Which of the following statements are true regarding the DfltGrpPolicy group policy? (Select 3 choices.)

A.
It cannot be modified.

B.
It is the default policy used with the DefaultRAGroup connection profile.

C.
It is the default policy used with the DefaultWEBVPNGroup connection profile.

D.
It can be applied to user profiles.

E.
It should be deleted if custom group policies are created.

Explanation:
The DfltGrpPolicy group policy can be applied to user profiles and is the default policy used with both the
DefaultRAGroup and the DefaultWEBVPNGroup connection profiles. Group policies are used with Cisco
Adaptive Security Appliances (ASAs) to specify security policies and network settings that are used when
remote virtual private network (VPN) users log in to the ASA. Cisco ASAs include the DfltGrpPolicy group
policy, which is the default policy used for the default connection profiles that are included on an ASA:
DefaultRAGroup and DefaultWEBVPNGroup. You can customize the DfltGrpPolicy group policy and tailor it to
match your company’s requirements, and you can inherit policies from it from within custom group policies. In
addition to applying this group policy to connection profiles, you can also apply it to user profiles, which you can
use to create a specific set of policies for individual users.
The DfltGrpPolicy group policy cannot be deleted. You can create custom group policies, but you cannot delete
the default group policy.

Cisco: Configuring Tunnel Groups, Group Policies, and Users: Default Group Policy