Which of the following actions should the analyst take?

An organization has the following policies:

* Services must run on standard ports.

* Unneeded services must be disabled.

The organization has the following servers:

* 192.168.10.1 – web server

* 192.168.10.2 – database server

A security analyst runs a scan on the servers and sees the following output:

Which of the following actions should the analyst take?
A . Disable HTTPS on 192.168.10.1.
B. Disable IIS on 192.168.10.1.
C. Disable DNS on 192.168.10.2.
D. Disable MSSQL on 192.168.10.2.
E. Disable SSH on both servers.

View Answer

Answer: E

Explanation:

SSH stands for Secure Shell, which is a protocol that allows remote access and administration of a server. If the organization has a policy that services must run on standard ports and unneeded services must be disabled, then SSH should be disabled on both servers, because it runs on port 22, which is not a standard port for a web server or a database server, and it is not needed for those servers to function properly. Disabling HTTPS on 192.168.10.1, disabling IIS on 192.168.10.1, disabling DNS on 192.168.10.1, or disabling MSSQL on 192.168.10.2 are not appropriate actions, because they would affect the functionality of the web server or the database server and violate the organization’s policy of running services on standard ports.

Reference: https://www.ssh.com/ssh/port