CompTIA Updated SK0-005 Exam Questions and Answers by ryder

The server administrator should close port 3389 and rerun the scan. Port 3389 is used for Remote Desktop Protocol (RDP), which allows remote access and control of a server. RDP is vulnerable to brute-force attacks, credential theft, and malware infection. Closing port 3389 can prevent unauthorized access and improve the security of the server. The other ports are not as risky as port 3389 and can be left open for legitimate purposes. References: CompTIA Server+ Certification Exam Objectives, Domain 5.0: Security, Objective 5.4: Given a scenario, implement proper environmental controls and techniques.

Port 22 is used for SSH (Secure Shell), which is a secure and encrypted protocol for remote access to a server. Port 23 is used for Telnet, which is an insecure and unencrypted protocol for remote access. Port 990 is used for FTPS (File Transfer Protocol Secure), which is a secure and encrypted protocol for file transfer. The administrator should open port 22 and close port 23 to enable SSH and disable Telnet, as SSH is more secure and reliable than Telnet. The administrator does not need to open port 990, as FTPS is not required for making configuration changes123.

References = 1: Remote Desktop - Allow access to your PC from outside your network(https://learn.microsoft.com/en-us/windows-server/remote/remote-desktop-services/clients/remote-desktop-allow-outside-access) 2: Test remote network port connectionin Windows 10 - Winaero(https://winaero.com/test-remote-network-port-connection-in-windows-10/) 3: Windows Command to check if a remote server port is opened?(https://superuser.com/questions/1035018/windows-command-to-check-if-a-remote-server-port-is-opened)

Scenario: Migrating a stand-alone application storing PII to the cloud.

Data to Encrypt: Data at rest (Option B) should be encrypted:

Data in transit (Option A) and backups (Option C) are also important but not the primary concern here.

Data archives (Option D) may or may not contain sensitive data.