Certified Information Systems Security Professional (CISSP) — Question 62

A hospital has allowed virtual private networking (VPN) access to remote database developers. Upon auditing the internal configuration, the network administrator discovered that split-tunneling was enabled. What is the concern with this configuration?

Answer options

• A. The network intrusion detection system (NIDS) will fail to inspect Secure Sockets Layer (SSL) traffic.
• B. Remote sessions will not require multi-layer authentication.
• C. Remote clients are permitted to exchange traffic with the public and private network.
• D. Multiple Internet Protocol Security (IPSec) tunnels may be exploitable in specific circumstances.

Correct answer: C

Explanation

The correct answer is C because split-tunneling allows remote clients to access both public and private networks simultaneously, which can create security vulnerabilities. The other options do not directly address the main concern of split-tunneling, which is the potential exposure of the internal network to threats from untrusted public networks.