You are configuring a connection profile for clientless SSL VPN connections. You have accessed the Add
Clientless SSL VPN Connection Profile dialog box in ASDM.Which of the following authentication methods can you configure in this dialog box? (Select the best answer.)
A.
only AAA
B.
only OTP
C.
only digital certificates
D.
both AAA and OTP
E.
both AAA and digital certificates
Explanation:
You can configure Authentication, Authorization, and Accounting (AAA) and digital certificate authentication on
the Add Clientless SSL VPN Connection Profile dialog box in Cisco Adaptive Security Device Manager (ASDM).
Connection profiles are used to separate remote virtual private network (VPN) users into groups. For example,
you can use one connection profile for contractors and another connection profile for managers, with each
profile providing access to different resources.
You can configure a new connection profile by using ASDM. To configure a new connection profile for clientless
Secure Sockets Layer (SSL) VPN connections by using ASDM, you should click Configuration, click the
Remote Access VPN button, expand Clientless SSL VPN Access, and click Connection Profiles, which will
open the Connection Profiles configuration pane. From this pane, you can view a list of existing connection
profiles and you can create new connection profiles. You should click the Add button under Connection Profiles
in the Connection Profiles screen to create a new connection profile and to open the Add Clientless SSL VPN
Connection Profile dialog box, which is shown in the following exhibit:In this dialog box, you can configure the connection profile details, including the authentication method to use,
the Domain Name System (DNS) server to use, and the group policy to apply to the connection profile. There
are two authentication methods that are supported: AAA and Certificate. You can configure the connection
profile to use either or both of the methods.
You cannot configure onetime passwords (OTPs) as an authentication method for connection profiles on the
Add Clientless SSL VPN Connection Profile dialog box in ASDM. OTP is a two factor user authentication
method that typically uses a personal identification number (PIN) in conjunction with code generated by a
hardware or software token. The token is synchronized with a central server and periodically generates a code.
The code is only valid until the next code is generated, which typically occurs in less than 60 seconds.Cisco: Configuring Tunnel Groups, Group Policies, and Users: Connection Profile Connection Parameters for
SSL VPN Sessions