Which two statements describe security services that are provided by the Phone Proxy function on
a Cisco ASA appliance? (Choose two.)
A.
It is supported only on phones that use SCCP.
B.
It is supported on an adaptive security appliance that runs in transparent mode.
C.
It provides interworking to ensure that the external IP phone traffic is encrypted, as long as the
Cisco Unified Communications Manager cluster runs in secure mode.
D.
It provides a proxy of phone signaling, with optional use of NAT, to hide the Cisco Unified
Communications Manager IP address from the public Internet.
E.
It proxies phone media so that internal phones are not directly exposed to the Internet.
F.
It supports IP phones that send phone proxy traffic through a VPN tunnel.
Explanation:
TLS Proxy is typically deployed in front of Cisco Unified Communications Manager
and other unified communications application servers that utilize media encryption. TLS Proxy is
not designed to provide remote-access encryption services for remote phones or client endpoints.
Other solutions such as Cisco ASA Phone Proxy or IP Security/Secure Sockets Layer (IPsec/SSL)
VPN services are more appropriate. TLS Proxy is not designed to provide a secure campus soft
phone solution where the requirement is to provide secure data to phone VLAN traversal or for
proxying connections to Cisco Unified Communications Manager.