An organization wants to enhance the security of its RDP setup due to increased threats targeting remote desktop services. The network administrator is tasked with reconfiguring the Windows Server to allow RDP connections only over a more secure port, different from the default. Which of the following would be a secure alternative to configure on the server's firewall to still facilitate RDP usage?
Remote Desktop Protocol listens on TCP/UDP port 3389 by default. Administrators can change that listening port to any unassigned high-numbered value (for example, 4992). Changing to a non-standard port does not harden RDP by itself, but it does hide the service from many automated scans that target port 3389, thereby lowering the volume of opportunistic attacks. Ports 21 (FTP), 25 (SMTP), and 161 (SNMP) are reserved for other well-known services; using one of those would create conflicts and provide no additional security benefit.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
Why is 4992 considered a secure alternative port for RDP?
Open an interactive chat with Bash
What other steps can be taken to secure RDP besides changing the default port?
Open an interactive chat with Bash
Why are ports like 21, 25, and 161 inappropriate for RDP usage?