While responding to an incident on a new Windows server, the administrator needs to disable unused services. Which of the following commands can be used to see processes that are listening on a TCP port?
An administrator is hardening systems and wants to disable unnecessary services. One Linux server hosts files used by a Windows web server on another machine. The Linux server is only used for secure file transfer, but requires a share for the Windows web server as well. The administrator sees the following output from a netstat -1p command:
Which of the following processes can the administrator kill without risking impact to the purpose and function of the Linux or Windows servers? (Select Three)
A new web server has been provisioned at a third party hosting provider for processing credit card transactions. The security administrator runs the netstat command on the server and notices that ports 80, 443, and 3389 are in a `listening’ state. No other ports are open. Which of the following services should be disabled to ensure secure communications?
A. HTTPS B. HTTP C. RDP D. TELNET
Correct Answer: B Section: Threats and Vulnerabilities
HTTP uses port 80. HTTP does not provide encrypted communications. Port 443 is used by HTTPS which provides secure encrypted communications. Port 3389 is used by RDP (Remote Desktop Protocol) which does provide encrypted communications.
A: HTTPS uses port 443. HTTPS uses SSL or TLS certificates to secure HTTP communications. HTTPS (HTTP over SSL or HTTP Secure) is the use of Secure Socket Layer (SSL) or Transport Layer Security (TLS) as a sublayer under regular HTTP application layering. HTTPS encrypts and decrypts user page requests as well as the pages that are returned by the Web server. HTTP is secure so this answer is incorrect.
C: RDP (Remote Desktop Protocol) is used to remotely connect to a Windows computer. RDP uses encrypted communications and is therefore considered secure. This answer is therefore incorrect.
D: Telnet uses port 23. This is not one of the ports listed as open in the question. This answer is therefore incorrect.