An organization needs to provide its expanding remote workforce with secure access to internal corporate resources from the public internet. A security architect has been asked to recommend the BEST solution that encrypts traffic from remote users to the company's data center, effectively minimizing the attack surface. Which of the following should the architect recommend?
Use a jump server as the sole access point for network management.
Deploy an intrusion detection system at the network perimeter.
Configure a proxy server to control and filter outbound internet traffic.
Install a virtual private network (VPN) for secure remote connections.
Implementing a Virtual Private Network (VPN) is the best solution as it creates a secure, encrypted tunnel over the internet, allowing remote users to access the corporate network as if they were physically present. This directly addresses the need for secure, encrypted access for a broad workforce. An Intrusion Detection System (IDS) only monitors for and alerts on potential threats; it does not provide an access mechanism. A proxy server typically manages outbound traffic or provides web filtering and is not the primary tool for securing inbound access for a workforce. A jump server is a hardened system used to provide controlled administrative access to a secure zone; it is not designed for general network access by all remote employees.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is a VPN, and how does it work?
Open an interactive chat with Bash
How does a VPN enhance security compared to a proxy server?
Open an interactive chat with Bash
Why is an Intrusion Detection System (IDS) not suitable for secure remote access?