CISSP Question #1127: Real Exam Question with Answer & Explanation

The correct answer is C: IM clients can utilize random port numbers.. Securing IM traffic at the network perimeter is most challenging because IM clients can dynamically use random or non-standard ports, making traditional port-based firewall rules ineffective.

Submitted by emma.c· Mar 5, 2026Communication and Network Security

Question

An organization is trying to secure instant messaging (IM) communications through its network perimeter. Which of the following is the MOST significant challenge?

Options

AIM clients can interoperate between multiple vendors.
BIM clients can run without administrator privileges.
CIM clients can utilize random port numbers.
DIM clients can run as executable that do not require installation.

Explanation

Securing IM traffic at the network perimeter is most challenging because IM clients can dynamically use random or non-standard ports, making traditional port-based firewall rules ineffective.

Common mistakes.

A. Interoperability between vendors is an administrative and policy concern but does not directly enable IM traffic to evade perimeter security controls such as firewalls or proxies.
B. Running without administrator privileges affects endpoint security and software restriction policies, but does not prevent a perimeter firewall from inspecting or blocking the network traffic the IM client generates.
D. Portable executables that do not require installation complicate endpoint software control, but the traffic they produce can still be filtered at the network perimeter if it uses known or static ports and protocols.

Concept tested. IM traffic evasion of perimeter firewall controls

Reference. https://www.cisco.com/c/en/us/products/security/what-is-next-generation-firewall.html

Topics

#network security#firewall bypass#IM security#application control

Community Discussion

No community discussion yet for this question.

Full CISSP Practice Browse All CISSP Questions