CompTIA Network+ (N10-007) — Question 298
An NGFW alerts that a web server in the DMZ is sending suspicious traffic. A network administrator finds that port 25 is open, and the traffic is originating from this port. The only purpose of this server is to deliver website traffic. Which of the following should the network administrator recommend to the systems administrator?
Answer options
- A. Disable Telnet service on the server.
- B. Disable DHCP service on the server.
- C. Disable the SMTP service on the server
- D. Disable FTP service on the server.
Correct answer: C
Explanation
The correct answer is C, as SMTP operates on port 25 and is unnecessary for a web server focused solely on delivering website traffic. Disabling the SMTP service will prevent any suspicious email traffic that could compromise the server. The other services (Telnet, DHCP, and FTP) are not relevant to the web server's primary function and do not address the issue of suspicious traffic on port 25.