CompTIA SecurityX (CAS-005) — Question 229

A security engineer is assessing a legacy server and needs to determine if FTP is running and on which port. The service cannot be turned off, as it would impact a critical application’s ability to function. Which of the following commands would provide the information necessary to create a firewall rule to prevent that service from being exploited?

Answer options

• A. service --status-all | grep ftpd
• B. chkconfig --list
• C. netstat -tulpn
• D. systemctl list-unit-file --type service ftpd
• E. service ftpd status

Correct answer: C

Explanation

The command 'netstat -tulpn' provides a list of all active network connections and listening ports, including the associated services, which is essential for creating a firewall rule. The other commands either check the status of the service or list services without showing the port information needed to secure the FTP service.