Cisco
300-730 · Question #159
300-730 Question #159: Real Exam Question with Answer & Explanation
Sign in or unlock 300-730 to reveal the answer and full explanation for question #159. The question stem and answer options stay visible for context.
Question
Refer to the exhibit. A network administrator is setting up Cisco AnyConnect on an ASA headend. When users attempt to connect to the VPN, they are presented with this message. The administrator has replaced the ASA's self-signed certificate with a certificate enrolled with the external CA and has confirmed that the certificate is not revoked. Which two tasks will the administrator need to do to prevent users from seeing this message? (Choose two.)
[Exhibit: Cisco AnyConnect Secure Mobility Client window showing "Security Warning: Untrusted Server Certificate!". Details include "AnyConnect cannot verify server: example.cisco.com", "Certificate does not match the server name", "Certificate is from an untrusted source". Buttons: Connect Anyway, Cancel Connection.]
Options
- ATrust the issuing CA for the ASA identity certificate on the user's PC.
- BEnroll and import an SSL certificate with the CN value example.cisco.com on the ASA.
- CAdd the CN example.cisco.com to the AnyConnect XML certificate matching section.
- DEnable certificate authentication under the connection profile.
- EAdd example.cisco.com to the server name list within the AnyConnect Local Policy.
Unlock 300-730 to see the answer
You've previewed enough free 300-730 questions. Unlock 300-730 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.