EC-Council
312-50V9 · Question #499
312-50V9 Question #499: Real Exam Question with Answer & Explanation
The correct answer is D: Active mail relay. Port 25 is the SMTP port, and an open or misconfigured SMTP service can be exploited as an open mail relay, allowing attackers to send spam or phishing email through the server.
Question
An NMAP scan of a server shows port 25 is open. What risk could this pose?
Options
- AOpen printer sharing
- BWeb portal data leak
- CClear text authentication
- DActive mail relay
Explanation
Port 25 is the SMTP port, and an open or misconfigured SMTP service can be exploited as an open mail relay, allowing attackers to send spam or phishing email through the server.
Common mistakes.
- A. Open printer sharing uses ports such as 631 (IPP) or 9100, not port 25.
- B. Web portal data leaks are associated with HTTP (port 80) and HTTPS (port 443), not the SMTP port.
- C. While SMTP can transmit credentials in clear text, clear text authentication is not the primary or most notable risk associated with port 25 being open - unauthorized mail relay is the more critical and defining threat.
Concept tested. SMTP port 25 open relay security risk
Community Discussion
No community discussion yet for this question.