Which two statements about the Cisco ASA configuration is true?

Which two statements about the Cisco ASA configuration is true? (Choose two.)

Which two statements about the Cisco ASA configuration is true? (Choose two.)

A.
NAT Control is enabled

B.
The Cisco ASA is setup as the DHCP server for hosts on the inside and outside interfaces

C.
All IP traffic is permitted from the inside host to the outside

D.
All hosts on the inside and on the outside can access Cisco ASDM

E.
Access to the CLI in privileged mode will be authenticated using the LOCAL database on the
Cisco ASA

F.
The ASA is using a persistent self-signed certificated so users can authenticate the Cisco ASA
when accessing it via Cisco ASDM

Explanation:
Verify each of the configuration options related to an answer option as shown below:
For answer A. NAT Control is enabled

If the box is checked “NAT Control” is enabled.
For answer B. The Cisco ASA is setup as the DHCP server for hosts on the inside and outside
interfaces

Verify which “DHCP Enabled” field is enabled next to each interface.
For answer C. All IP traffic is permitted from the inside host to the outside

Verify the access rules on the inside interface; note that the access rule in the example
above reflects the all traffic from the inside to any destination – but option C asks if there is

access rule from the inside to outside specifically – so this does not satisfy option C.
For answer D. All hosts on the inside and on the outside can access Cisco ASDM

Verify that access is permitted from the inside and outside for ASDM access.
For answer E. Access to the CLI in privileged mode will be authenticated using the LOCAL
database on the Cisco ASA

Verify if the “Require authentication to allow use of privileged mode commands” is
configured for local access.
For answer F. The ASA is using a persistent self-signed certificated so users can authenticate the
Cisco ASA when accessing it via Cisco ASDM

Verify if a certificate has been configured.



Leave a Reply 0

Your email address will not be published. Required fields are marked *