An engineer is requesting an SSL certificate for a VPN load-balancing cluster in which two Cisco ASAs provide clientless SSLVPN access. The FQDN that users will enter to access the clientless VPN is asa.example.com, and users will be redirected to either asa1.example.com or asa2.example.com. The cluster FQDN and individual Cisco ASAs FQDNs resolve to IP addresses 192.168.0.1, 192.168.0.2, and 192.168.0.3 respectively. The issued certificate must be able to be used to validate the identity of either ASA in the cluster without returning any certificate validation errors. Which fields must be included in the certificate to meet these requirements? A. CN=*.example.com, SAN=asa.example.com B. CN=192.168.0.1, SAN=asa1.example.com, asa2.example.com C. CN=asa.example.com, SAN=asa.example.com, asa1.example.com, asa2.example.com D. CN=192.168.0.1, SAN=192.168.0.1, 192.168.0.2, 192.168.0.3 Suggested Answer: A This question is in 300-730 Implementing Secure Solutions with Virtual Private Networks (SVPN) Exam For getting Cisco Certified Network Professional Security (CCNP Security) Certificate Disclaimers: The website is not related to, affiliated with, endorsed or authorized by Cisco. Trademarks, certification & product names are used for reference only and belong to Cisco. The website does not contain actual questions and answers from Cisco's Certification Exam.
Please login or Register to submit your answer