-820 Actual Exam Questions - Question 3 Discussion

B imo, the HTTP allow list is key for Expressway-C to let those directory photo requests pass through. Certificates (D) are less relevant unless the server itself demands mutual TLS.

It’s B because without explicitly allowing the directory photo server on the HTTP allow list, Expressway-C won’t let those requests through, no matter the certs or zones.

B, since without allowing HTTP(S) traffic, requests won't reach the photo server.

Option B seems solid since adding the directory photo server to the HTTP allow list directly enables Expressway-C to pass through those requests. Without it, traffic might be blocked regardless of certificates.

Maybe D here. The certificate on Expressway-C needs to trust the directory photo server’s FQDN so that secure connections can be established without errors. Just adding it to the HTTP allow list (B) might let traffic through, but if the client pulls photos over HTTPS, the cert has to match. Neighbor zones (C) seem more for SIP stuff, and search rules (A) don’t really apply for directory photos. So probably the cert update is necessary to avoid connection issues when fetching photos securely.

It’s B for me. The key here is that the Expressway-C needs to permit HTTP or HTTPS traffic to the directory photo server, so adding it to the HTTP allow list makes sure requests get through. Neighbor zones are more about SIP signaling, not HTTP content delivery like photos. Also, the certificate option (D) is less relevant unless there’s a trust issue, which isn’t mentioned. So allowing HTTP traffic explicitly seems like the right move.

C imo, neighbor zones handle secure communication paths between Expressway and internal servers. Since directory photos are internal resources, setting up a neighbor zone to that server fits better than just an HTTP allow list.

B Adding the directory photo server to the HTTP allow list makes sense since Expressway-C needs explicit permission to forward HTTP requests there. Neighbor zones are usually for SIP signaling, not HTTP traffic.

B, since the Expressway-C needs to allow HTTP traffic to that server.

B/C? The directory photo server needs to be reachable over HTTP, so adding it to the HTTP allow list (B) makes sense. But creating a neighbor zone (C) also feels relevant for internal server communication.

Actually, I’m wondering if the question specifies which version of Expressway-C is in use? Some features and requirements vary by version, especially around security and certificate handling. Also, is the internal directory photo server using HTTPS or HTTP? That might affect whether it needs to be on the HTTP allow list or require a neighbor zone setup. Without that detail, it’s tricky to be sure about option B or C. Anyone know if the directory photo server typically needs a specific DNS or routing rule on Expressway-C for MRA clients?