During a recent security audit, a contracted penetration tester discovered the organization uses a number of insecure protocols. Which of the following ports should be disallowed so only encrypted protocols are allowed? (Choose two.)
Lots of people misunderstanding the question here! Which ports should be dissallowed? Choose 2:
B. 23 = Telnet
C: 69 = Insecure FTP
The rest are secure ports so they should be left alone.
Peace!
69 = TFTP = Used as a lightweight file transfer method for sending configuration files, or network booting of an OS.
23 = Unencrypted CLI data transfer tool. Telnet is a client/server application protocol that provides access to virtual terminals of remote systems on local area networks or the Internet. Telnet consists of two components: the protocol itself which specifies how two parties are to communicate and (2) the software application that provides the service.
https://en.wikipedia.org/wiki/Telnet
Should be B and F. Telnet and Port 8080 is a common port used for web servers. It is an alternative to the default HTTP port 80. It is not encrypted and should be disallowed.
Hey clown, port 8080 is not encrypted and neither is port 80. This shows me that you just used this braindump but didn't actually learn anything in the process. That piece of paper won't help you in the real world when you're confronted with real world network problems but don't know shit.
D. 443 (HTTPS) - HTTPS is a secure protocol that provides encryption for data in transit over the internet. Disallowing other insecure protocols on this port will ensure that all communication is encrypted.
E. 587 (SMTPS) - SMTPS is a secure protocol used for sending email. Disallowing other insecure protocols on this port will ensure that email communication is encrypted.
To disallow insecure protocols and allow only encrypted ones, we should block ports that are commonly used for unencrypted traffic. Here are the two options from the given list:
D. 443: This port is used for HTTPS traffic, which is encrypted by default. Allowing only this port will ensure that all web traffic is encrypted.
E. 587: This port is used for SMTP with TLS, which is a secure email protocol. By blocking the standard SMTP port (25), and allowing only port 587, we can ensure that all email traffic is encrypted.
So, the correct options are D and E.
TFTP (Trivial File Transfer Protocol) is not considered a secure protocol. It does not provide any encryption or authentication mechanisms, making it vulnerable to man-in-the-middle attacks and unauthorized access to transferred data. It is mainly used for transferring files over local networks and is not recommended for sensitive information or data transmission over the internet.
The reason F is wrong is because 8080 could be used for http OR https
upvoted 3 times
...
This section is not available anymore. Please use the main Exam Page.N10-008 Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
badbabers
Highly Voted 2 years, 2 months agoariel004
1 year, 4 months agoEl_Cabron
Highly Voted 2 years, 1 month agoChichi2211
Most Recent 10 months, 2 weeks agoMehsotopes
1 year, 5 months agoscoobysnack209
1 year, 6 months agobadguytoo
1 year, 9 months ago[Removed]
2 years agominx98
1 year, 10 months agobrewersmurf
1 year, 10 months agoI_Know_Everything_KY
1 year, 5 months agoTimfdklfajlksdjlakf
1 year, 4 months agoStellarSteve
2 years, 1 month agoRavi4423
2 years, 1 month agodemetress
2 years, 1 month agoEl_Cabron
2 years, 1 month agoJakeCharles
2 years, 2 months agoMollyTheCat
2 years, 3 months agoParadox_Walnut
2 years, 3 months agodavidsvida
2 years, 3 months agoAustinKelleyNet
2 years, 4 months ago