Implementing Secure Solutions with Virtual Private Networks (SVPN) — Question 74

An administrator is setting up Cisco AnyConnect on a Cisco ASA with the requirement that AnyConnect automatically establishes a VPN when a company-owned laptop is connected to the internet outside of the corporate network. Which configuration meets these requirements?

Answer options

• A. SBL with user certificate authentication
• B. TND with machine certificate authentication
• C. SBL with machine certificate authentication
• D. TND with user certificate authentication

Correct answer: B

Explanation

The correct answer is B because TND (Trusted Network Detection) with machine certificate authentication allows the VPN to initiate automatically when the device connects to the internet. Options A and C involve SBL (Secure Browser Launcher) and user certificate authentication, which do not meet the requirement for automatic VPN connection on internet access, while option D uses TND but with user certificate authentication, which is not suitable here.