Which two statements about the Cisco AnyConnect client Trusted Network Detection
feature are true? (Choose two.)

A.
The feature relies only on the DNS server list to detect whether the client machine is
in a trusted or untrusted network.

B.
An attacker can theoretically host a malicious DHCP server and return data that
triggers the client to believe that it resides in a trusted network.

C.
If an attacker knows the DNS server value that is configured in the Cisco AnyConnect
profile and provisions the DHCP server to return both a real and spoofed value, then
Cisco AnyConnect considers the endpoint to be in an untrusted network.

D.
The feature does not provide AnyConnect ability to automatically establish VPN
connection when the user is outside the trusted network.