ExamTopics Logo
Mail Us[email protected]
Menu
Comptia Discussions
exam questions

Exam CV0-003 All Questions

View all questions & answers for the CV0-003 exam
Go to Exam

Exam CV0-003 topic 1 question 103 discussion

Actual exam question from CompTIA's CV0-003
Question #: 103
Topic #: 1
[All CV0-003 Questions]

A web server has been deployed in a public IaaS provider and has been assigned the public IP address of 72.135.10.100. Users are now reporting that when they browse to the website, they receive a message indicating the service is unavailable. The cloud administrator logs into the server, runs a netstat command, and notices the following relevant output:

Which of the following actions should the cloud administrator take to resolve the issue?

  • A. Assign a new IP address of 192.168.100.10 to the web server.
  • B. Modify the firewall on 72.135.10.100 to allow only UDP.
  • C. Configure the WAF to filter requests from 17.3.130.3.
  • D. Update the gateway on the web server to use 72.135.10.1.
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️
by i_bird at Sept. 15, 2022, 9:24 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
FrancisDrake
11 months, 3 weeks ago
Selected Answer: C
of all the suggested answers C is most likely
upvoted 1 times
...
FrancisDrake
11 months, 3 weeks ago
Hard to imagine D as the answer. 72.135.10.100 is a public ip address. For D to be the correct (gateway address of 72.135.10.1) the subnet would have to be 255.255.255.0 and that makes no sense.
upvoted 1 times
...
cobbs
1 year, 4 months ago
Selected Answer: C
Denial of service attack. Since the attacker's public IP is taking up all the available network sockets (not all shown), legitimate customers are unable to connect. Block this with the firewall (WAF). Port 0 will show up if there’s fragmented IP traffic, like a DNS response which exceeds the historic maximum size of 512 bytes.
upvoted 2 times
...
concepcionz
1 year, 10 months ago
Selected Answer: C
Im going with C
upvoted 1 times
...
mattygster
1 year, 11 months ago
i dont see why D would be the correct choice, NETSTAT "TIME_WAIT" indicates normal traffic and waiting for any more packets after the syn/ack/syn, so there must be connections to the webserver from client machines. It seems like these answer choices are not related to the actual problem. BUT.....if i had to choose one, maybe the number of connections coming from a single IP could be signs of a resource exhaustion attack. In theory, if an attacker was hitting the server hard, it could cause an apache/IIS server to crash thus resulting in a "service not available". I wish there was another choice pointing to the listening port needing to be reconfigured.
upvoted 1 times
...
beamage
2 years ago
Selected Answer: D
Period.....
upvoted 1 times
FrancisDrake
1 year ago
There's not enough information to make that determination. You should try explaining your reasoning. That would be more helpful.
upvoted 3 times
...
...
CapJackSparrow
2 years ago
I'm looking at C pretty hard here, possible attack?
upvoted 1 times
...
Not_That_Guy
2 years, 3 months ago
This is one of those "Best Answer" scenarios; there is no "Good" answer. A, B, and C can be eliminated leaving D as the best answer even though D isn't a clear answer with the information provided. A - private IP on a public web server, NO. B - using only UDP, NO. C - block the user with issues vs resolving the issues, NO.
upvoted 2 times
...
ryanzou
2 years, 4 months ago
sometimes, WAF will filter out the SYNC packet during the TCP handshake. C may be the answer.
upvoted 1 times
...
jiminycriminal
2 years, 4 months ago
None of these makes sense. The rightmost IP address should be the foreign address, not the public IP of the server. Who made this?
upvoted 1 times
jiminycriminal
2 years, 4 months ago
I'm assuming the application gateway has been assigned the same IP as the server, so that's why the answer is D. It's calling out to the wrong IP? Man I really have no idea.
upvoted 1 times
...
...
i_bird
2 years, 4 months ago
TCP TIME_WAIT is a normal TCP protocol operation, it means after delivering the last FIN-ACK, client side will wait for double maximum segment life (MSL) Time to pass to be sure the remote TCP received the acknowledgement of its connection termination request. By default, MSL is 2 minutes. For the maximum, it can stay in TIME_WAIT for 4 minutes known as two MSL From Network perspective, TCP TIME_WAIT status is just a normal behavior that after closing the session, TCP stack will hold the high port for little more time to ensure the other side receive the last FIN-ACK packet and no more data will be received in this conversation. TIME_WAIT is not the problem. I would suggest you focus on RPC error for this issue. https://docs.microsoft.com/en-us/answers/questions/230227/time-wait-from-netstat.html
upvoted 1 times
...
i_bird
2 years, 4 months ago
Can someone explain why it is D?
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel