Which two statements about the Cisco AnyConnect VPN Client are true? (Choose two.)
A. To improve security, keepalives are disabled by default.
B. It can be configured to download automatically without prompting the user
C. It can use an SSL tunnel and a DTLS tunnel simultaneously
D. By default, DTLS connections can fall back to TLS.
E. It enables users to manage their own profiles.
for D – https://www.cisco.com/c/en/us/support/docs/security/anyconnect-secure-mobility-client/116312-qanda-anyconnect-00.html#anc6
for C – https://www.cisco.com/c/en/us/td/docs/security/asa/asa84/configuration/guide/asa_84_cli_config/vpn_anyconnect.html#pgfId-1090425
CD
CD
https://www.cisco.com/c/en/us/td/docs/security/asa/asa84/configuration/guide/asa_84_cli_config/vpn_anyconnect.html#pgfId-1090425
Datagram Transport Layer Security (DTLS) allows the AnyConnect client establishing an SSL VPN connection to use two simultaneous tunnels—an SSL tunnel and a DTLS tunnel.
https://www.cisco.com/c/en/us/support/docs/security/anyconnect-secure-mobility-client/116312-qanda-anyconnect-00.html#anc6
By default, the DPD is enabled and set to 30 seconds for both the ASA (gateway) and the client.