A junior systems administrator performs a vulnerability scan on a newly deployed Linux server. The administrator uses the command nmap --script ftp-anon -p 21 <server_ip> and the output includes the line Anonymous FTP login allowed. Which of the following represents the most likely service misconfiguration causing this finding?
The FTP daemon's configuration file contains the directive anonymous_enable=YES.
A firewall rule is misconfigured, allowing traffic to port 21.
The default umask for the FTP user is set to an insecure value like 000.
The FTP service is running with root user privileges.
The correct answer is that the FTP daemon's configuration file, such as /etc/vsftpd.conf for vsftpd, contains the directive anonymous_enable=YES. This setting explicitly permits anonymous users to log in. The nmap --script ftp-anon command is specifically designed to check for this condition. Incorrect firewall rules would typically block or allow traffic at the network layer, but not control application-level user authentication. Running the service as root is a separate security risk but does not inherently enable anonymous login. An incorrect umask setting affects the default permissions of newly created files, not the ability to log in anonymously.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What does the directive `anonymous_enable=YES` do in the FTP daemon's configuration?
Open an interactive chat with Bash
What is the purpose of the `nmap --script ftp-anon` command?
Open an interactive chat with Bash
How does a misconfigured firewall differ from a service misconfiguration like `anonymous_enable=YES`?
Open an interactive chat with Bash
CompTIA Linux+ XK0-006 (V8)
Security
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
Pass with Confidence.
IT & Cybersecurity Package
You have hit the limits of our free tier, become a Premium Member today for unlimited access.
Military, Healthcare worker, Gov. employee or Teacher? See if you qualify for a Community Discount.
Monthly
$19.99
$19.99/mo
Billed monthly, Cancel any time.
3 Month Pass
$44.99
$14.99/mo
One time purchase of $44.99, Does not auto-renew.
MOST POPULAR
Annual Pass
$119.99
$9.99/mo
One time purchase of $119.99, Does not auto-renew.
BEST DEAL
Lifetime Pass
$189.99
One time purchase, Good for life.
What You Get
All IT & Cybersecurity Package plans include the following perks and exams .