CompTIA Security Plus Mock Test Q130

A firewall technician has been instructed to disable all non-secure ports on a corporate firewall. The technician has blocked traffic on port 21, 69, 80, and 137-139. The technician has allowed traffic on ports 22 and 443. Which of the following correctly lists the protocols blocked and allowed?

A. Blocked: TFTP, HTTP, NetBIOS; Allowed: HTTPS, FTP
B. Blocked: FTP, TFTP, HTTP, NetBIOS; Allowed: SFTP, SSH, SCP, HTTPS
C. Blocked: SFTP, TFTP, HTTP, NetBIOS; Allowed: SSH, SCP, HTTPS
D. Blocked: FTP, HTTP, HTTPS; Allowed: SFTP, SSH, SCP, NetBIOS

Correct Answer: B
Section: Network Security

Explanation:
The question states that traffic on port 21, 69, 80, and 137-139 is blocked, while ports 22 and 443 are allowed.
Port 21 is used for FTP by default.
Port 69 is used for TFTP.
Port 80 is used for HTTP.
Ports 137-139 are used for NetBIOS.
VMM uses SFTP over default port 22.
Port 22 is used for SSH by default.
SCP runs over TCP port 22 by default.
Port 443 is used for HTTPS.

Incorrect Answers:
A: FTP uses port 21, which is blocked.
C: SFTP uses port 22, which is allowed.
D: HTTPS uses port 443, which is allowed. NetBIOS uses ports 137-139, which is blocked.

References:
https://technet.microsoft.com/en-us/library/dd548299.aspx
https://technet.microsoft.com/en-us/library/hh545212(v=sc.20).aspx
https://technet.microsoft.com/en-us/library/dd425238(v=office.13).aspx
https://technet.microsoft.com/en-us/library/hh427328.aspx