CompTIA
SY0-301 · Question #572
SY0-301 Question #572: Real Exam Question with Answer & Explanation
The correct answer is B: HTTP. For a server processing credit card transactions, unencrypted HTTP on port 80 must be disabled because all payment data must transit only over encrypted HTTPS.
Question
A new web server has been provisioned at a third party hosting provider for processing credit card transactions. The security administrator runs the netstat command on the server and notices that ports 80, 443, and 3389 are in a `listening' state. No other ports are open. Which of the following services should be disabled to ensure secure communications?
Options
- AHTTPS
- BHTTP
- CRDP
- DTELNET
Explanation
For a server processing credit card transactions, unencrypted HTTP on port 80 must be disabled because all payment data must transit only over encrypted HTTPS.
Common mistakes.
- A. HTTPS (port 443) uses TLS to encrypt traffic and is the required protocol for secure credit card processing - it must remain enabled.
- C. RDP (port 3389) is used for remote administration and while its exposure is a concern, the question asks specifically about securing communications, not remote management.
- D. Telnet is not listed as listening in the netstat output, so it is not running on this server and cannot be disabled.
Concept tested. Disabling plaintext protocols for PCI compliance
Reference. https://www.pcisecuritystandards.org/document_library/
Community Discussion
No community discussion yet for this question.