ExamTopics Logo
Mail Us[email protected]
Menu
Comptia Discussions
exam questions

Exam CS0-002 All Questions

View all questions & answers for the CS0-002 exam
Go to Exam

Exam CS0-002 topic 1 question 335 discussion

Actual exam question from CompTIA's CS0-002
Question #: 335
Topic #: 1
[All CS0-002 Questions]

A security analyst receives a report indicating a system was compromised due to malware that was downloaded from the internet using TFTP. The analyst is instructed to block TFTP at the corporate firewall. Given the following portion of the current firewall rule set:



Which of the following rules should be added to accomplish this goal?

  • A. UDP ANY ANY ANY 20 Deny
  • B. UDP ANY ANY 69 69 Deny
  • C. UDP ANY ANY 67 68 Deny
  • D. UDP ANY ANY ANY 69 Deny
  • E. UDP ANY ANY ANY 69 Deny
Show Suggested Answer Hide Answer
Suggested Answer: D 🗳️
by Kashim at March 25, 2023, 11:59 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
2Fish
Highly Voted 2 years, 4 months ago
Selected Answer: D
D. TFTP client should have a source port of something higher that 1024 and connect to a DST port on the TFTP server on port 69. The TFTP server will then respond on a port higher than 1024. This is done so there no conflicts with sessions.
upvoted 11 times
Adji91
2 years, 3 months ago
Waoooh, good explanation. Thank You
upvoted 2 times
...
...
Lukers
Highly Voted 2 years, 3 months ago
Selected Answer: D
It is D or E. The rule is specific to TFTP traffic and would effectively block all TFTP traffic while allowing other legitimate UDP traffic on other ports to pass through the firewall.
upvoted 5 times
Meowson
2 years, 2 months ago
Is it just me or are D & E exactly the same answer?
upvoted 8 times
...
...
skibby16
Most Recent 1 year, 9 months ago
Selected Answer: B
This rule explicitly denies any UDP traffic on port 69, effectively blocking TFTP traffic. The other options do not explicitly target UDP port 69 or contain additional port ranges that are not needed for blocking TFTP traffic.
upvoted 1 times
...
55wetip
1 year, 11 months ago
Selected Answer: B
B will block both incoming and outgoing TFTP traffic. I’ll go with B
upvoted 1 times
...
kill_chain
1 year, 12 months ago
Selected Answer: E
what's the difference between D and E
upvoted 1 times
...
Kashim
2 years, 4 months ago
Selected Answer: B
Looks correct
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel