768    Appendix • Self Test Appendix


              B. IPX/SPX should be explicitly denied as it would not be necessary on a TCP/IP-based net-
                 work and could serve as a security risk.
              Answer A is incorrect because TCP/IP would be required in order for the remote system to
                 function on the network.Answer C is incorrect because NETBIOS is not a routable protocol.
                 Answer D is incorrect because since CDP is a proprietary protocol for Cisco devices, the RAS
                 would not have the ability to explicitly deny this protocol.

              14. The screenshot below is from a file server on your corporate network.You had a suspicion
                  that there were some services running on the system that were unnecessary. By performing a
                  ‘netstat –a’ you confirmed that there is a service listening on a well-known port which is not
                  necessary for a file server.Which service is this?

             Figure 1.17 Netstat Screenshot




























                  A. POP3
                  B. Oracle RDBMS
                  C. HTTP
                  D. SNMP
              C. HTTP uses port 80 which is shown as being in a listening state on this system. HTTP is not
                 necessary for a file server and should be disabled.
              Answer A is incorrect because port 110 for POP3 is not shown in the screenshot.Answer B is
                 incorrect because port 1521 for the Oracle RDBMS Listener is not shown in the screenshot.
                 Answer D is incorrect because port 161 for SNMP is not shown in the screenshot.







          www.syngress.com