nerdexam
EC-Council

312-50V9 · Question #499

An NMAP scan of a server shows port 25 is open. What risk could this pose?

The correct answer is D. Active mail relay. Port 25 is the SMTP port, and an open or misconfigured SMTP service can be exploited as an open mail relay, allowing attackers to send spam or phishing email through the server.

Scanning Networks

Question

An NMAP scan of a server shows port 25 is open. What risk could this pose?

Options

  • AOpen printer sharing
  • BWeb portal data leak
  • CClear text authentication
  • DActive mail relay

How the community answered

(18 responses)
  • A
    6% (1)
  • B
    6% (1)
  • D
    89% (16)

Why each option

Port 25 is the SMTP port, and an open or misconfigured SMTP service can be exploited as an open mail relay, allowing attackers to send spam or phishing email through the server.

AOpen printer sharing

Open printer sharing uses ports such as 631 (IPP) or 9100, not port 25.

BWeb portal data leak

Web portal data leaks are associated with HTTP (port 80) and HTTPS (port 443), not the SMTP port.

CClear text authentication

While SMTP can transmit credentials in clear text, clear text authentication is not the primary or most notable risk associated with port 25 being open - unauthorized mail relay is the more critical and defining threat.

DActive mail relayCorrect

Port 25 is assigned to SMTP (Simple Mail Transfer Protocol) for email transmission. A server with port 25 open and SMTP improperly configured can operate as an open relay, meaning any external host can route mail through it - making it a launchpad for spam campaigns, phishing, and reputation damage to the server's IP.

Concept tested: SMTP port 25 open relay security risk

Source: https://datatracker.ietf.org/doc/html/rfc5321

Topics

#port 25#SMTP#open mail relay#service identification

Community Discussion

No community discussion yet for this question.

Full 312-50V9 Practice