A company wants employees to reach internal file shares and intranet sites while traveling. All traffic must remain confidential and tamper-proof even though it will traverse the public Internet. Which technology would BEST satisfy this requirement by creating an authenticated, encrypted tunnel between the remote endpoint and the corporate network?
Restricting inbound traffic to approved IP addresses at the perimeter firewall
Allowing Remote Desktop Protocol (RDP) connections directly to internal servers through the firewall
Deploying a client-to-site virtual private network (VPN) using IPsec or SSL encryption
Placing a TLS-terminating reverse proxy in the DMZ to front-end internal resources
A client-to-site virtual private network (VPN) establishes an encrypted tunnel (typically IPsec or SSL/TLS) between the user's device and the organization's network, ensuring confidentiality, integrity, and user authentication. Allowing RDP directly through the firewall exposes the service and, by itself, does not guarantee end-to-end encryption. A TLS-terminating reverse proxy protects only web applications, not general network access. Limiting traffic to specific IP addresses controls who can connect but does not encrypt the data in transit.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is end-to-end encrypted tunneling?
Open an interactive chat with Bash
How does a VPN work to secure remote connections?
Open an interactive chat with Bash
Why are remote access servers alone not sufficient for secure connectivity?