SK0-005 Question #642: Real Exam Question with Answer & Explanation

Question

A technician noticed a VM that is used for testing software was configured to allow RDP access on a public firewall. Which of the following should the technician execute to fix this issue?

Options

• ADisable port 3389.
• BDisable the firewall.
• CConnect the VM to the VPN.
• DDisable all ports to the VM.

Explanation

To fix the security vulnerability of RDP access on a public firewall for a testing VM, the technician should disable the specific port used by RDP.

Common mistakes.

• B. Disabling the firewall entirely would expose all ports and services of the VM to the public internet, drastically increasing its attack surface and worsening the security posture instead of fixing it.
• C. Connecting the VM to a VPN provides a secure method for legitimate remote access but does not by itself remove the existing public firewall rule allowing direct RDP access, thus failing to fix the initial vulnerability.
• D. While disabling all ports would include port 3389, it is an overly broad action that could disrupt other necessary internal services or testing processes on the VM, making it an unacceptably severe solution when a specific fix is available.

Concept tested. Firewall rule management and RDP security

Reference. https://learn.microsoft.com/en-us/windows-server/remote/remote-desktop-services/clients/rdp-security-best-practices

No community discussion yet for this question.