(ISC)2(ISC)2
CISSP · Question #1195
CISSP Question #1195: Real Exam Question with Answer & Explanation
The correct answer is B: Brute force attack. RDP is most commonly compromised through brute force attacks, where attackers systematically try username and password combinations against exposed RDP services (default port 3389).
Submitted by rachelw· Mar 5, 2026Security Operations
Question
What is the MOST common cause of Remote Desktop Protocol (RDP) compromise?
Options
- APort scan
- BBrute force attack
- CRemote exploit
- DSocial engineering
Explanation
RDP is most commonly compromised through brute force attacks, where attackers systematically try username and password combinations against exposed RDP services (default port 3389).
Common mistakes.
- A. A port scan is a reconnaissance technique used to discover open ports and services, not a method to directly compromise RDP - it may precede an attack but is not itself an attack.
- C. Remote exploits targeting RDP vulnerabilities (e.g., BlueKeep/CVE-2019-0708) do exist but are far less common than brute force attacks because they require unpatched systems and more sophisticated exploitation techniques.
- D. Social engineering manipulates users psychologically to divulge credentials or grant access, but it is not the most common direct method used to compromise RDP services specifically.
Concept tested. Most common RDP attack vector and security risk
Reference. https://www.cisa.gov/news-events/cybersecurity-advisories/aa21-131a
Topics
#RDP#brute force attack#attack vectors#common vulnerabilities
Community Discussion
No community discussion yet for this question.