nerdexam
EC-Council

312-50V13 · Question #319

After an audit, the auditors Inform you that there is a critical finding that you must tackle Immediately. You read the audit report, and the problem is the service running on port 389. Which service

The correct answer is A. The service is LDAP. and you must change it to 636. which is LDPAPS.. Explanation Port 389 runs LDAP (Lightweight Directory Access Protocol), which transmits directory service data (such as usernames and passwords) in plaintext, making it a critical security vulnerability that auditors would flag for immediate remediation. The fix is to migrate to

Submitted by devops_kid· Mar 6, 2026Vulnerability Analysis

Question

After an audit, the auditors Inform you that there is a critical finding that you must tackle Immediately. You read the audit report, and the problem is the service running on port 389. Which service Is this and how can you tackle the problem?

Options

  • AThe service is LDAP. and you must change it to 636. which is LDPAPS.
  • BThe service is NTP. and you have to change It from UDP to TCP in order to encrypt it
  • CThe findings do not require immediate actions and are only suggestions.
  • DThe service is SMTP, and you must change it to SMIME. which is an encrypted way to send

How the community answered

(21 responses)
  • A
    90% (19)
  • C
    5% (1)
  • D
    5% (1)

Explanation

Explanation

Port 389 runs LDAP (Lightweight Directory Access Protocol), which transmits directory service data (such as usernames and passwords) in plaintext, making it a critical security vulnerability that auditors would flag for immediate remediation. The fix is to migrate to LDAPS (LDAP over SSL/TLS) on port 636, which encrypts the communication and protects sensitive credentials from interception.

Why the distractors are wrong:

  • B is incorrect because NTP (Network Time Protocol) runs on port 123, not 389, and switching to TCP does not inherently encrypt it
  • C is incorrect because a critical finding by definition requires immediate action, not optional consideration
  • D is incorrect because SMTP uses port 25 (or 587/465), and S/MIME is an email encryption standard unrelated to LDAP

Memory Tip

Use the number pattern: "3-8-9 = Directory, 6-3-6 = Secure Directory" - think of 389 as the open door to your directory, and 636 as the locked door. The jump from 389 → 636 is LDAP → LDAPS, just as HTTP (80) → HTTPS (443) adds security.

Topics

#LDAP#Network Security#Port Security#Protocol Encryption

Community Discussion

No community discussion yet for this question.

Full 312-50V13 Practice