A new vulnerability in the SMB protocol on the Windows systems was recently discovered, b…

Question

A new vulnerability in the SMB protocol on the Windows systems was recently discovered, but no patches are currently available to resolve the issue. The security administrator is concerned that servers in the company’s DMZ will be vulnerable to external attack; however, the administrator cannot disable the service on the servers, as SMB is used by a number of internal systems and applications on the LAN. Which of the following TCP ports should be blocked for all external inbound connections to the DMZ as a workaround to protect the servers? (Choose two.)

Accepted Answer

Correct answer: B, F. B. 139 — F. 445 — Blocking ports 139 and 445 is crucial as they are used by the SMB protocol, making the servers vulnerable if left open. The other ports do not relate directly to SMB; therefore, blocking them would not mitigate the specific risk associated with the SMB vulnerability.

CompTIA Security+ (SY0-601) — Question 87

Answer options

Correct answer: B, F

Explanation