ExamTopics Logo
Mail Us[email protected]
Menu
Comptia Discussions
exam questions

Exam CS0-001 All Questions

View all questions & answers for the CS0-001 exam
Go to Exam

Exam CS0-001 topic 1 question 59 discussion

Actual exam question from CompTIA's CS0-001
Question #: 59
Topic #: 1
[All CS0-001 Questions]

After reviewing the following packet, a cybersecurity analyst has discovered an unauthorized service is running on a company's computer.

Which of the following ACLs, if implemented, will prevent further access ONLY to the unauthorized service and will not impact other services?

  • A. DENY TCP ANY HOST 10.38.219.20 EQ 3389
  • B. DENY IP HOST 10.38.219.20 ANY EQ 25
  • C. DENY IP HOST192.168.1.10 HOST 10.38.219.20 EQ 3389
  • D. DENY TCP ANY HOST 192.168.1.10 EQ 25
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️
by s3curity1 at May 31, 2020, 12:37 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
s3curity1
Highly Voted 5 years, 2 months ago
A and C are the only good choices since the unauthorized service is running on port 3389. But, question is which will prevent further access to the unauthorized service only - so C is already incorrect since it will only prevent unauthorized access to the service from the source IP in the logs. We're not sure if that IP address is the only one accessing the unauthorized service, so better to deny any one on accessing it.
upvoted 7 times
...
Chiaretta
Most Recent 3 years, 6 months ago
B is the only that make sence.
upvoted 1 times
...
Acrisius
4 years, 7 months ago
Agreed - Answer A - Similar Q on 002
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel