3.5 Network Access & Management Methods

Question 1

Site-to-Site VPN

Answer 1

Always-on encryption between two fixed locations (e.g., HQ and a Branch Office) using routers or firewalls as gateways.

Question 2

Client-to-Site VPN

Answer 2

A remote access connection initiated by a single user (e.g., a teleworker) to the corporate VPN concentrator.

Question 3

Clientless VPN

Answer 3

Browser-based VPN (usually SSL/TLS/HTML5) that requires no software installation; ideal for contractors or BYOD.

Question 4

Split Tunnel

Answer 4

A VPN setup where only traffic destined for the corporate network goes through the tunnel; internet traffic stays on the local ISP.

Question 5

Full Tunnel

Answer 5

A VPN setup where ALL traffic (including internet browsing) is sent through the encrypted tunnel to the corporate office.

Question 6

SSH (Secure Shell)

Answer 6

A secure, command-line (CLI) management protocol (Port 22) that uses encryption to protect sessions.

Question 7

GUI (Graphical User Interface)

Answer 7

Web-based management (HTTPS) that allows administrators to configure devices using a visual dashboard instead of code.

Question 8

API (Application Programming Interface)

Answer 8

A method for software to talk to hardware; used in automation to configure multiple devices simultaneously without a human typing.

Question 9

Console Port

Answer 9

A physical ‘Out-of-Band’ port (Serial/USB) on a device used for direct local management when the network is down.

Question 10

Jump Box / Jump Host

Answer 10

A hardened server situated between a secure and insecure zone; admins log into it first before ‘jumping’ to internal servers.

Question 11

In-Band Management

Answer 11

Managing a device over the same production network that carries normal user data (e.g., SSH over the LAN).

Question 12

Out-of-Band (OOB) Management

Answer 12

Managing a device through a dedicated, separate connection (like a Console Port or a separate Management LAN) that works even if the main network is down.