Comptia Security Plus Mock Test Q35

A security administrator suspects that an increase in the amount of TFTP traffic on the network is due to unauthorized file transfers, and wants to configure a firewall to block all TFTP traffic. Which of the following would accomplish this task?

A.
Deny TCP port 68
B. Deny TCP port 69
C. Deny UDP port 68
D. Deny UDP port 69

Correct Answer: D
Section: Network Security

Explanation:
Trivial File Transfer Protocol (TFTP) is a simple file-exchange protocol that doesn’t require authentication. It operates on UDP port 69.

Incorrect Answers:
A, C: Port 68 TCP/UDP is used by Bootstrap Protocol (BOOTP) Client; as well Dynamic Host Configuration Protocol (DHCP).

B: Because TFTP operates on UDP port 69, this option is incorrect.

References:
Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, p. 55
http://en.wikipedia.org/wiki/List_of_TCP_and_UDP_port_numbers