A Cisco AnyConnect client establishes a SSL VPN connection with an ASA at the corporate office.
An engineer must ensure that the client computer meets the enterprise security policy.
Which feature can update the client to meet an enterprise security policy?
Click on the arrows to vote for the correct answer
A. B. C. D.D.
When a client establishes a SSL VPN connection with an ASA at the corporate office, it is important to ensure that the client computer meets the enterprise security policy. This can be achieved through the use of endpoint security features that are available on Cisco AnyConnect VPN clients.
The four options listed in the question are:
A. Endpoint Assessment B. Cisco Secure Desktop C. Basic Host Scan D. Advanced Endpoint Assessment.
Of these, the feature that can update the client to meet an enterprise security policy is Endpoint Assessment (A).
Endpoint Assessment is a feature of Cisco AnyConnect that allows the VPN client to be checked for compliance with the enterprise security policy before a VPN connection is established. This feature ensures that the client computer meets the required security standards before allowing access to corporate resources.
Endpoint Assessment can check for a variety of compliance issues, such as antivirus software, operating system patches, firewall settings, and more. If the client computer does not meet the required security standards, Endpoint Assessment can either deny access or remediate the issue by updating the client software to bring it into compliance.
Cisco Secure Desktop (B) is a feature that provides a secure environment for the VPN connection by disabling certain features on the client computer, such as file sharing and printing. However, it does not check for compliance with the enterprise security policy.
Basic Host Scan (C) is a feature that checks for the presence of antivirus software and operating system patches. However, it does not provide remediation or check for other compliance issues.
Advanced Endpoint Assessment (D) is a feature that provides a more thorough check of the client computer's security posture, including compliance with security policies, software inventory, and more. However, this feature is only available on Cisco Identity Services Engine (ISE), which is not mentioned in the question.
In summary, the feature that can update the client to meet an enterprise security policy is Endpoint Assessment (A), which checks for compliance with security policies and can remediate issues as needed.