ExamTopics Logo
Mail Us[email protected]
Menu
Comptia Discussions
exam questions

Exam CS0-003 All Questions

View all questions & answers for the CS0-003 exam
Go to Exam

Exam CS0-003 topic 1 question 362 discussion

Actual exam question from CompTIA's CS0-003
Question #: 362
Topic #: 1
[All CS0-003 Questions]

In the last hour, a high volume of failed RDP authentication attempts has been logged on a critical server. All of the authentication attempts originated from the same remote IP address and made use of a single valid domain user account. Which of the following mitigating controls would be most effective to reduce the rate of success of this brute-force attack? (Choose two.)

  • A. Increase the granularity of log-on event auditing on all devices.
  • B. Enable host firewall rules to block all outbound traffic to TCP port 3389.
  • C. Configure user account lockout after a limited number of failed attempts.
  • D. Implement a firewall block for the IP address of the remote system.
  • E. Install a third-party remote access tool and disable RDP on all devices.
  • F. Block inbound to TCP port 3389 from untrusted remote IP addresses at the perimeter firewall.
Show Suggested Answer Hide Answer
Suggested Answer: CF 🗳️
by iliecomptia at April 16, 2025, 9:21 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
iliecomptia
3 days, 4 hours ago
Selected Answer: CF
A - This is related to monitoring, not mitigation, and does not address the issue. B - This is plain wrong, why would you block outbound traffic, when the auth attempts are inbound D - This is not practical, as the attacker could simply change the IP E - This seems like overkill, also this more of an avoid tactic as you disable RDP altogether C and F are the most practical in this case.
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago