ISC2 Systems Security Certified Practitioner (SSCP) Practice Question
Your Windows Server 2019 file server sits on a flat network without a perimeter firewall. The server must accept SMB traffic on TCP port 445 only from the 10.10.0.0/16 corporate subnet; every other inbound connection must be denied, while outbound traffic for Windows Update and monitoring should remain unrestricted. In Windows Defender Firewall with Advanced Security, which configuration best fulfills these requirements while adhering to the principle of least privilege?
Set the inbound default action to Allow on all profiles, add a block rule for TCP 445 from any address except 10.10.0.0/16, and change the outbound default action to Block.
Leave both inbound and outbound default actions set to Allow and add an allow rule for TCP 445 from any address to simplify connectivity management.
Set the inbound default action to Block on all profiles, create a single allow rule for TCP 445 limited to remote addresses 10.10.0.0/16, and leave the outbound default action at Allow.
Disable Windows Defender Firewall and rely solely on router ACLs that permit TCP 445 from 10.10.0.0/16 while blocking other ports.
The safest approach is to start from a deny-all stance for inbound traffic and explicitly permit only the required service from the trusted source. Setting the inbound default action to Block ensures that any unsolicited connection not explicitly allowed is dropped. Adding a single allow rule for TCP 445 restricted to the 10.10.0.0/16 subnet lets only authorized workstations reach the share. Keeping the outbound default action at its normal Allow setting lets the server initiate the outbound sessions it needs for Windows Update and monitoring tools. The other options either open more ports than necessary, break required outbound connectivity, or disable the host-based firewall entirely, violating the least-privilege principle.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is the principle of least privilege?
Open an interactive chat with Bash
Why use TCP port 445, and how does SMB function on it?
Open an interactive chat with Bash
What is the purpose of setting outbound traffic to Allow?
Open an interactive chat with Bash
ISC2 Systems Security Certified Practitioner (SSCP)
Systems and Application Security
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
Pass with Confidence.
IT & Cybersecurity Package
You have hit the limits of our free tier, become a Premium Member today for unlimited access.
Military, Healthcare worker, Gov. employee or Teacher? See if you qualify for a Community Discount.
Monthly
$19.99 $11.99
$11.99/mo
Billed monthly, Cancel any time.
$19.99 after promotion ends
3 Month Pass
$44.99 $26.99
$8.99/mo
One time purchase of $26.99, Does not auto-renew.
$44.99 after promotion ends
Save $18!
MOST POPULAR
Annual Pass
$119.99 $71.99
$5.99/mo
One time purchase of $71.99, Does not auto-renew.
$119.99 after promotion ends
Save $48!
BEST DEAL
Lifetime Pass
$189.99 $113.99
One time purchase, Good for life.
Save $76!
What You Get
All IT & Cybersecurity Package plans include the following perks and exams .