Computer Hacking Forensic Investigator (CHFI v10) — Question 181

After attending a CEH security seminar, you make a list of changes you would like to perform on your network to increase its security. One of the first things you change is to switch the RestrictAnonymous setting from 0 to 1 on your servers. This, as you were told, would prevent anonymous users from establishing a null session on the server. Using Userinfo tool mentioned at the seminar, you succeed in establishing a null session with one of the servers. Why is that?

Answer options

• A. RestrictAnonymous must be set to "10" for complete security
• B. RestrictAnonymous must be set to "3" for complete security
• C. RestrictAnonymous must be set to "2" for complete security
• D. There is no way to always prevent an anonymous null session from establishing

Correct answer: C

Explanation

The correct answer is C because setting RestrictAnonymous to 2 will prevent anonymous users from establishing null sessions, while lower settings like 1 do not provide adequate security. Options A and B suggest incorrect values for complete security, and option D is misleading as proper configuration can significantly reduce the risk of null sessions.