Comptia Security Plus Mock Test Q76

A security analyst is reviewing firewall logs while investigating a compromised web server. The following ports appear in the log:
22, 25, 445, 1433, 3128, 3389, 6667
Which of the following protocols was used to access the server remotely?

A. LDAP
B. HTTP
C. RDP
D. HTTPS

Correct Answer: C
Section: Network Security

Explanation:
RDP uses TCP port 3389.

Incorrect Answers:
A: LDAP operates over TCP ports 636 and 389.
B: HTTP uses TCP port 80 or TCP port 8080.
D: HTTPS uses TCP port 443 (or TCP port 80 in some configurations of TLS).

References:
Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp. 23, 55, 56