SY0-501 Question #88: Real Exam Question with Answer & Explanation

Question

An employee uses RDP to connect back to the office network. If RDP is misconfigured, which of the following security exposures would this lead to?

Options

• AA virus on the administrator's desktop would be able to sniff the administrator's username and
• BResult in an attacker being able to phish the employee's username and password.
• CA social engineering attack could occur, resulting in the employee's password being extracted.
• DA man in the middle attack could occur, resulting the employee's username and password

Explanation

Misconfigured RDP can expose authentication credentials to interception during transit. A man-in-the-middle (MitM) attack is the primary risk when RDP lacks proper encryption or certificate validation.

Common mistakes.

• A. Sniffing from a local virus on the administrator's desktop is a local malware threat unrelated to RDP misconfiguration; it would occur regardless of how RDP is configured.
• B. Phishing is a social-engineering attack vector that operates via deceptive emails or websites and is not a direct consequence of RDP misconfiguration.
• C. Social engineering attacks exploit human psychology and are independent of RDP protocol configuration; a misconfigured RDP service does not inherently enable social engineering.

Concept tested. RDP misconfiguration and man-in-the-middle attack risk

Reference. https://learn.microsoft.com/en-us/troubleshoot/windows-server/remote/security-risks-remote-desktop-without-vpn

No community discussion yet for this question.