Which two statements about the Cisco ASA configuration is true? (Choose two.)
A.
NAT Control is enabled
B.
The Cisco ASA is setup as the DHCP server for hosts on the inside and outside interfaces
C.
All IP traffic is permitted from the inside host to the outside
D.
All hosts on the inside and on the outside can access Cisco ASDM
E.
Access to the CLI in privileged mode will be authenticated using the LOCAL database on the
Cisco ASA
F.
The ASA is using a persistent self-signed certificated so users can authenticate the Cisco ASA
when accessing it via Cisco ASDM
Explanation:
Verify each of the configuration options related to an answer option as shown below:
For answer A. NAT Control is enabledIf the box is checked “NAT Control” is enabled.
For answer B. The Cisco ASA is setup as the DHCP server for hosts on the inside and outside
interfacesVerify which “DHCP Enabled” field is enabled next to each interface.
For answer C. All IP traffic is permitted from the inside host to the outsideVerify the access rules on the inside interface; note that the access rule in the example
above reflects the all traffic from the inside to any destination – but option C asks if there isaccess rule from the inside to outside specifically – so this does not satisfy option C.
For answer D. All hosts on the inside and on the outside can access Cisco ASDMVerify that access is permitted from the inside and outside for ASDM access.
For answer E. Access to the CLI in privileged mode will be authenticated using the LOCAL
database on the Cisco ASAVerify if the “Require authentication to allow use of privileged mode commands” is
configured for local access.
For answer F. The ASA is using a persistent self-signed certificated so users can authenticate the
Cisco ASA when accessing it via Cisco ASDMVerify if a certificate has been configured.