Exam CISSP topic 1 question 108 discussion

C. IM clients can utilize random port numbers. Through the perimeter lends me to think they are asking for firewall ports to open

Answer is C "IM clients find ways to tunnel through firewalls, creating risk. Most IM services come through well-publicized ports (5190 for AOL Instant Messenger, 1863 for MSN and 5050 for Yahoo), but IM clients also can exploit any open port on the firewall, including those used by other applications (such as Port 80 for Web and HTTP traffic). Some clients also can connect via peer-to-peer connections or establish connections on randomly negotiated ports." https://www.networkworld.com/article/2323048/top-5-im-security-risks.html

C. IM clients can utilize random port numbers. Random port numbers can make it difficult for traditional security measures to effectively control and secure IM traffic, as they can bypass standard port-based security policies. This can pose a significant challenge in monitoring and securing IM communications within the network perimeter.

Answer C) Network perimeter usually refers to firewall

Interoperability between IM clients from multiple vendors can pose a challenge because it often involves different protocols and standards. Ensuring security across diverse platforms and protocols can be complex, and vulnerabilities in one vendor's implementation can potentially affect the security of the entire communication system.

I go with B. After users awareness they are to be more vigilant and report more incidents. Whether those incidents are true or not it is a different story, but the fact they are more suspicious and they would report more incidents.

option A is the most significant challenge in securing instant messaging (IM) communications through the network perimeter. A. IM clients can interoperate between multiple vendors. The ability of IM clients to interoperate between multiple vendors poses a significant challenge for securing IM communications. Different IM clients may use different protocols, encryption methods, or security features, making it difficult to enforce consistent security measures across all IM communications. It requires careful configuration, compatibility testing, and ongoing monitoring to ensure that security controls are effective in a heterogeneous IM environment.

This question would be appropriate 10 years ago. Modern firewall solutions identify applications based on signatures and behavioural analysis, port based security is a pretty outdated concept, but in the context of this question, C is correct. If there was the option of simply switching the network on the phone from Wi-Fi to LTE/5G, I wouldn't hesitate to choose that option, because this would circumvent the entire security perimeter.

C. IM clients can utilize random port numbers. The use of random port numbers by IM clients can make it difficult to secure the organization's network perimeter. Because IM clients can use any available port, it can be challenging for network administrators to identify and block IM traffic. This makes it difficult to ensure that all IM traffic is being properly monitored and controlled, increasing the risk that sensitive information could be leaked or that malware could spread through the network. In addition, the use of random port numbers can allow IM clients to bypass firewalls and intrusion detection systems, making it harder to detect and prevent unauthorized access to the network.

It's easier to secure something that uses known or fixed port numbers.

Definetely C.

I think 'network perimeter' is the key words.