312-50V13 Question #133: Real Exam Question with Answer & Explanation

Question

While examining audit logs, you discover that people are able to telnet into the SMTP server on port 25. You would like to block this, though you do not see any evidence of an attack or other wrong doing. However, you are concerned about affecting the normal functionality of the email server. From the following options choose how best you can achieve this objective?

Options

• ABlock port 25 at the firewall.
• BShut off the SMTP service on the server.
• CForce all connections to use a username and password.
• DSwitch from Windows Exchange to UNIX Sendmail.
• ENone of the above.

Explanation

The objective is to block Telnet access to an SMTP server on port 25 while ensuring the legitimate email functionality of the SMTP server remains unaffected.

Common mistakes.

• A. Blocking port 25 at the firewall would prevent all incoming SMTP traffic, including legitimate email delivery to the server, thus disrupting normal email functionality.
• B. Shutting off the SMTP service would completely disable the email server, preventing all normal email operations and deliveries.
• C. Forcing username and password authentication might not be feasible for standard SMTP inbound connections (e.g., from other mail servers) and does not prevent a Telnet client from connecting to port 25, only from performing unauthorized actions.
• D. Switching email server software is a major system change that does not directly address the specific issue of selectively blocking Telnet access while preserving email functionality on the existing server.

Concept tested. Network port blocking, SMTP protocol, firewall rules

Reference. docs.microsoft.com/en-us/exchange/architecture/mail-flow/ports-and-protocols?view=exchserver-2019

No community discussion yet for this question.