Independence Day Deal! Unlock 25% OFF Today – Limited-Time Offer - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location PL
Mob_nav_barsMENU

CertNexus Exam CFR-410 Topic 9 Question 43 Discussion

Actual exam question for CertNexus's CFR-410 exam
Question #: 43
Topic #: 9
[All CFR-410 Questions]

A network security analyst has noticed a flood of Simple Mail Transfer Protocol (SMTP) traffic to internal clients. SMTP traffic should only be allowed to email servers. Which of the following commands would stop this attack? (Choose two.)

Show Suggested Answer Hide Answer
Suggested Answer: B, E

by Ellen at Sep 10, 2024, 05:46 PM

Limited Time Offer

25%

Off

Get Premium CFR-410 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Yoko
30 days ago
You know, if this was a real-life SMTP attack, the best solution would be to just unplug the whole network. That'll stop the traffic for sure! But I guess that's not very practical.
upvoted 0 times
...
Katina
1 months ago
I agree with Vincenza. Options C and D are the correct choices here. Blocking the SMTP port 25 is the way to go to stop this attack.
upvoted 0 times
In
15 days ago
I think option C is the correct choice.
upvoted 0 times
...
...
Queenie
1 months ago
Ha! Option E is clearly not the right answer. Blocking incoming traffic on port range 6881-6889 has nothing to do with stopping an SMTP attack. Someone's trying to be funny with that one.
upvoted 0 times
...
Natalya
1 months ago
I think Options A and B are incorrect because they are accepting SMTP traffic instead of blocking it. The question asks for a solution to stop the SMTP attack, so we need to drop the SMTP traffic.
upvoted 0 times
Avery
12 days ago
You're right, we need to drop the SMTP traffic to stop the attack.
upvoted 0 times
...
Brent
16 days ago
C) iptables -A INPUT -p tcp --dport 25 -j DROP
upvoted 0 times
...
Luis
19 days ago
A) iptables -A INPUT -p tcp --dport 25 -d x.x.x.x -j ACCEPT
upvoted 0 times
...
...
Vincenza
2 months ago
The correct answers are C and D. Option C blocks all incoming SMTP traffic, while Option D blocks all incoming FTP traffic. Blocking FTP is not relevant here, so Option D is not the right choice.
upvoted 0 times
Roslyn
1 months ago
C) iptables -A INPUT -p tcp --dport 25 -j DROP
upvoted 0 times
...
Roslyn
1 months ago
A) iptables -A INPUT -p tcp --dport 25 -d x.x.x.x -j ACCEPT
upvoted 0 times
...
...
Harris
2 months ago
I'm not sure about command E. I think it's better to focus on blocking SMTP traffic specifically, so I would go with commands A and C.
upvoted 0 times
...
Dominga
2 months ago
I agree with you, Artie. Command C will drop SMTP traffic and command E will drop traffic on ports commonly used for file sharing.
upvoted 0 times
...
Artie
3 months ago
I think the correct commands to stop the attack are C and E.
upvoted 0 times
...

Save Cancel
az-700  pass4success  az-104  200-301  200-201  cissp  350-401  350-201  350-501  350-601  350-801  350-901  az-720  az-305  pl-300  

Warning: Cannot modify header information - headers already sent by (output started at /pass.php:70) in /pass.php on line 77