A systems administrator changes the default port for the SSH service on a public-facing server from 22 to 2022. The administrator believes this single change is sufficient to protect the service from unauthorized access. Which of the following statements BEST describes the security implications of this action?
It effectively prevents all brute-force attacks by making the service undiscoverable.
It eliminates the need for future security patches for the SSH service.
It is a form of security through obscurity and is not sufficient on its own to prevent targeted attacks.
It encrypts the SSH traffic, which was previously unencrypted on the default port.
Changing the default port for a service is a form of 'security through obscurity.' While it can reduce the number of automated attacks and scans that target the default port, it is not a sufficient security control by itself. Determined attackers can use port scanning tools to discover services running on non-standard ports. Therefore, this action only provides a minor layer of defense and should be combined with other security controls like strong authentication, firewalls, and intrusion detection systems for comprehensive protection. The other options are incorrect because this action does not stop targeted attacks, does not encrypt traffic, and does not eliminate the need for patching; the service itself remains just as vulnerable as it was before.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is security by obscurity?
Open an interactive chat with Bash
What are some examples of proper security controls?