Exam CISSP topic 1 question 249 discussion

Split-tunneling allows VPN-connected devices to access both the organization's internal network (private network) and the internet (public network) simultaneously. While this can reduce bandwidth usage and improve performance, it introduces significant security risks:

As a CCNP, I can confirm that the answer is C. Without a shadow of a doubt.

C. Split tunneling allows only traffic destined for a specific network to flow through the VPN. All other traffic that is not specifically destined for the specific network will flow out to the internet.

split tunnel allows connection to hospital network while at the same time allowing access to public network, that is why it is called split

C. Remote clients are permitted to exchange traffic with the public and private network. Split-tunneling allows remote clients to route their internet traffic (public network) directly through their local internet connection while still maintaining a connection to the corporate network (private network) through the VPN. This means that traffic is divided between the public internet and the private corporate network.

In the Official ISC2 CISSP CBK (4th edition), page 607, it is mentioned that split-tunneling allows remote clients to access both the private network and the public internet simultaneously, potentially exposing the private network to security risks. This configuration can be exploited by attackers to gain unauthorized access to the private network through the public internet. Therefore, split-tunneling should be avoided, especially in sensitive environments such as hospitals.

Split tunnel is used for VPN client can access the internet directly instead of coming to Corp/office network. It doesn't meant will exchange the traffic bn Internet and Corp/office. Split tunneling failing to inspect the SSL traffic. So i will go with Answer A.

Split-tunneling is a configuration that allows VPN clients to exchange traffic both with the public Internet and the private network at the same time. This can create a security concern because it allows remote clients to access resources on both the public Internet and the private network, potentially bypassing security controls that are in place on the private network. This can open the organization to a risk of data exfiltration and other malicious activity. A is true that a NIDS cannot inspect SSL traffic but what does this have to do with a split tunnel?

What is the concern with this configuration? Not what is Split-tunneling? Multiple Internet Protocol Security (IPSec) tunnels may be exploitable in specific circumstances. IPsec (Internet Protocol Security) is a suite of protocols that secure network communication across IP networks. It provides security services for IP network traffic such as encrypting sensitive data, authentication, protection against replay and data confidentiality.

C. My reasoning: It defines what is Split-Tunneling. You can have the VPN to be connected to the business network while at the same time have access to the PUBLIC Internet. They nonchalantly throw it there that it is connected to a VPN and Public Internet like it's not a security concern. The end client can be exploited from the public side to enter the VPN and be a threat to the private network. sorry if my wording gave anyone a headache. wish I could draw it out

C clearly defines split-tunneling

Correct answer is A

From this discussion, I would select A. https://www.auvik.com/franklyit/blog/vpn-split-tunneling/ But I am not so very sure. I think C is also correct, since it will also include scenario in A.

These are remote database developers. They should use VPN in a full tunneling mode.