CAS-005 · Question #154
CAS-005 Question #154: Real Exam Question with Answer & Explanation
The correct answer is A: Allow only interactive log-in for users on workstations and restrict port 445 traffic to fileshares.. Restricting port 445 traffic to fileshares and allowing only interactive logins on workstations would be an effective way to contain ransomware. Port 445 is commonly used by ransomware for lateral movement and spreading across a network, especially when exploiting SMB vulnerabili
Question
An organization receives OSINT reports about an increase in ransomware targeting fileshares at peer companies. The organization wants to deploy hardening policies to its servers and workstations in order to contain potential ransomware. Which of the following should an engineer do to best achieve this goal?
Options
- AAllow only interactive log-in for users on workstations and restrict port 445 traffic to fileshares.
- BEnable biometric authentication mechanisms on user workstations and block port 53 traffic.
- CInstruct users to use a password manager when generating new credentials and secure port 443
- DGive users permission to rotate administrator passwords and deny port 80 traffic.
Explanation
Restricting port 445 traffic to fileshares and allowing only interactive logins on workstations would be an effective way to contain ransomware. Port 445 is commonly used by ransomware for lateral movement and spreading across a network, especially when exploiting SMB vulnerabilities. By blocking or restricting access to this port, the organization reduces the risk of ransomware propagating through the network. Limiting user logins to only interactive sessions also prevents unauthorized remote access, which could be exploited by ransomware.
Community Discussion
No community discussion yet for this question.