What is the default modulus size that is used to create a selfsigned certificate for SSL authentication on a Cisco ASA? (Select the best answer.)

Last Updated on August 4, 2021 by Admin 3

What is the default modulus size that is used to create a selfsigned certificate for SSL authentication on a Cisco ASA? (Select the best answer.)

  • 512 bits
  • 768 bits
  • 1,024 bits
  • 2,048 bits
Explanation:
The default modulus size that is used to create a selfsigned certificate for Secure Sockets Layer (SSL) authentication on a Cisco Adaptive Security Appliance (ASA) is 1,024 bits. If no trust point has been configured, an ASA dynamically generates a selfsigned certificate when an SSL connection is first established. For example, when a Secure Hypertext Transfer Protocol (HTTPS) or a Cisco Adaptive Security Device Manager (ASDM) connection is made to the ASA, a selfsigned certificate is used to authenticate the ASA to the browser or ASDM client. You can view selfsigned certificates in ASDM by opening the Configuration > Remote Access VPN > Certificate Management > Identity Certificates pane. You can identify a selfsigned certificate in the Identity Certificatespane by looking for a certificate with identical values in the Issued To and Issued Byfields. After selecting a certificate, you can click the Show Details button to display detailed information about the certificate. Below, you can see a selfsigned certificate associated with ASDM_Trustpoint0 and with a modulus of 1,024 bits:

300-735 Part 10 Q19 093
300-735 Part 10 Q19 093

Alternatively, you can examine a certificate by using a modern web browser. When a web browser or ASDM session is presented with a selfsigned certificate, it will issue a warning to indicate that it cannot verify the certificate with a root certificate authority (CA). Below, you can see an example of the warning information presented by a browserbased HTTPS session that receives a selfsigned certificate:

300-735 Part 10 Q19 094
300-735 Part 10 Q19 094

You can view the details of the certificate by clicking the Certificate information link, which will display the information about the contents of the certificate. You can determine that a certificate is selfsigned by noting that the Issued to and Issued by fields in the certificate contain the same value, as shown in the example below:

300-735 Part 10 Q19 095
300-735 Part 10 Q19 095

You can click the Details tab to view the contents of the certificate. Because this example is from an ASA with a default configuration, you can see in the following exhibit that the modulus size in the Public key field is 1,024 bits:

300-735 Part 10 Q19 096
300-735 Part 10 Q19 096
0 0 votes
Article Rating
Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments