Certified Information Systems Security Professional (CISSP) — Question 330

An organization is trying to secure instant messaging (IM) communications through its network perimeter. Which of the following is the MOST significant challenge?

Answer options

• A. IM clients can interoperate between multiple vendors.
• B. IM clients can run as executables that do not require installation.
• C. IM clients can utilize random port numbers.
• D. IM clients can run without administrator privileges.

Correct answer: C

Explanation

The most significant challenge is that IM clients can utilize random port numbers, which makes it difficult to monitor and control the traffic. While the other options present valid concerns, they do not pose as substantial a challenge to securing communications as the unpredictability of port numbers does.