Home » Cisco » 210-260 v.2 » How does the Cisco ASA use Active Directory to authorize VPN users?
How does the Cisco ASA use Active Directory to authorize VPN users?
A. It queries the Active Directory server for a specific attribute for the specified user.
B. It sends the username and password to retrieve an ACCEPT or REJECT message from the Active Directory server.
C. It downloads and stores the Active Directory database to query for future authorization requests.
D. It redirects requests to the Active Directory server defined for the VPN group.
Correct Answer: A
Explanation/Reference:
When user LDAP authentication for VPN access has succeeded, the ASA queries the LDAP server, which returns LDAP, attributes. These attributes generally include authorization data that applies to the VPN session. Thus, using LDAP accomplishes authentication and authorization in a single step.
Reference: http://www.cisco.com/c/en/us/td/docs/security/asa/asa82/configuration/guide/config/access_aaa.html