Which two security services are provided by the Phone Proxy function on a Cisco ASA appliance? (Choose two.)
Click on the arrows to vote for the correct answer
A. B. C. D. E. F.CE.
When using TLS Proxy, the Cisco ASA appliance is inserted between the phones and Cisco Unified Communications Manager.
The phones will now establish a TLS session with the ASA appliance.
The appliance will, in turn, establish a proxy TLS connection with Cisco Unified Communications Manager on the phone's behalf.
This function generates two TLS sessions.
The Phone Proxy function on a Cisco ASA (Adaptive Security Appliance) appliance is used to provide security services for IP phone traffic. It can perform several functions to ensure that the traffic is secure and protected. The two security services provided by the Phone Proxy function are:
A. Interworking to ensure that external IP phone traffic is encrypted: The Phone Proxy function can interwork with the Cisco Unified Communications Manager (CUCM) to ensure that external IP phone traffic is encrypted. This is achieved by ensuring that the CUCM cluster runs in secure mode. When a call is made from an external IP phone, the Phone Proxy function intercepts the call signaling and ensures that the call is encrypted before it is sent over the network.
D. Support for encrypted TFTP operation of IP phone configuration files: The Phone Proxy function can also support the encrypted TFTP (Trivial File Transfer Protocol) operation of IP phone configuration files. This ensures that the configuration files are securely transferred between the IP phone and the CUCM cluster.
The other options are incorrect:
B. It only applies to encrypted voice calls where both parties utilize encryption: This option is incorrect because the Phone Proxy function can interwork with the CUCM to ensure that external IP phone traffic is encrypted, even if only one party utilizes encryption.
C. It manipulates the call signaling to ensure that all media is routed via the adaptive security appliance: This option is incorrect because the Phone Proxy function does not manipulate call signaling to route media through the ASA appliance. It only provides security services for IP phone traffic.
E. It intercepts and authenticates soft clients before they reach Cisco Unified Communications Manager clusters: This option is incorrect because the Phone Proxy function does not intercept and authenticate soft clients. Soft clients are typically authenticated by the CUCM cluster.
F. It requires a remote routing device with an IPsec VPN tunnel: This option is incorrect because the Phone Proxy function does not require a remote routing device with an IPsec VPN tunnel. It is a function provided by the Cisco ASA appliance.