CompTIA Security Plus Mock Test Q1597

While responding to an incident on a new Windows server, the administrator needs to disable unused services. Which of the following commands can be used to see processes that are listening on a TCP port?

A. IPCONFIG
B. Netstat
C. PSINFO
D. Net session

Correct Answer: B
Section: Mixed Questions

CompTIA Security Plus Mock Test Q1574

An administrator is hardening systems and wants to disable unnecessary services. One Linux server hosts files used by a Windows web server on another machine. The Linux server is only used for secure file transfer, but requires a share for the Windows web server as well. The administrator sees the following output from a netstat -1p command:

1574

Which of the following processes can the administrator kill without risking impact to the purpose and function of the Linux or Windows servers? (Select Three)

A. 1488
B. 1680
C. 2120
D. 2121
E. 2680
F. 8217


Correct Answer: A,D,F
Section: Mixed Questions

CompTIA Security Plus Mock Test Q615

A new web server has been provisioned at a third party hosting provider for processing credit card transactions. The security administrator runs the netstat command on the server and notices that ports 80, 443, and 3389 are in a `listening’ state. No other ports are open. Which of the following services should be disabled to ensure secure communications?

A. HTTPS
B. HTTP
C. RDP
D. TELNET

Correct Answer: B
Section: Threats and Vulnerabilities

Explanation:
HTTP uses port 80. HTTP does not provide encrypted communications. Port 443 is used by HTTPS which provides secure encrypted communications. Port 3389 is used by RDP (Remote Desktop Protocol) which does provide encrypted communications.

Incorrect Answers:
A: HTTPS uses port 443. HTTPS uses SSL or TLS certificates to secure HTTP communications. HTTPS (HTTP over SSL or HTTP Secure) is the use of Secure Socket Layer (SSL) or Transport Layer Security (TLS) as a sublayer under regular HTTP application layering. HTTPS encrypts and decrypts user page requests as well as the pages that are returned by the Web server. HTTP is secure so this answer is incorrect.
C: RDP (Remote Desktop Protocol) is used to remotely connect to a Windows computer. RDP uses encrypted communications and is therefore considered secure. This answer is therefore incorrect.
D: Telnet uses port 23. This is not one of the ports listed as open in the question. This answer is therefore incorrect.

References:
http://searchsoftwarequality.techtarget.com/definition/HTTPS
http://en.wikipedia.org/wiki/List_of_TCP_and_UDP_port_numbers