Implementing Secure Solutions with Virtual Private Networks (SVPN) — Question 107

A network engineer is setting up Cisco AnyConnect 4.9 on a Cisco ASA running ASA software 9.1. Cisco AnyConnect must connect to the Cisco ASA before the user logs on so that login scripts can work successfully. In addition, the VPN must connect without user intervention. Which two key steps accomplish this task? (Choose two.)

Answer options

• A. Create a Network Access Manager profile with a client policy set to connect before user logon.
• B. Create a Cisco AnyConnect VPN profile with Start Before Logon set to true.
• C. Issue an identity certificate to the trusted root CA folder in the machine store.
• D. Create a Cisco AnyConnect VPN profile with Always On set to true.
• E. Create a Cisco Anyconnect VPN Management Tunnel profile.

Correct answer: B, C

Explanation

The correct answer is B and C. Option B ensures that the VPN connection is initiated before the user logs on, facilitating the execution of login scripts. Option C is also necessary as it involves issuing an identity certificate, which is critical for establishing a secure connection. The other options do not meet the requirement for connecting the VPN automatically before user logon.