A hospital has allowed virtual private networking (VPN) access to remote database developers. Upon auditing the internal configuration, the network administrator discovered that split-tunneling was enabled. What is the concern with this configuration?
The primary concern with split-tunneling is that it allows remote clients to send traffic to both the public internet and the private network simultaneously. This can create significant security risks, as it exposes the private network to potential threats and vulnerabilities from the public internet. Attackers can exploit this dual access to compromise the remote client and gain unauthorized access to the private network, thereby bypassing security controls that would typically protect the internal network.
In the Official ISC2 CISSP CBK (4th edition), page 607, it is mentioned that split-tunneling allows remote clients to access both the private network and the public internet simultaneously, potentially exposing the private network to security risks. This configuration can be exploited by attackers to gain unauthorized access to the private network through the public internet. Therefore, split-tunneling should be avoided, especially in sensitive environments such as hospitals.
Correct answer is A
C clearly defines split-tunneling
C. My reasoning: It defines what is Split-Tunneling. You can have the VPN to be connected to the business network while at the same time have access to the PUBLIC Internet. They nonchalantly throw it there that it is connected to a VPN and Public Internet like it's not a security concern. The end client can be exploited from the public side to enter the VPN and be a threat to the private network. sorry if my wording gave anyone a headache. wish I could draw it out
Split-tunneling is a configuration that allows VPN clients to exchange traffic both with the public Internet and the private network at the same time. This can create a security concern because it allows remote clients to access resources on both the public Internet and the private network, potentially bypassing security controls that are in place on the private network. This can open the organization to a risk of data exfiltration and other malicious activity. A is true that a NIDS cannot inspect SSL traffic but what does this have to do with a split tunnel?
It means that the traffic is not tunneled to the corporate network where the security controls are made as it goes directly to the internet. The security concern with split-tunneling is, that the traffic that goes directly to the internet cannot be inspected.
split tunnel allows connection to hospital network while at the same time allowing access to public network, that is why it is called split
As a CCNP, I can confirm that the answer is C. Without a shadow of a doubt.
These are remote database developers. They should use VPN in a full tunneling mode.
From this discussion, I would select A. https://www.auvik.com/franklyit/blog/vpn-split-tunneling/ But I am not so very sure. I think C is also correct, since it will also include scenario in A.
What is the concern with this configuration? Not what is Split-tunneling? Multiple Internet Protocol Security (IPSec) tunnels may be exploitable in specific circumstances. IPsec (Internet Protocol Security) is a suite of protocols that secure network communication across IP networks. It provides security services for IP network traffic such as encrypting sensitive data, authentication, protection against replay and data confidentiality.
Split tunnel is used for VPN client can access the internet directly instead of coming to Corp/office network. It doesn't meant will exchange the traffic bn Internet and Corp/office. Split tunneling failing to inspect the SSL traffic. So i will go with Answer A.
C is correct
C. Remote clients are permitted to exchange traffic with the public and private network. Split-tunneling allows remote clients to route their internet traffic (public network) directly through their local internet connection while still maintaining a connection to the corporate network (private network) through the VPN. This means that traffic is divided between the public internet and the private corporate network.
While split-tunneling can reduce the load on the corporate network and improve performance for the remote user, it also introduces security risks. By allowing remote clients to access the public internet while connected to the corporate network, it opens up the possibility for malware or attackers to potentially compromise the remote client and then use that compromised client to access the corporate network, thereby bypassing some of the security measures in place.
C. Split tunneling allows only traffic destined for a specific network to flow through the VPN. All other traffic that is not specifically destined for the specific network will flow out to the internet.