nerdexam
(ISC)2

CISSP · Question #1399

A hospital has allowed virtual private networking (VPN) access to remote database developers. Upon auditing the internal firewall configuration, the network administrator discovered that split- tunnel

The correct answer is B. Remote clients are permitted to exchange traffic with the public and private network.. Split-tunneling is a configuration that allows remote clients to access both the public and private network simultaneously through a VPN connection. This poses a security concern, because it increases the attack surface and exposes the private network to potential threats from th

Submitted by haru.x· Mar 5, 2026Communication and Network Security

Question

A hospital has allowed virtual private networking (VPN) access to remote database developers. Upon auditing the internal firewall configuration, the network administrator discovered that split- tunneling was enabled. What is the concern with this configuration?

Options

  • ARemote sessions will not require multi-layer authentication.
  • BRemote clients are permitted to exchange traffic with the public and private network.
  • CMultiple Internet Protocol Security (IPSec) tunnels may be exploitable in specific circumstances.
  • DThe network intrusion detection system (NIDS) will fail to inspect Secure Sockets Layer (SSL)

How the community answered

(30 responses)
  • A
    3% (1)
  • B
    90% (27)
  • D
    7% (2)

Explanation

Split-tunneling is a configuration that allows remote clients to access both the public and private network simultaneously through a VPN connection. This poses a security concern, because it increases the attack surface and exposes the private network to potential threats from the public network. Remote sessions may still require multi-layer authentication, multiple IPSec tunnels may not be exploitable in specific circumstances, and the NIDS may still inspect SSL traffic, depending on the VPN configuration.

Topics

#VPN#split tunneling#network security#firewall configuration

Community Discussion

No community discussion yet for this question.

Full CISSP Practice