ISC2 Systems Security Certified Practitioner (SSCP) Practice Question
A healthcare provider needs to give 50 short-term contract coders remote access to its on-premises electronic medical records (EMR) system. All PHI traffic must remain inside the data-center network for inspection, no regulated data may be stored on contractor devices, and access must be revoked automatically when contracts expire. The IT team also wants to minimize endpoint configuration and management effort. Which remote-access solution best satisfies these requirements?
Provide contractors with client-based SSL VPN profiles that tunnel their personal devices directly into the EMR subnet.
Expose the EMR application through an internet-facing reverse proxy and limit access by contractor IP address ranges.
Deploy a pool of non-persistent virtual desktops accessed through an HTML5 VDI gateway protected by multifactor authentication.
Ship preconfigured thin-client laptops that establish site-to-site IPsec VPNs from each contractor location to the data center.
A non-persistent VDI pool keeps the desktop operating system and all application data in the data center, so protected health information never resides on contractor endpoints. HTML5 gateways let users connect from almost any device without installing client software, keeping endpoint management effort low. When a contractor account is disabled or the VDI image is refreshed, sessions end and no data is retained, meeting the automatic revocation and data-at-rest restrictions.
Client-based SSL VPNs or IPsec tunnels extend the internal network to unmanaged devices, increasing attack surface and allowing data to be cached locally. Shipping thin clients still leaves PHI on the endpoint once displayed and creates hardware logistics. Publishing the EMR through a simple reverse proxy exposes the application directly to the internet and does not prevent data from being downloaded or cached on the user's device.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is a non-persistent VDI pool?
Open an interactive chat with Bash
What is an HTML5 VDI gateway and how does it help minimize endpoint configuration?
Open an interactive chat with Bash
Why is multifactor authentication critical for securing remote access to sensitive systems?
Open an interactive chat with Bash
ISC2 Systems Security Certified Practitioner (SSCP)
Network and Communication Security
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
Pass with Confidence.
IT & Cybersecurity Package
You have hit the limits of our free tier, become a Premium Member today for unlimited access.
Military, Healthcare worker, Gov. employee or Teacher? See if you qualify for a Community Discount.
Monthly
$19.99 $11.99
$11.99/mo
Billed monthly, Cancel any time.
$19.99 after promotion ends
3 Month Pass
$44.99 $26.99
$8.99/mo
One time purchase of $26.99, Does not auto-renew.
$44.99 after promotion ends
Save $18!
MOST POPULAR
Annual Pass
$119.99 $71.99
$5.99/mo
One time purchase of $71.99, Does not auto-renew.
$119.99 after promotion ends
Save $48!
BEST DEAL
Lifetime Pass
$189.99 $113.99
One time purchase, Good for life.
Save $76!
What You Get
All IT & Cybersecurity Package plans include the following perks and exams .