CV0-003 · Question #112
CV0-003 Question #112: Real Exam Question with Answer & Explanation
The correct answer is C: Encryption software. To block HTTP access, the server must disable port 80 to stop incoming HTTP connections and use encryption software to enforce HTTPS, ensuring no plaintext HTTP traffic is accepted. These two controls work at the host service level to eliminate HTTP accessibility.
Question
Options
- AChange default passwords on the server
- BAntivirus software
- CEncryption software
- DDisable port 80
- EDisable port 443
- FFirewall
- GPatch management server
Explanation
To block HTTP access, the server must disable port 80 to stop incoming HTTP connections and use encryption software to enforce HTTPS, ensuring no plaintext HTTP traffic is accepted. These two controls work at the host service level to eliminate HTTP accessibility.
Common mistakes.
- A. Changing default passwords strengthens authentication security but does not affect which network ports or protocols are open and accessible on the server.
- B. Antivirus software detects and removes malware but has no mechanism for controlling network port availability or blocking specific application-layer protocols like HTTP.
- E. Port 443 is the default port for HTTPS (encrypted web traffic); disabling it would eliminate secure access, which is the opposite of the hardening goal.
- F. A network firewall can filter traffic at the perimeter but does not disable the HTTP service on the server itself, leaving the server vulnerable if the firewall rule is ever misconfigured or bypassed.
- G. A patch management server automates software updates and vulnerability remediation but does not configure, disable, or control network ports or protocols on managed servers.
Concept tested. Disabling HTTP via host-level port and encryption controls
Reference. https://learn.microsoft.com/en-us/iis/manage/configuring-security/how-to-set-up-ssl-on-iis
Topics
Community Discussion
No community discussion yet for this question.