CompTIA Security+ (SY0-701) — Question 409

A penetration tester finds an unused Ethernet port during an on-site penetration test. Upon plugging a device into the unused port, the penetration tester notices that the machine is assigned an IP address, allowing the tester to enumerate the local network. Which of the following should an administrator implement in order to prevent this situation from happening in the future?

Answer options

• A. Port security
• B. Transport Layer Security
• C. Proxy server
• D. Security zones

Correct answer: A

Explanation

Implementing port security helps to control access to the network by limiting the devices that can connect to a port, preventing unauthorized access. The other options, such as Transport Layer Security and proxy servers, do not directly address the issue of unused ports being exploited. Security zones are more about segmenting network areas rather than controlling individual port access.