You are using ASDM to verify a clientless SSL VPN confi…

You are using ASDM to verify a clientless SSL VPN configuration made by a junior administrator on an ASA.
Please click exhibit to answer the following questions.
Exhibit:

Which of the following statements are true regarding the extranet connection profile? (Select three.)

You are using ASDM to verify a clientless SSL VPN configuration made by a junior administrator on an ASA.
Please click exhibit to answer the following questions.
Exhibit:

Which of the following statements are true regarding the extranet connection profile? (Select three.)

A.
It will use the boson_grp group policy.

B.
It will use the DfltGrpPolicy group policy.

C.
It will use the local AAA database for authentication.

D.
It will use digital certificates for authentication.

E.
It will use the DfltCustomization customization object.

F.
It will use the boson_customization customization object.

G.
It will use the extranet_customization customization object.

Explanation:
The extranet connection profile will use the DfltGrpPolicy group policy, the local Authentication, Authorization,
and Accounting (AAA) database for authentication, and the extranet_customization customization object. When
creating a connection profile in Cisco Adaptive Security Device Manager (ASDM), you can specify a number of
parameters. For example, you can specify the type of authentication to use and the default group policy to use
for VPN connections made by using the connection profile. This information can be configured or modified on
the Add or Edit Clientless SSL VPN Connection Profile dialog box in ASDM. To access this dialog box in
ASDM, you should click Configuration, click the Remote Access VPN button, expand Clientless SSL VPN
Access, and click Connection Profiles. You can then doubleclick a connection profile to open the Edit Clientless
SSL VPN Connection Profile dialog box for the selected connection profile. The Edit Clientless SSL VPN
Connection Profile dialog box for the extranet tunnel group is shown in the following exhibit:

The Authentication section of the Basic screen of the Edit Clientless SSL VPN Connection Profile dialog box
indicates that the tunnel group will use the local AAA database for user authentication. Thus any VPN
connections made by using this tunnel group will be authenticated against the AAA database.
The Default Group Policy section indicates that the DfltGrpPolicy group policy will be applied to this connection
profile. That is, the settings in the DfltGrpPolicy group policy will apply to VPN users who connect by using the
extranet tunnel group.
The Clientless SSL VPN screen of the Edit Clientless SSL VPN Connection Profiledialog box indicates that the
extranet connection profile will use the extranet_customization customization object. This screen is shown in
the following exhibit:

Cisco: Configuring Tunnel Groups, Group Policies, and Users: Connection Profiles



Leave a Reply 0

Your email address will not be published. Required fields are marked *