[TABS_R id=8782]
What is the default modulus size that is used to create a selfsigned certificate for SSL authentication on a Cisco ASA? (Select the best answer.)
- 512 bits
- 768 bits
- 1,024 bits
- 2,048 bits
Explanation:
The default modulus size that is used to create a selfsigned certificate for Secure Sockets Layer (SSL) authentication on a Cisco Adaptive Security Appliance (ASA) is 1,024 bits. If no trust point has been configured, an ASA dynamically generates a selfsigned certificate when an SSL connection is first established. For example, when a Secure Hypertext Transfer Protocol (HTTPS) or a Cisco Adaptive Security Device Manager (ASDM) connection is made to the ASA, a selfsigned certificate is used to authenticate the ASA to the browser or ASDM client. You can view selfsigned certificates in ASDM by opening the Configuration > Remote Access VPN > Certificate Management > Identity Certificates pane. You can identify a selfsigned certificate in the Identity Certificatespane by looking for a certificate with identical values in the Issued To and Issued Byfields. After selecting a certificate, you can click the Show Details button to display detailed information about the certificate. Below, you can see a selfsigned certificate associated with ASDM_Trustpoint0 and with a modulus of 1,024 bits:
Alternatively, you can examine a certificate by using a modern web browser. When a web browser or ASDM session is presented with a selfsigned certificate, it will issue a warning to indicate that it cannot verify the certificate with a root certificate authority (CA). Below, you can see an example of the warning information presented by a browserbased HTTPS session that receives a selfsigned certificate:
You can view the details of the certificate by clicking the Certificate information link, which will display the information about the contents of the certificate. You can determine that a certificate is selfsigned by noting that the Issued to and Issued by fields in the certificate contain the same value, as shown in the example below:
You can click the Details tab to view the contents of the certificate. Because this example is from an ASA with a default configuration, you can see in the following exhibit that the modulus size in the Public key field is 1,024 bits:
[TABS_R id=8782]