A network administrator detects unknown sessions involving port 21 on the network. What could be causing this security breach?
- An FTP Trojan horse is executing.
- A reconnaissance attack is occurring.
- A denial-of-service attack is occurring.
- Cisco Security Agent is testing the network.
Explanation: Network security personnel must be familiar with port numbers in order to identify the service being attacked. Well-known port number 21 is used to initiate an FTP connection to an FTP server. Well-known port 20 is then used to transfer data between the two devices. If the device connecting to the FTP server is unknown and launching an attack, the type of attack might be an FTP Trojan horse.
More Questions: CCNA Cyber Ops (v1.1) – Chapter 6 Exam Answers