Which two statements describe security services that are provided by the Phone Proxy function on a
Cisco ASA appliance? (Choose two.)
A.
It is supported only on phones that use SCCP.
B.
It is supported on an adaptive security appliance that runs in transparent mode.
C.
It provides interworking to ensure that the external IP phone traffic is encrypted, as long as the
Cisco Unified Communications Manager cluster runs in secure mode.
D.
It provides a proxy of phone signaling, with optional use of NAT, to hide the Cisco Unified
Communications Manager IP address from the public Internet.
E.
It proxies phone media so that internal phones are not directly exposed to the Internet.
F.
It supports IP phones that send phone proxy traffic through a VPN tunnel.
Explanation:
TLS Proxy is typically deployed in front of Cisco Unified Communications Manager and other unified
communications application servers that utilize media encryption. TLS Proxy is not designed to
provide remote-access encryption services for remote phones or client endpoints. Other solutions
such as Cisco ASA Phone Proxy or IP Security/Secure Sockets Layer (IPsec/SSL) VPN services are more
appropriate. TLS Proxy is not designed to provide a secure campus soft phone solution where the
requirement is to provide secure data to phone VLAN traversal or for proxying connections to Cisco
Unified Communications Manager.