nerdexam
EC-Council

312-50V9 · Question #435

An NMAP scan of a server shows port 69 is open. What risk could this pose?

The correct answer is A. Unauthenticated access. Port 69 is used by TFTP (Trivial File Transfer Protocol), which provides no authentication mechanism, allowing anyone to read or write files on the server.

Enumeration

Question

An NMAP scan of a server shows port 69 is open. What risk could this pose?

Options

  • AUnauthenticated access
  • BWeak SSL version
  • CCleartext login
  • DWeb portal data leak

How the community answered

(51 responses)
  • A
    94% (48)
  • B
    4% (2)
  • D
    2% (1)

Why each option

Port 69 is used by TFTP (Trivial File Transfer Protocol), which provides no authentication mechanism, allowing anyone to read or write files on the server.

AUnauthenticated accessCorrect

TFTP (Trivial File Transfer Protocol) operates on UDP port 69 and was designed as a minimal file transfer protocol with no authentication, no directory listing, and no access controls. An open TFTP port means any unauthenticated user on the network can potentially read or overwrite files on the server, including sensitive configuration files.

BWeak SSL version

Weak SSL version vulnerabilities are associated with HTTPS on port 443, not with TFTP on port 69.

CCleartext login

Cleartext login credentials are the primary risk for services like FTP (port 21) and Telnet (port 23); TFTP has no login mechanism at all, not even a cleartext one.

DWeb portal data leak

Web portal data leaks are associated with HTTP/HTTPS services on ports 80 and 443, not the TFTP service on port 69.

Concept tested: TFTP port 69 unauthenticated access risk

Source: https://datatracker.ietf.org/doc/html/rfc1350

Topics

#TFTP#port 69#unauthenticated access#UDP services

Community Discussion

No community discussion yet for this question.

Full 312-50V9 Practice